1. Buy here:
http://theperfecthomework.com/cmit-321-final-exam-201
6-version/
Final Exam
Question 1 1 / 1 point
__________ is the exploitation of an organization's telephone, dial, and private branch
exchange (PBX) system to infiltrate the internal network in order to abuse computing
resources.
a. War driving
b. Line dialing
c. PBX driving
d. War dialing
View Feedback
Question 2 1 / 1 point
__________ cryptography is the most common method on the Internet for authenticating a
message sender or encrypting a message.
2. a. Symmetric
b. Hash-based
c. Private-key
d. Public-key
View Feedback
Question 3 1 / 1 point
__________ is a lightweight Knoppix version cut to 50 MB for a business-card-sized CD.
a. Gnoppix
b. GeeXboX
c. Morphix
d. Damn Small Linux
View Feedback
Question 4 1 / 1 point
The __________ utility tests the integrity of an ODBC data source.
3. a. odbcping
b. ASPRunner
c. FlexTracer
d. DbEncrypt
View Feedback
Question 5 1 / 1 point
In the TCP/IP stack, the __________ layer is where applications and protocols, such as
HTTP and Telnet, operate.
a. Internet
b. network
c. transport
d. application
View Feedback
Question 6 1 / 1 point
4. Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error.
They can fill in the username and password fields with __________.
a. a pound sign
b. two dashes
c. a single quotation mark
d. double quotes
View Feedback
Question 7 1 / 1 point
__________ allow attackers to pass malicious code to different systems via a web
application.
a. SQL injection attacks
b. XSS vulnerabilities
c. Authentication hijacking attacks
d. Command injection flaws
View Feedback
5. Question 8 1 / 1 point
A __________ is a trusted entity that signs certificates and can vouch for the identity of the
user and the user's public key.
a. verification authority
b. certification authority
c. validation authority
d. registration authority
View Feedback
Question 9 1 / 1 point
Null sessions require access to TCP port __________.
a. 139
b. 141
c. 345
d. 349
View Feedback
6. Question 10 1 / 1 point
__________ is a command-line utility provided by Microsoft with SQL Server 2000 (and
Microsoft SQL Server 2000 Desktop Engine) that allows users to issue queries to the server.
a. ODBC
b. SQLP
c. OSQL
d. SSRS
View Feedback
Question 11 1 / 1 point
The __________ file is used to determine which TTY devices the root user is allowed to log
in to.
a. /usr/securetty
b. /etc/securetty
c. /var/securetty
d. /home/securetty
7. View Feedback
Question 12 1 / 1 point
__________ can monitor a Simple Mail Transfer Protocol (SMTP) server regularly after
connecting to it.
a. CheckOK
b. SMTPCheck
c. SMTPMon
d. SLCheck
View Feedback
Question 13 1 / 1 point
__________ is a method of gaining access to sensitive data in a Bluetooth-enabled device.
a. Bluebugging
b. Bluesnarfing
c. BTKeylogging
8. d. Blueprinting
View Feedback
Question 14 1 / 1 point
__________ is a simple form of attack aimed directly at the application's business logic.
a. Authentication hijacking
b. Parameter tampering
c. Cookie poisoning
d. Session poisoning
View Feedback
Question 15 1 / 1 point
Once the Oracle database server has been traced, the first port of call is made to the
__________ listener.
a. SQL
b. TNS
9. c. TCP
d. PL/SQL
View Feedback
Question 16 1 / 1 point
__________ is a common and easy form of SQL injection. The technique involves evading
the logon forms.
a. Command injection
b. SELECT bypass
c. INSERT injection
d. Authorization bypass
View Feedback
Question 17 1 / 1 point
__________ gathering is the process of accumulating information from resources like the
Internet that can later be analyzed as business intelligence.
a. Competitive intelligence
10. b. Tracerouting
c. Passive information
d. Footprinting
View Feedback
Question 18 1 / 1 point
__________, formerly called AppTapp, is a tool for jailbreaking and installing nonsanctioned
third-party applications on the iPhone.
a. iFuntastic
b. iNdependence
c. iActivator
d. AppSnapp
View Feedback
Question 19 1 / 1 point
Firefox 2.0.0.11 cannot correctly interpret single quotation marks and spaces during
authentication. This is called the __________ value of an authentication header.
11. a. registration
b. site
c. domain
d. realm
View Feedback
Question 20 1 / 1 point
Private data stored by Firefox can be quickly deleted by selecting __________ in the Tools
menu.
a. Clear History
b. Clear Private Data
c. Delete Private Data
d. Delete History
View Feedback
Question 21 1 / 1 point
12. A(n) __________ is a custom command in Linux that is a substitute for a formal command
string.
a. user string
b. system link
c. alias
d. link
View Feedback
Question 22 1 / 1 point
A __________ is a device that cannot function in any capacity.
a. block
b. brick
c. rock
d. cage
View Feedback
13. Question 23 0 / 1 point
__________ involves plotting the tables in the database.
a. Database enumeration
b. Database footprinting
c. Table footprinting
d. Table enumeration
View Feedback
Question 24 1 / 1 point
A __________ is a device that receives digital signals and converts them into analog
signals, and vice versa.
a. firewall
b. proxy
c. hub
d. modem
View Feedback
14. Question 25 1 / 1 point
Which of the following types of tools would be most effective in cracking UNIX passwords?
a. Ophcrack
b. KerbCrack
c. John the Ripper
d. RainbowCrack
View Feedback
Question 26 1 / 1 point
SQL Server, like other databases, delimits queries with a __________.
a. colon
b. period
c. semicolon
d. comma
View Feedback
15. Question 27 1 / 1 point
__________ is a unique 15- or 17-digit code used to identify a mobile station to a GSM
network.
a. IMEI
b. SIMID
c. SIM
d. PhoneID
View Feedback
Question 28 1 / 1 point
Which of the following password attacks is conducted using nontechnical means?
a. hybrid
b. brute force
c. social engineering
d. rainbow tables
16. View Feedback
Question 29 1 / 1 point
In __________-level hijacking, the attacker obtains the session IDs to get control of an
existing session or to create a new, unauthorized session.
a. network
b. data link
c. transport
d. application
View Feedback
Question 30 1 / 1 point
Which of the tools listed below can be used to execute code on remote Windows systems?
a. X.exe
b. PsExec
c. Rsync