.png){kind=logo}
What tool can be used to fingerprint the operating system of a host?
A)netstat
B)dig
C)nslookup
D)nmap
Nmap
What type of vulnerability is illustrated where there is code in the web page?
A)File Inclusion
B) Clickjacking
C)Cross-Site Scripting
D) SQL injection
HINT While it doesn't exactly say "code in the web page", it mentions how you can sometimes view a page that looks like PHP code and how that code can gain you access to the access logs of the server.
File Inclusion
An alert indicates that a compromised host was used by an attacker to run the command below. What was the attacker attempting to do?
$ nmap -sS 192.168.10.0/24
A)Map a network drive to a remote host
B)Identify services running on network hosts
C)Execute a script on a remote host
D)Send Spoofed packets to network hosts
Identify services running on network hosts
What does it mean when a computer program is "multi-threaded"?
A) It calls multiple external libraries
B) It has multiple serial number for different users
C) It can run multiple chunks of code concurrently
D) It has multiple functions defined in the program
It can run multiple chunks of code concurrently
Which of the following is a common result of a reflected cross-site scripting attack?
A)Tricking a user into making an authenticated transaction
B)Sending a website user's session cookie to an attacker
C) Embedding the attacker's malware in web application source code
D) Stealing password hashes from a website's back end database
HINT It may be under the session guessing section, but if you read further into it, you will see where it mentions XSS attack.
Sending a website user's session cookie to an attacker
What type of artifact can a blue team member use to identify the name that is associated to the file?
A)Metadata
B)Windows security logs
C)Prefetch
D)File Ownership
Metadata
What is HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run considered to be?
A)Domain Name
B)Log File Path
C) Registry Key
D) Yo Mama's Number
A Registry Key
If a user agent is used, where would it be found in the HTTP Protocol?
A)In the response header
B)In the response body
C)Delimited by an h1 tag
D) In a GET Request
In a GET Request
.png)