« Backtrack 2 : Network Mapping –> All –> Amap
DSL : Damn Small Linux 4.0RC2 »

Questions and Answers 9

By Pavs on September 10th, 2007





Question 1: The ability to capture a stream of data packets and then insert them back into the network as a valid message is known as which of the following?

A. Eavesdropping

B. Message modification

C. Brute-force attack

D. Packet replay

Answer 1: D. Packet replay is a combination of passive and active attacks that can be used to inject packets into the network. Answers A, B, and C are incorrect because eavesdropping is the act of sniffing, message modification is the act of altering a message, and a brute force attack attempts to use all possible combinations.

Question 2: A SYN flood can be detected by which of the following?

A. A large number of SYN packets appearing on the network without corresponding ACK responses

B. Packets that have both the same source and destination IP addresses

C. A large number of SYN packets appearing on the network with random segment sizes

D. Packets that have both the same source and destination port addresses

Answer 2: A. A IDS system can detect a SYN flood, as there will be a large number of SYN packets appearing on the network without corresponding ACK responses. Answers B, C, and D are incorrect because the source and target IP and port will not be the same, and segment size is not the determining factor in a SYN attack.

Question 3: While preparing to hack a targeted network, you would like to check the configuration of the DNS server. What port should you look for to attempt a zone transfer?

A. 53 UDP

B. 79 TCP

C. 53 TCP

D. 79 UDP

Answer 3: C. TCP port 53 is used for zone transfers. Therefore, answers A, B, and D are incorrect. Port 79 is used by finger, and UDP 53 is usually used for lookups.

Question 4: Refer to the following figure. What is the destination MAC address?

A. A multicast

B. A broadcast

C. The default gateway

D. C0 A8 7B 65

Answer 4: the packet is targeted to the broadcast address of ff ff ff ff ff ff. Answers A, C, and D are incorrect, as it is not a multicast that would begin with an 01; it is not the default gateway, as that is now a broadcast address, and it is not c0 A8 7B 65. That is the IP address of the originator, 192.168.123.101.

Question 5: Which of the following is used to verify the proof of identity?

A. Asymmetric encryption

B. Symmetric encryption

C. Non-repudiation

D. Hashing

Answer 5: C. Non-repudiation is the ability to verify proof of identity. It is used to ensure that a sender of data is provided with proof of delivery and the recipient is assured of the sender’s identity. Neither party should be able to deny having sent or received the data at a later date. Answers A, B, and D are incorrect, as asymmetric encryption is used primarily for confidentiality, as is symmetric encryption. Hashing is used for integrity.

Related Posts:


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.