Topic 1: Exam Pool A
You are the Network Admin, and you get a complaint that some of the websites are no
longer accessible. You try to ping the servers and find them to be reachable. Then you type
the IP address and then you try on the browser, and find it to be accessible. But they are
not accessible when you try using the URL.
What may be the problem?
A.
Traffic is Blocked on UDP Port 53
B.
Traffic is Blocked on TCP Port 80
C.
Traffic is Blocked on TCP Port 54
D.
Traffic is Blocked on UDP Port 80
Traffic is Blocked on UDP Port 53
Explanation: Most likely have an issue with DNS.
DNS stands for “Domain Name System.” It’s a system that lets you connect to websites by
matching human-readable domain names (like example.com) with the server's unique ID
where a website is stored.
Think of the DNS system as the internet’s phonebook. It lists domain names with their
corresponding identifiers called IP addresses, instead of listing people’s names with phone numbers. When a user enters a domain name like wpbeginner.com on their device,
it looks up the IP address and connects them to the physical location where that website is
stored.
NOTE: Often DNS lookup information will be cached locally inside the querying computer
or remotely in the DNS infrastructure. There are typically 8 steps in a DNS lookup. When
DNS information is cached, steps are skipped from the DNS lookup process, making it
quicker. The example below outlines all 8 steps when nothing is cached.
The 8 steps in a DNS lookup:
1. A user types ‘example.com’ into a web browser, and the query travels into the Internet
and is received by a DNS recursive resolver;
2. The resolver then queries a DNS root nameserver;
3. The root server then responds to the resolver with the address of a Top-Level Domain
(TLD) DNS server (such as .com or .net), which stores the information for its domains.
When searching for example.com, our request is pointed toward the .com TLD;
4. The resolver then requests the .com TLD;
5. The TLD server then responds with the IP address of the domain’s nameserver,
example.com;
6. Lastly, the recursive resolver sends a query to the domain’s nameserver;
7. The IP address for example.com is then returned to the resolver from the nameserver;
8. The DNS resolver then responds to the web browser with the IP address of the domain
requested initially;
Once the 8 steps of the DNS lookup have returned the IP address for example.com, the
browser can request the web page:
9. The browser makes an HTTP request to the IP address;
10. The server at that IP returns the webpage to be rendered in the browser.
NOTE 2: DNS primarily uses the User Datagram Protocol (UDP) on port number 53 to
serve requests. And if this port is blocked, then a problem arises already in the first step.
But the ninth step is performed without problems.
What is one of the advantages of using both symmetric and asymmetric cryptography in
SSL/TLS?
A.
Supporting both types of algorithms allows less-powerful devices such as mobile phones
to use symmetric encryption instead.
B.
Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
C.
Symmetric encryption allows the server to security transmit the session keys out-ofband.
D.
Asymmetric cryptography is computationally expensive in comparison. However, it is
well-suited to securely negotiate keys for use with symmetric cryptography.
Supporting both types of algorithms allows less-powerful devices such as mobile phones
to use symmetric encryption instead.
Which of the following is not a Bluetooth attack?
A.
Bluedriving
B.
Bluesmacking
C.
Bluejacking
D.
Bluesnarfing
Bluedriving
Explanation: https://github.com/verovaleros/bluedriving
Bluedriving is a bluetooth wardriving utility. It can capture bluetooth devices, lookup their
services, get GPS information and present everything in a nice web page. It can search for
and show a lot of information about the device, the GPS address and the historic location
of devices on a map. The main motivation of this tool is to research about the targeted
surveillance of people by means of its cellular phone or car. With this tool you can capture
information about bluetooth devices and show, on a map, the points where you have seen
the same device in the past.
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP
does not encrypt email, leaving the information in the message vulnerable to being read by
an unauthorized person. SMTP can upgrade a connection between two mail servers to use
TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command
used by SMTP to transmit email over TLS?
A.
OPPORTUNISTICTLS
B.
UPGRADETLS
C.
FORCETLS
D.
STARTTLS
STARTTLS
Let's imagine three companies (A, B and C), all competing in a challenging global
environment. Company A and B are working together in developing a product that will
generate a major competitive advantage for them. Company A has a secure DNS server
while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the
DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?
A.
Install DNS logger and track vulnerable packets
B.
Disable DNS timeouts
C.
Install DNS Anti-spoofing
D.
Disable DNS Zone Transfer
Install DNS Anti-spoofing
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user
attempts to go to "www.MyPersonalBank.com", the user is directed to a phishing site.
Which file does the attacker need to modify?
A.
Boot.ini
B.
Sudoers
C.
Networks
D.
Hosts
Hosts
What kind of detection techniques is being used in antivirus software that identifies
malware by collecting data from multiple protected systems and instead of analyzing files
locally it’s made on the provider’s environment?
A.
Behavioral based
B.
Heuristics based
C.
Honeypot based
D.
Cloud based
Cloud based
If a token and 4-digit personal identification number (PIN) are used to access a computer
system and the token performs off-line checking for the correct PIN, what type of attack is
possible?
A.
Birthday
B.
Brute force
C.
Man-in-the-middle
D.
Smurf
Brute force
Steve, a scientist who works in a governmental security agency, developed a technological
solution to identify people based on walking patterns and implemented this approach to a
physical control access.
A camera captures people walking and identifies the individuals using Steve’s approach.
After that, people must approximate their RFID badges. Both the identifications are
required to open the door. In this case, we can say:
A.
Although the approach has two phases, it actually implements just one authentication factor
B.
The solution implements the two authentication factors: physical object and physical
characteristic
C.
The solution will have a high level of false positives
D.
Biological motion cannot be used to identify people
The solution implements the two authentication factors: physical object and physical
characteristic
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS
clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types
of attacks.
A.
DNSSEC
B.
Resource records
C.
Resource transfer
D.
Zone transfer
DNSSEC
Explanation:
The Domain Name System Security Extensions (DNSSEC) is a suite of Internet
Engineering Task Force (IETF) specifications for securing certain kinds of information
provided by DNS for use on IP networks. DNSSEC is a set of extensions to DNS provide to
DNS clients (resolvers) origin authentication of DNS data, authenticated denial of
existence, and data integrity, but not availability or confidentiality. DNSSEC is necessary
because the original DNS design did not include security but was designed to be a scalable
distributed system. DNSSEC adds security while maintaining backward compatibility.
Page 2 out of 57 Pages |
Previous |