Question details

CMIT 321 Final Exam/CMIT 321 Final Exam
$ 60.00

 Final Exam

Question 1                          1 / 1 point

__________ is the exploitation of an organization’s telephone, dial, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources.

 War driving

 Line dialing

 PBX driving

 War dialing

View Feedback

Question 2                          1 / 1 point

__________ cryptography is the most common method on the Internet for authenticating a message sender or encrypting a message.

 Symmetric

 Hash-based

 Private-key

 Public-key

View Feedback

Question 3                          1 / 1 point

__________ is a lightweight Knoppix version cut to 50 MB for a business-card-sized CD.

 Gnoppix

 GeeXboX

 Morphix

 Damn Small Linux

View Feedback

Question 4                          1 / 1 point

The __________ utility tests the integrity of an ODBC data source.

 odbcping

 ASPRunner

 FlexTracer

 DbEncrypt

View Feedback

Question 5                          1 / 1 point

In the TCP/IP stack, the __________ layer is where applications and protocols, such as HTTP and Telnet, operate.

 Internet

 network

 transport

 application

View Feedback

Question 6                          1 / 1 point

Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error. They can fill in the username and password fields with __________.

 a pound sign

 two dashes

 a single quotation mark

 double quotes

View Feedback

Question 7                          1 / 1 point

__________ allow attackers to pass malicious code to different systems via a web application.

 SQL injection attacks

 XSS vulnerabilities

 Authentication hijacking attacks

 Command injection flaws

View Feedback

Question 8                          1 / 1 point

A __________ is a trusted entity that signs certificates and can vouch for the identity of the user and the user’s public key.

 verification authority

 certification authority

 validation authority

 registration authority

View Feedback

Question 9                          1 / 1 point

Null sessions require access to TCP port __________.

 139

 141

 345

 349

View Feedback

Question 10                        1 / 1 point

__________ is a command-line utility provided by Microsoft with SQL Server 2000 (and Microsoft SQL Server 2000 Desktop Engine) that allows users to issue queries to the server.

 ODBC

 SQLP

 OSQL

 SRS

View Feedback

Question 11                        1 / 1 point

The __________ file is used to determine which TTY devices the root user is allowed to log in to.

 /usr/securetty

 /etc/securetty

 /var/securetty

 /home/securetty

View Feedback

Question 12                        1 / 1 point

__________ can monitor a Simple Mail Transfer Protocol (SMTP) server regularly after connecting to it.

 CheckOK

 SMTPCheck

 SMTPMon

 SLCheck

View Feedback

Question 13                        1 / 1 point

__________ is a method of gaining access to sensitive data in a Bluetooth-enabled device.

 Bluebugging

 Bluesnarfing

 BTKeylogging

 Blueprinting

View Feedback

Question 14                        1 / 1 point

__________ is a simple form of attack aimed directly at the application’s business logic.

 Authentication hijacking

 Parameter tampering

 Cookie poisoning

 Session poisoning

View Feedback

Question 15                        1 / 1 point

Once the Oracle database server has been traced, the first port of call is made to the __________ listener.

 SQL

 TNS

 TCP

 PL/SQL

View Feedback

Question 16                        1 / 1 point

__________ is a common and easy form of SQL injection. The technique involves evading the logon forms.

 Command injection

 SELECT bypass

 INSERT injection

 Authorization bypass

View Feedback

Question 17                        1 / 1 point

__________ gathering is the process of accumulating information from resources like the Internet that can later be analyzed as business intelligence.

 Competitive intelligence

 Tracerouting

 Passive information

 Footprinting

View Feedback

Question 18                        1 / 1 point

__________, formerly called AppTapp, is a tool for jailbreaking and installing nonsanctioned third-party applications on the iPhone.

 iFuntastic

 iNdependence

 iActivator

 AppSnapp

View Feedback

Question 19                        1 / 1 point

Firefox 2.0.0.11 cannot correctly interpret single quotation marks and spaces during authentication. This is called the __________ value of an authentication header.

 registration

 site

 domain

 realm

View Feedback

Question 20                        1 / 1 point

Private data stored by Firefox can be quickly deleted by selecting __________ in the Tools menu.

 Clear History

 Clear Private Data

 Delete Private Data

 Delete History

View Feedback

Question 21                        1 / 1 point

A(n) __________ is a custom command in Linux that is a substitute for a formal command string.

 user string

 system link

 alias

 link

View Feedback

Question 22                        1 / 1 point

A __________ is a device that cannot function in any capacity.

 block

 brick

 rock

 cage

View Feedback

Question 23                        0 / 1 point

__________ involves plotting the tables in the database.

 Database enumeration

 Database footprinting

 Table footprinting

 Table enumeration

View Feedback

Question 24                        1 / 1 point

A __________ is a device that receives digital signals and converts them into analog signals, and vice versa.

 firewall

 proxy

 hub

 modem

View Feedback

Question 25                        1 / 1 point

Which of the following types of tools would be most effective in cracking UNIX passwords?

 Ophcrack

 KerbCrack

 John the Ripper

 RainbowCrack

View Feedback

Question 26                        1 / 1 point

SQL Server, like other databases, delimits queries with a __________.

 colon

 period

 semicolon

 comma

View Feedback

Question 27                        1 / 1 point

__________ is a unique 15- or 17-digit code used to identify a mobile station to a GSM network.

 IMEI

 SIMID

 SIM

 PhoneID

View Feedback

Question 28                        1 / 1 point

Which of the following password attacks is conducted using nontechnical means?

 hybrid

 brute force

 social engineering

 rainbow tables

View Feedback

Question 29                        1 / 1 point

In __________-level hijacking, the attacker obtains the session IDs to get control of an existing session or to create a new, unauthorized session.

network

data link

transport

application

View Feedback

Question 30                        1 / 1 point

Which of the tools listed below can be used to execute code on remote Windows systems?

X.exe

PsExec

Rsync

Ghost

View Feedback

Question 31                        1 / 1 point

Kaspersky is used as __________.

a hacking tool against PDAs

a hacking tool against IPHONEs

a hacking tool against IPODs

an antivirus for Windows Mobile

View Feedback

Question 32                        1 / 1 point

__________ viruses search all drives and connected network shares to locate files with an EXE or SCR extension.

W32/Madang-Fam

W32/Hasnot-A

W32/Fujacks-AK

W32/Fujacks-E

View Feedback

Question 33                        1 / 1 point

What is the difference between online and offline password attacks?

Online attacks are conducted against people using the Internet, and offline attacks are conducted against people on private networks.

 

Online attacks target passwords or their representations as they traverse a network, and offline attacks focus on stored passwords.

Online attacks are used to gain access to systems, and offline attacks are used to knock systems off the network.

Offline attacks target passwords or their representations as they traverse a network, and online attacks focus on stored passwords.

View Feedback

Question 34                        0 / 1 point

__________ synchronizes the information between a Palm device and a desktop PC.

HotSync

ActiveSync

PocketSync

PalmSync

View Feedback

Question 35                        1 / 1 point

__________ is a type of computer architecture in which multiple processors share the same memory and are each assigned different tasks to perform.

Xcode

Multitasking

Cocoa

Symmetric multiprocessing

View Feedback

Question 36                        1 / 1 point

__________ hackers are information security professionals who specialize in evaluating, and defending against, threats from attackers.

Gray-hat

Black-hat

Consulting

Ethical

View Feedback

Question 37                        1 / 1 point

An __________ share is a hidden share that allows communication between two processes on the same system.

SMC

IPC

EPC

SMB

View Feedback

Question 38                        1 / 1 point

The __________ method appends data in the URL field.

POST

GET

APPEND

URL

View Feedback

Question 39                        1 / 1 point

__________ is a lightweight substitute for telnet that enables the execution of processes on other systems, eliminating the need for manual installation of client software.

PsExec

Alchemy Remote Executor

Emsa FlexInfo Pro

RemoteApp

View Feedback

Question 40                        1 / 1 point

__________ is a back-end GPL tool that works directly with any RFID ISO-reader to make the content stored on the RFID tags accessible.

RFDump

RFReader

RFReceiver

RFExplorer

View Feedback

Question 41                        1 / 1 point

__________ is a parallelized login cracker that supports numerous protocols for attack.

ADMsnmp

SING

Hydra

John the Ripper

View Feedback

Question 42                        1 / 1 point

IT __________ are designed to evaluate an organization’s security policies and procedures.

ping sweeps

vulnerability assessments

penetration tests

security audits

View Feedback

Question 43                        1 / 1 point

__________ is the act of gathering information about the security profile of a computer system or organization, undertaken in a methodological manner.

Tracerouting

Passive information gathering

Footprinting

Competitive intelligence gathering

View Feedback

Question 44                        1 / 1 point

__________ is a command-line interface for Microsoft SQL Server that allows an attacker to execute commands on the underlying operating system, execute SQL queries, and upload files to a remote server.

SQLExec

Absinthe

Sqlninja

SQLSmack

View Feedback

Question 45                        1 / 1 point

__________ occurs when hackers break into government or corporate computer systems as an act of protest.

Hacktivism

Cyber terrorism

Cybercrime

Suicide hacking

View Feedback

Question 46                        1 / 1 point

Mac OS X includes __________, a collection of frameworks, APIs, and accompanying runtimes that allows for a host of open-source web, database, scripting, and development technologies.

Cocoa

Coffee

Bean

Xcode

View Feedback

Question 47                        1 / 1 point

__________ is usually employed when the attacker discerns that there is a low probability that these reconnaissance activities will be detected.

Social engineering

Direct information gathering

Active reconnaissance

Inactive reconnaissance

View Feedback

Question 48                        1 / 1 point

__________ is a programming language that permits website designers to run applications on the user’s computer.

Java

Ruby

Python

Smalltalk

View Feedback

Question 49                        1 / 1 point

_________ hijacking is a hacking technique that uses spoofed packets to take over a connection between a victim and a target machine.

ACK

Blind

TCP/IP

Network-level

View Feedback

Question 50                        1 / 1 point

In order for traffic to get back to the attacker during session hijacking, a process called __________ is used that allows the sender to specify a particular route for the IP packet to take to the destination.

desynchronization

source routing

spoofing

TCP routing

View Feedback

Question 51                        1 / 1 point

__________ is a worm for Windows XP that downloads and executes malicious files on the compromised computer and spreads through removable storage devices.

HTTP W32.Drom

W32/VBAut-B

W32/QQRob-ADN

W32/SillyFDC-BK

View Feedback

Question 52                        1 / 1 point

The Java-based __________ worm spreads through Bluetooth and affects unprotected Mac OS X 10.4 systems.

OSX/Leap-A

AppHook.B

Inqtana.A

BTHook-A

View Feedback

Question 53                        1 / 1 point

__________ is a virus targeted against mobile personal digital assistant devices.

Skulls

Brador

Doomboot.A

Podloso

View Feedback

Question 54                        1 / 1 point

The __________ stores confidential information that is accessible only from inside the organization.

public website

confidential website

private website

external website

View Feedback

Question 55                        1 / 1 point

__________ is the unauthorized alteration of routing tables.

Route poisoning

Routing table spoofing

Routing table poisoning

Route spoofing

View Feedback

Question 56                        1 / 1 point

__________ automatically scans a computer, looking for cookies created by Internet Explorer, Mozilla Firefox, and Netscape Navigator, and then displays the data stored in each one.

Cookie Viewer

Cookie Explorer

Cookie Browser

Cookie Manager

View Feedback

Question 57                        1 / 1 point

__________ is a tool that administrators can use to test the reliability of their critical systems and determine what actions they must take to fix any problems.

DbEncrypt

AppDetective

Selective Audit

AppRadar

View Feedback

Question 58                        1 / 1 point

The __________ script allows a remote user to view the code of server-side scripts.

Showlogin.asp

Showcode.asp

RemoteAccess.asp

Remotelogin.asp

View Feedback

Question 59                        1 / 1 point

__________ is a method in which a sniffer is used to track down a conversation between two users.

A man-in-the-middle (MITM) attack

Session hijacking

IP spoofing

Network tapping

View Feedback

Question 60                        1 / 1 point

__________ is a small utility that lists all USB devices currently connected to a computer, as well as all previously used USB devices.

MyUSBOnly

USB Blocker

USB CopyNotify!

USBDeview

View Feedback

Question 61                        1 / 1 point

After gaining access, what is the attacker’s next goal?

Cover their tracks.

Start denial-of-service attacks.

Find ways to maintain access.

None of the above.

View Feedback

Question 62                        1 / 1 point

__________ is an HTTP authentication brute-force program. It attempts to guess passwords for basic HTTP authentication by logging in to a web server.

Authforce

ObiWaN

Hydra

Cain & Abel

View Feedback

Question 63                        1 / 1 point

__________ record the parts of the website visited and can contain identifying information.

Logs

Records

Cookies

Certificates

View Feedback

Question 64                        1 / 1 point

Web applications have a three-layered architecture consisting of presentation, logic, and __________.

application

data layers

transport

HTTP

View Feedback

Question 65                        1 / 1 point

__________ is a Linux security feature that enables a user to choose the directory that an application can access.

Chroot

Sandbox

Jailroot

Rootjail

View Feedback

Question 66                        1 / 1 point

There are several aspects to security, and the owner of a system should have confidence that the system will behave according to its specifications. This is called __________.

confidentiality

reusability

accountability

assurance

View Feedback

Question 67                        1 / 1 point

The __________ command displays the ARP table and is used to modify it.

ifconfig -arp

arp-table

netstat -arp

arp

View Feedback

Question 68                        0 / 1 point

__________ detects and monitors Bluetooth devices in a wireless network. It provides information about the features of each device and the services provided by it.

Bluetooth Network Scanner

BlueFire Mobile Security

BlueAuditor

BlueWatch

View Feedback

Question 69                        1 / 1 point

Which of the following statements best describes a penetration test?

A penetration test is using a password cracker to gain access to a system.

 A penetration test is an attempt to simulate methods used by attackers to gain unauthorized access to a computer system.

 

A penetration test is the act of hacking computer systems; it is used by criminals to attack legitimate organizations.

A penetration test is an audit of an organization’s security policies and procedures.

View Feedback

Question 70                        1 / 1 point

Which website can an ethical hacker visit to see web pages from 2002?

www.symantec.com

www.archive.org

www.oldwebsites.net

www.historyoftheinternet.com

View Feedback

Question 71                        1 / 1 point

__________ provides a complete view for monitoring and analyzing activity within USB host controllers, USB hubs, and USB devices.

USB PC Lock

USBlyzer

Advanced USB Monitor

Virus Chaser USB

View Feedback

Question 72                        1 / 1 point

The __________ is due to a canonicalization error in IIS 4.0 and 5.0 that allows an attacker to use malformed URLs to access files and folders located on the logical drive that includes web folders.

canonicalization vulnerability

::$DATA vulnerability

Unicode directory traversal vulnerability

Msw3prt IPP vulnerability

View Feedback

Question 73                        1 / 1 point

A __________ attack adds numbers or symbols to a dictionary file’s contents to crack a password successfully.

brute-force

dictionary

hybrid

parameter manipulation

View Feedback

Question 74                        1 / 1 point

Only __________ scan is valid while scanning a Windows system.

SYN

Null

FIN

Xmas

View Feedback

Question 75                        1 / 1 point

Ethical hackers use their knowledge and skills to __________.

learn the details of computer systems and enhance their capabilities

attack government and commercial businesses

develop new programs or reverse-engineer existing software to make it more efficient

defend networks from malicious attackers

View Feedback

Question 76                        1 / 1 point

Tripwire protects against Trojan horse attacks by __________.

blocking the port that the Trojan program is listening on

removing any Trojan horse programs found on the system

detecting unexpected changes to a system utility file that may indicate it had been replaced by a Trojan horse

quarantining any Trojan horse programs discovered on the system

View Feedback

Question 77                        1 / 1 point

The ISAPI extension responsible for IPP is __________.

msisapi.dll

msw3prt.dll

msipp5i.dll

isapiipp.dll

View Feedback

Question 78                        1 / 1 point

__________ is a protocol used to create, modify, and terminate sessions such as VOIP.

SMS

SIP

GSMA

GPRS

View Feedback

Question 79                        1 / 1 point

A(n) __________ is a specific way to breach the security of an IT system through a vulnerability.

hole

exposure

exploit

threat

View Feedback

Question 80                        1 / 1 point

__________ is a portable, battery-powered device that mediates interactions between RFID readers and RFID tags.

RSA blocker tag

RFID Firewall

RFID Guardian

Kill switch

View Feedback

Question 81                        1 / 1 point

Which of the statements below correctly describes a dictionary attack against passwords?

It is an attack that tries every combination of characters until a correct password is identified.

It is an attack that uses a list of words to guess passwords until a correct password is identified.

It is an attack that uses a list of words and appends additional numbers or characters to each word until a correct password is identified.

It is an attack that uses precomputed values until a correct password is identified.

View Feedback

Question 82                        0 / 1 point

The __________ are the agreed-on guidelines for a penetration test.

rules of engagement

project scope statements

test requirements

service-level agreements (SLAs)

View Feedback

Question 83                        1 / 1 point

The Network News Transport Protocol service uses port __________.

110

119

135

139

View Feedback

Question 84                        1 / 1 point

A(n) __________ is the logical, not physical, component of a TCP connection.

ISN

socket

port

SYN

View Feedback

Question 85                        1 / 1 point

__________ reconnaissance is a hacker’s attempt to scout for or survey potential targets and then investigate the target using publicly available information.

Active

Passive

Public

Open

View Feedback

Question 86                        1 / 1 point

A __________, also called a packet analyzer, is a software program that can capture, log, and analyze protocol traffic over the network and decode its contents.

sniffer

recorder

logger

tapper

View Feedback

Question 87                        1 / 1 point

__________ is, simply enough, looking through an organization’s trash for any discarded sensitive information.

Trash diving

Trash carving

Dumpster searching

Dumpster diving

View Feedback

Question 88                        1 / 1 point

__________ is a secure method of posting data to the database.

 

URL

SQL

GET

POST

View Feedback

Question 89                        1 / 1 point

How do you defend against privilege escalation?

Use encryption to protect sensitive data.

Restrict the interactive logon privileges.

Run services as unprivileged accounts.

Run users and applications on the least privileges.

View Feedback

Question 90                        1 / 1 point

When an ethical hacker uses nslookup, which protocol are they querying?

DNS

HTTPS

SMB

NTP

View Feedback

Question 91                        1 / 1 point

Bluetooth-enabled devices communicate via short-range, ad hoc networks known as __________.

piconets

uninets

btnets

pans

View Feedback

Question 92                        1 / 1 point

The act of hiding data within or behind other data is known as __________.

encoding

encryption

steganography

fuzzing

View Feedback

Question 93                        1 / 1 point

A __________ occurs when a connection between the target and host is in the established state, or in a stable state with no data transmission, or the server’s sequence number is not equal to the client’s acknowledgment number, or the client’s sequence number is not equal to the server’s acknowledgment number.

synchronization state

blind hijacking

source routing

desynchronization state

View Feedback

Question 94                        1 / 1 point

__________ are software applications that run automated tasks over the Internet.

Zombies

Spiders

Bots

Crawlers

View Feedback

Question 95                        1 / 1 point

Which of the following definitions best describes a wrapper?

A wrapper is a packet-crafting technique used to perform stealthy port scans.

A wrapper is an encryption tool used to hide messages inside image files.

A wrapper is a method of hiding a virus inside an executable file.

A wrapper is a tool used to bind a Trojan to a legitimate file.

View Feedback

Question 96                        1 / 1 point

In a hit-and-run attack, __________.

the attacker constantly injects bad packets into the router

the attacker mistreats packets, resulting in traffic congestion

the attacker injects a few bad packets into the router

the attacker alters a single packet, resulting in denial of service

View Feedback

Question 97                        1 / 1 point

__________ is a command-line TCP/IP packet assembler/analyzer.

Hping2

Firewalk

WUPS

Blaster Scan

View Feedback

Question 98                        1 / 1 point

The __________ tool traces various application calls from Windows API functions to the Oracle Call Interface.

ASPRunner

FlexTracer

odbcping

SQL Query Analyzer

View Feedback

Question 99                        1 / 1 point

With the __________ tool, you can ping multiple IP addresses simultaneously.

Fping

Nmap

Nessus

Unicornscan

View Feedback

Question 100                     1 / 1 point

Attackers use a technique called __________ to exploit the system by pretending to be legitimate users or different systems.

identity theft

impersonation

spoofing

flooding

View Feedback

Question 101                     1 / 1 point

__________ is a Microsoft-proprietary protocol that authenticates users and computers based on an authentication challenge and response.

LMLAN

Kerberos

NTLM

NTLAN

View Feedback

Question 102                     1 / 1 point

__________ reconstructs a device’s Bluetooth PIN and link key from data sniffed during a pairing session.

Blooover

Hidattack

BTCrack

Cabir and Mabir

View Feedback

Question 103                     1 / 1 point

This type of port scanning technique splits a TCP header into several packets so that the packet filters cannot detect what the packets intend to do.

UDP scanning

IP fragment scanning

inverse TCP flag scanning

ACK flag scanning

View Feedback

Question 104                     1 / 1 point

__________ is an application that, when installed on a system, runs a background process that silently copies files from any USB flash drive connected to it.

USB Switchblade

USBDumper

USB Hacksaw

USB Copy ’em all

View Feedback

Question 105                     1 / 1 point

__________ is an application that identifies all Bluetooth-enabled devices, their communications, and their connectivity within a given area.

BlueSweep

BlueWatch

BlueKey

BlueFire Mobile

View Feedback

Question 106                     1 / 1 point

__________ URLs, or intranets, are private links that only a company’s employees use.

Internal

Private

Organizational

Domain

View Feedback

Question 107                     1 / 1 point

In Internet Explorer, the __________ zone is a security zone for sites that the user has designated as safe to visit.

user sites

legal sites

white list

trusted sites

View Feedback

Question 108                     1 / 1 point

Which of the following is not a category of security assessment?

security audit

rootkit detection

vulnerability assessment

penetration testing

View Feedback

Question 109                     1 / 1 point

A hacker has successfully used a tool to intercept communications between two entities and establish credentials with both sides of the connection. The two remote ends of the communication never notice that the attacker is relaying the information between the two. This is called a(n) __________ attack.

man-in-the-middle

interceptoring

MAC poisoning attack

firewalking

View Feedback

Question 110                     1 / 1 point

__________ is a cable modem hacking program. It performs the task of uncapping by incorporating all the uncapping steps into one program.

Yersinia

OneStep: ZUP

Zebra

Solar Winds MIB Browser

View Feedback

Question 111                     1 / 1 point

Information on all Linux accounts is stored in the __________ and /etc/shadow files.

/etc/conf

/etc/passwd

/etc/password

/conf/passwd

View Feedback

Question 112                     1 / 1 point

Which type of penetration test is conducted with absolutely no prior knowledge of the target environment?

white-box testing

gray-box testing

red-hat testing

black-box testing

View Feedback

Question 113                     1 / 1 point

Redirections for URLs are handled with the __________ URL handler, which can cause errors in older versions of Internet Explorer.

goto:

mdir:

mhtml:

redir:

View Feedback

Question 114                     1 / 1 point

Traceroute uses the __________ field in an IP packet to determine how long it takes to reach a target host and whether that host is reachable and active.

IHL

flags

TOS

TTL

View Feedback

Question 115                     1 / 1 point

Which of the following is not a Microsoft Internet Information Services vulnerability?

::$DATA vulnerability

UFS integer overflow vulnerability

Showcode.asp vulnerability

WebDAV/RPC exploits

View Feedback

Question 116                     1 / 1 point

Which of the following statements best describes the rules of engagement for a penetration test?

The rules of engagement are the systems that a tester can knock offline during a penetration test.

The rules of engagement are the agreed-upon guidelines for a penetration test, including desired code of conduct and procedures.

The rules of engagement define the service-level agreement and scope of a penetration test.

The rules of engagement include the insurance and risk management associated with third-party testing.

View Feedback

Question 117                     1 / 1 point

The __________ service is responsible for sending a response packet that contains connection details to clients who send a specially formed request.

SSRS

OSQL

ODBC

SQLP

View Feedback

Question 118                     1 / 1 point

The RFID __________ policy establishes the framework for many other security controls. It provides a vehicle for management to communicate its expectations regarding the RFID system and its security.

security

physical access

secure disposal

usage

View Feedback

Question 119                     1 / 1 point

A __________ is a set of related programs, usually located at a network gateway server, that protect the resources of a private network from other network users.

firewall

proxy

packet filter

router

View Feedback

Question 120                     1 / 1 point

While conducting an ethical penetration test in Europe, which Regional Internet Registry (RIR) would you use?

APNIC

RIPE NCC

ARIN

LACNIR

View Feedback

Question 121                     1 / 1 point

__________ is a tool for performing automated attacks against web-enabled applications.

cURL

dotDefender

Burp Intruder

AppScan

View Feedback

Question 122                     1 / 1 point

If the supplied data does not fit within the size constraints of a single packet, the data is spread among multiple packets in a process known as __________.

framing

separation

fragmentation

division

View Feedback

Question 123                     1 / 1 point

__________ is a nonvoice service available with most GSM networks.

CDMA

EDO

EDVA

GPRS

View Feedback

Question 124                     1 / 1 point

The information resource or asset that is being protected from attacks is usually called the __________.

key value

target of evaluation

main asset

target asset

View Feedback

Question 125                     1 / 1 point

__________ is an information service provider that helps law offices, government agencies, businesses, and individuals find information about people.

People-Search-America.com

Best People Search

Switchboard

Google Finance

 

Available solutions
  • CMIT 321 Final Exam/CMIT 321 Final Exam
    $60.00

    Final Exam Question 1 1 / 1 point __________ is the exploitation of an organization’s telephone, dial, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources. War driving Line dialing PBX driving War dialing View Feedback Question 2 1 / 1 point __________ cryptography is the most common method on the Internet for authenticating a message sender or encrypting a message. Symmetric Hash-based Private-key Public-key View Feedback Question 3 1 / 1 point __________ is a lightweight Knoppix version cut to 50 MB for a business-card-sized CD. Gnoppix GeeXboX Morphix Damn Small Linux View Feedback Question 4 1 / 1 point The __________ utility tests the integrity of an ODBC data source. odbcping ASPRunner FlexTracer DbEncrypt View Feedback Question 5 1 / 1 point In the TCP/IP stack, the __________ layer is where applications and protocols, such as HTTP and Telnet, operate. Internet network transport application View Feedback Question 6 1 / 1 point Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error. They can fill in the username and password fields with __________. a pound sign two dashes a single quotation mark double quotes View Feedback Question 7 1 / 1 point __________ allow attackers to pass malicious cod

    Submitted on: 05 Jan, 2017 05:11:08 This tutorial has not been purchased yet .