1.____ involves making active connections to the target system or subjecting it to direct queries.
a. Privilege escalation
b. Application execution
c. Trace hiding
d. Enumeration

2.A(n) ____ is basically a pseudoaccount that has no username or password, but can be used to access certain information on the network.
a. null user
b. empty session
c. default user
d. blank session

3.____ tokens cache information about a logon session for a particular user and remain valid until the user logs out or uses another machine to access the particular resource.
a. User
b. Session
c. Access
d. Login

4.A(n) ____ share is a hidden share that allows communication between two processes on the same system.
a. SMC
b. IPC
c. EPC
d. SMB

5.Null sessions require access to TCP port ____.
a. 139
b. 141
c. 345
d. 349

6.A ____, also called a packet analyzer, is a software program that can capture, log, and analyze protocol traffic over the network and decode its contents.
a. sniffer
b. recorder
c. logger
d. tapper

7.____ hashes are a legacy method used by Microsoft Windows to store passwords of less than 15 characters in two five-character hashes.
a. UM (User Manager)
b. Shadow
c. LM (LAN Manager)
d. LT (Lite Token)

8.A ____ attack is a combination of both the brute force attack and the dictionary attack.
a. hybrid
b. syllable
c. passive
d. rainbow

9.____ is designed to explore the NetBIOS file-sharing services the target system offers.
a. Smbbf
b. L0phtCrack
c. SMBCrack
d. NAT

10.____ is a network authentication system used by Microsoft to allow individuals communicating over a nonsecure network to prove their identity to one another in a secure manner by logging on to the system only one time and then using a ticket system to access resources and applications.
a. SMB
b. NetBIOS
c. Kerberos
d. NTLMv2

11.A ____ is an attempt to simulate methods that intruders use to gain unauthorized access to an organization’s networked systems and then compromise them.
a. security audit
b. security assessment
c. penetration test
d. vulnerability assessment

12.____ are evaluations of a network’s vulnerability to attack through a variety of means.
a. Security assessments
b. Penetration tests
c. Security audits
d. Vulnerability assessments

13.IT ____ are designed to evaluate an organization’s security policies and procedures.
a. ping sweeps
b. vulnerability assessments
c. penetration tests
d. security audits

14.A(n) ____ is a company’s in-house monitor over the course of the pen-test.
a. D-I-Y audit
b. cutout
c. internal monitor
d. self-audit

15.The contract agreement that describes the terms of service that an outsourcer provides is known as a ____.
a. service level agreement (SLA)
b. rule of engagement
c. due contract
d. project scope

Solution PreviewSolution Preview

This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.

    By purchasing this solution you'll be able to access the following files:

    50% discount

    $16.00 $8.00
    for this solution

    or FREE if you
    register a new account!

    PayPal, G Pay, ApplePay, Amazon Pay, and all major credit cards accepted.

    Find A Tutor

    View available IT Audit and Security Tutors

    Get College Homework Help.

    Are you sure you don't want to upload any files?

    Fast tutor response requires as much info as possible.

    Upload a file
    Continue without uploading

    We couldn't find that subject.
    Please select the best match from the list below.

    We'll send you an email right away. If it's not in your inbox, check your spam folder.

    • 1
    • 2
    • 3
    Live Chats