Test Modulo 4
1. Of the following, which allows a client and a server to communicate in distributed
client/server Programs?
a) LDAP
b) RPC
c) VoIP
d) NTP
2. Which of the following is a NetBIOS enumeration tool?
a) WinPrint
b) WinEnumerate
c) WinOSEnum
d) Hyena
3. What port is commonly used by firewalls to allow log data traffic?
a) UDP 514
b) UDP 123
c) TCP 514
d) UDP 541
4. Which of the following is a 16 ASCII character string used to identify the network
devices over TCP/IP?
a) Hostname
b) NetBIOS name
c) OID
d) FQDN
5. Which of the following has the capability of remotely running commands on Windows
Machines?
a) PsExec
b) RemoteExec
c) WinRemExec
d) RDP
6. What is the process of extracting user names, machine names, network resources,
shares and services from a system?
a) Social engineering
b) Enumeration
c) Ethical hacking
d) Exfiltration
�7. You discover an NTP server on a client’s network and are in the enumeration stage of
your pentest. Which of the following would most likely be your next step?
a) Intercept traffic from the NTP server
b) Attempt to hack into the server
c) Begin to query it for information like a list of machines on the network or internal
IP Addresses
d) Spoof the NTP server’s address and begin to intercept traffic going to the server
8. Which of the following SMTP command would not be used to enumerate user
information
a) AUTH
b) VRFY
c) EXPN
d) RCPT TO
9. Which of the following is a powerful enumeration tool?
a) PowerScan
b) Wireshark
c) SuperScan
d) EnumeraScan
10. Under what conditions does a secondary name server request a zone transfer from a
primary name server?
a) When a primary start of authority (SOA) is higher than a secondary SOA
b) When a secondary start of authority (SOA) is higher than a primary SOA
c) When a primary name server has had its service restarted
d) When a secondary name server has had its service restarted
11. Which of the following is a protocol used to manage network devices and can be used
to enumerate network resources, shares, and ARP tables?
a) DNS
b) DHCP
c) SNMP
d) TCP
12. What is it called when a hacker gathers a list of all the items found in a target range?
a) Scanning
b) Enumeration
c) Pinging
d) Hacking
13. Which of the following protocols is used for email, has no security and sends all
messages in clear text?
a) HTTP
b) SMTP
c) POP3
d) FTP
�14. Having who AD-integrated external DNS Servers for the same purpose is an
unnecessary network vulnerability.
a) False
b) True
15. You are enumerating information about a windows host. Which tool would you use to
discover the host’s NetBIOS name and other NetBIOS information?
a) Nbtstatus -A 192.168.56.1
b) Nbtscan -A 192.168.56.1
c) Nbtstat -A 192.168.56.1
d) Nbtstats -A 192.168.56.1
16. IPv6 uses 128-bit addresses, which are stored in what format?
a) A 32-digit string
b) 4 groups of 8 hexadecimal digits separated by a colon
c) A 25-character field
d) 8 groups of 4 hexadecimal digits separated by a colon
17. How can an attacker best mask his or her IP address to hack a computer system
without any fear or legal repercussions?
a) HTTP Tunneling
b) Using a VPN
c) Proxy Chaining
d) SSH Tunneling
18. Which of the following protocols does not participate in the three-way handshake via
TCP?
a) TCP
b) DHCP
c) FTP
d) SMTP
19. Angela is responsible for designing, developing, testing, and evaluating information
systems throughout the system’s life cycle. In what specialty area of the “Securely
Provision” NICE Framework category does Angela Work?
a) Systems development
b) Systems Requirement Planning
c) Systems Architecture
d) Test and Evaluation
20. Infecting a classified government computer with a virus violates which federal law?
a) Electronic Communications Privacy Act
b) Computer Fraud and Abuse Act
c) CyberSecurity Enhancement Act
d) USA PATRIOT Act
