15 Jan Data Terminal Equipment (DTE)

COM546 Advanced Penetration Testing

Module 1 Case Project

For this module, complete the following:

Chapter 1: Case Project 1-1

Chapter 2: Case Project 2-2

COM546 Advanced Penetration Testing

Module 2 Case Project

For this module, complete the following:

Chapter 3: Case Project 3-1

Chapter 3: Case Project 3-2

COM546 Advanced Penetration Testing

Module 3 Case Project

For this module, complete the following:

Case Project 4-1

Case Project 4-2

COM546 Advanced Penetration Testing

Module 4 Case Project

For this module, complete the following:

Chapter 5: Case Project 5-2

Chapter 6: Case Project 6-1

COM546 Advanced Penetration Testing

Module 5 Case Project

For this module, complete the following:

Chapter 7: Case Project 7-1

Chapter 7: Case Project 7-2

COM546 Advanced Penetration Testing

Module 6 Case Project

For this module, complete the following:

Chapter 8: Case Project 8-2

Chapter 9: Case Project 9-1

COM546 Advanced Penetration Testing

Module 7 Case Project

For this module, complete the following:

Chapter 10: Case Project 10-2

Chapter 11: Case Project 11-1

COM546 Advanced Penetration Testing

Module 8 Case Project

For this module, complete the following:

Chapter 12: Case Project 12-1

Chapter 13: Case Project 13-2

COM546 Advanced Penetration Testing

Module 1 Discussion

Select a topic covered in this module. Go to the SANS website (www.sans.org), locate the Reading Room, and find an article that relates to your selected topic. Write a brief report about the article, including the relevance of the article to the module, issues raised, your opinion of the issues (agree or disagree and why), and recommendation(s), if any.

COM546 Advanced Penetration Testing

Module 2 Discussion

Select a topic covered in this module. Go to the SANS website (www.sans.org), locate the Reading Room, and find an article that relates to your selected topic. Write a brief report about the article, including the relevance of the article to the module, issues raised, your opinion of the issues (agree or disagree and why), and recommendation(s), if any.

COM546 Advanced Penetration Testing

Module 3 Discussion

Select a topic covered in this module. Go to the SANS website (www.sans.org), locate the Reading Room, and find an article that relates to your selected topic. Write a brief report about the article, including the relevance of the article to the module, issues raised, your opinion of the issues (agree or disagree and why), and recommendation(s), if any.

COM546 Advanced Penetration Testing

Module 4 Discussion

Select a topic covered in this module. Go to the SANS website (www.sans.org), locate the Reading Room, and find an article that relates to your selected topic. Write a brief report about the article, including the relevance of the article to the module, issues raised, your opinion of the issues (agree or disagree and why), and recommendation(s), if any.

COM546 Advanced Penetration Testing

Module 5 Discussion

Select a topic covered in this module. Go to the SANS website (www.sans.org), locate the Reading Room, and find an article that relates to your selected topic. Write a brief report about the article, including the relevance of the article to the module, issues raised, your opinion of the issues (agree or disagree and why), and recommendation(s), if any.

COM546 Advanced Penetration Testing

Module 6 Discussion

Select a topic covered in this module. Go to the SANS website (www.sans.org), locate the Reading Room, and find an article that relates to your selected topic. Write a brief report about the article, including the relevance of the article to the module, issues raised, your opinion of the issues (agree or disagree and why), and recommendation(s), if any.

COM546 Advanced Penetration Testing

Module 7 Discussion

Select a topic covered in this module. Go to the SANS website (www.sans.org), locate the Reading Room, and find an article that relates to your selected topic. Write a brief report about the article, including the relevance of the article to the module, issues raised, your opinion of the issues (agree or disagree and why), and recommendation(s), if any.

COM546 Advanced Penetration Testing

Module 8 Discussion

What are your thoughts on why ethical behavior is essential for individuals who are tasked with protecting sensitive and confidential data? Specifically, how do your beliefs relate to Saint Leo University’s core value of personal development? Your post must be at least 150 words.

COM546 Advanced Penetration Testing
Module 2 Exam 1

What type of testing procedure involves the tester(s) analyzing the company’s security policy and procedures, and reporting any vulnerabilities to management?

Question 1 options:

penetration test

security test

hacking test

ethical hacking test

Question 2 What term best describes a person who hacks computer systems for political or social reasons?

Question 2 options:

cracktivist

hacktivist

sniffer

script kiddy

Question 3 What security certification did the “The International Council of Electronic Commerce Consultants” (EC-Council) develop?

Question 3 options:

Security+

OSSTMM Professional Security Tester (OPST)

Certified Information Systems Security Professional (CISSP)

Certified Ethical Hacker (CEH)

Question 4 Penetration testers and security testers need technical skills to perform their duties effectively.

Question 4 options:

True

False

Question 5 If you work for a company as a security professional, you will most likely be placed on a special team that will conduct penetration tests. What is the standard name for a team made up of security professionals?

Question 5 options:

pen team

blue team

red team

security team

Question 6 Penetration testing can create ethical, technical, and privacy concerns for a company’s management team. What can a security consultant do to ensure the client fully understands the scope of testing that will be performed?

Question 6 options:

create a contractual agreement

create a lab demonstration

create a virtual demonstration

create a slide presentation

Question 7 What organization disseminates research documents on computer and network security worldwide at no cost?

Question 7 options:

EC-Council

SANS

ISECOM

ISC2

Question 8 Even though the Certified Information Systems Security Professional (CISSP) certification is not geared toward the technical IT professional, it has become one of the standards for many security professionals.

Question 8 options:

True

False

Question 9 Port scanning is a noninvasive, nondestructive, and legal testing procedure that is protected by federal law.

Question 9 options:

True

False

Question 10 What name is given to people who break into computer systems with the sole purpose to steal or destroy data?

Question 10 options:

packet monkeys

crackers

script kiddies

bots

Question 11 What penetration model should be used when a company’s management team does not wish to disclose that penetration testing is being conducted?

Question 11 options:

black box

white box

red box

silent box

Question 12 What type of laws should a penetration tester or student learning hacking techniques be aware of?

Question 12 options:

local

state

federal

all of the above

Question 13 What derogatory title do experienced hackers, who are skilled computer operators, give to inexperienced hackers?

Question 13 options:

script kiddies

repetition monkeys

packet sniffers

crackers

Question 14 In the TCP/IP stack, what layer is concerned with physically moving bits across the network’s medium?

Question 14 options:

Internet

Network

Transport

Application

Question 15 What layer, in the TCP/IP protocol stack, is responsible for encapsulating data into segments?

Question 15 options:

Transport layer

Internet layer

Application layer

Network layer

Question 16 In the TCP/IP stack, what layer is concerned with controlling the flow of data, sequencing packets for reassembly, and encapsulating the segment with a TCP or UDP header?

Question 16 options:

Internet

Network

Transport

Application

Question 17 How many host computers can be assigned a valid IPv4 address when using a CIDR /24 prefix?

Question 17 options:

254

512

65,000

16 million

Question 18 What port does the Trivial File Transfer Protocol, or TFTP service use?

Question 18 options:

25

53

69

80

Question 19 What does the acronym TCP represent?

Question 19 options:

Transfer Control Protocol

Transmission Control Protocol

Transfer Congestion Protocol

The Control Protocol

Question 20 What port does the Hypertext Transfer Protocol, or HTTP service use?

Question 20 options:

25

53

69

80

COM546 Advanced Penetration Testing

Module 4 Exam 2

Question 1 What tactic is being used when an attacker trailing closely behind an employee enters a restricted area without any security credentials by utilizing their proximity to another employee with security clearance?

Question 1 options:

Shoulder surfing

Footprinting

Piggybacking

Dumpster diving

Question 2 To see additional parameters that can be used with the Netcat command, what should you type at the command prompt?

Question 2 options:

nc -lookup

nc -z

nc -h

nc -up

Question 3 Which process utilizes the knowledge of human nature to get information from people to use for executing an attack on a computer network?

Question 3 options:

fingerprinting

footprinting

zone transferring

social engineering

Question 4 Walking is an automated way to discover pages of a Web site by following links.

Question 4 options:

True

False

Question 5 Which technique can be used to read PINs entered at ATMs or at other areas when a pin code is entered?

Question 5 options:

shoulder surfing

footprinting

zone transferring

piggybacking

Question 6 What social engineering tactic can be utilized to acquire old notes that may contain written passwords or other items that document important information?

Question 6 options:

shoulder-surfing

dumpster diving

piggybacking

desk surfing

Question 7 Which of the following is a text file generated by a Web server and stored on a user’s browser?

Question 7 options:

index

cookie

server index

web file

Question 8 What is the HTTP method that retrieves data by URI?

Question 8 options:

GET

PUT

CONNECT

HEAD

Question 9 Which HTTP error informs you the server understands the request but refuses to comply?

Question 9 options:

401 Unauthorized

404 Not Found

403 Forbidden

409 Conflict

Question 10 The HTTP CONNECT method starts a remote application-layer loopback of the request message.

Question 10 options:

True

False

Question 11 Which HTTP method starts a remote Application-layer loopback of the request message?

Question 11 options:

TRACE

PUT

GET

HEAD

Question 12 Wget is a *nix system command that can be used to retrieve HTTP, HTTPS, and FTP files over the Internet.

Question 12 options:

True

False

Question 13 Which utility is used to gather IP and domain information?

Question 13 options:

Whois

Netcat

Metis

Dig

Question 14 Which of the following describes a flexible program that automates a task that takes too much time to perform manually?

Question 14 options:

Nmap

open source utility

customized script

Fping

Question 15 When a TCP three-way handshake ends, both parties send what type of packet to end the connection?

Question 15 options:

SYN

ACK

FIN

RST

Question 16 When writing a script which statement allows you to avoid creating an endless loop in your script?

Question 16 options:

count

while

bin

do

Question 17 An open port allows access to specific applications and cannot be vulnerable to attack.

Question 17 options:

True

False

Question 18 Closed ports respond to a NULL scan with what type of packet?

Question 18 options:

RST

SYN

Ping

ACK

Question 19 Attackers typically use ACK scans to get past a firewall or other filtering devices.

Question 19 options:

True

False

Question 20 What type of port scan has the FIN, PSH, and URG flags set?

Question 20 options:

NULL scan

connect scan

XMAS scan

ACK scan

COM546 Advanced Penetration Testing

Module 6 Exam 3

Question 1 The print command for Perl is almost identical to the print command used in which of the following programming languages?

Question 1 options:

Java

C

PHP

Smalltalk

Question 2 Which of the following is a backdoor initiated from inside the target’s network that makes it possible to take control of the target even when it’s behind a firewall?

Question 2 options:

reverse port

back shell

reverse shell

reverse door

Question 3 You must always add “//” at the end of comment text when using C language.

Question 3 options:

True

False

Question 4 In the Perl programming language, variables begin with which of the following characters?

Question 4 options:

%

!

*

$

Question 5 In the C programming language, which of the following show where a block of code begins and ends?

Question 5 options:

braces

parenthesis

brackets

dashes

Question 6 Bugs are worse than syntax errors because a program can run successfully with a bug, but the output might be incorrect or inconsistent.

Question 6 options:

True

False

Question 7 In HTML, each tag has a matching closing tag that is written with which of the following characters?

Question 7 options:

forward slash (/)

backward slash (\)

bang (!)

ampersand (&)

Question 8 UNIX was first written in assembly language. However, it was soon rewritten in what programming language?

Question 8 options:

Smalltalk

Perl

Python

C

Question 9 Which of the following special characters is used with the printf() function in the C programming language to indicate a new line?

Question 9 options:

\t

\0

\n

\l

Question 10 You can use the syntax /* and */ to accomplish what function when working with large portions of text?

Question 10 options:

run

erase

execute

comment

Question 11 Most programming languages have a way to branch, loop, and test.

Question 11 options:

True

False

Question 12 In the C programming language, which variable type holds the value of a single letter?

Question 12 options:

Char

Float

String

Const

Question 13 Security professionals often need to examine Web pages and recognize when something looks suspicious.

Question 13 options:

True

False

Question 14 Red Hat and Fedora Linux use what command to update and manage their RPM packages?

Question 14 options:

yum

get

dir

apt-get

Question 15 What is the current file system that Windows utilizes that has strong security features?

Question 15 options:

FAT

ADS

FAT32

NTFS

Question 16 NetBios is not available in Windows Vista, Server 2008, and later versions of Windows. However, NetBios should be understood by a security professional because it is used for which of the following?

Question 16 options:

backward compatibility

Windows upgrades

virus scanning

RPC

Question 17 What is the most serious shortcoming of Microsoft’s original File Allocation Table (FAT) file system?

Question 17 options:

no ACL support

no SUS support

no SMTP support

no Linux support

Question 18 SMB is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following?

Question 18 options:

Winsock

CIFS

TCP/IP

IPX/SPX

Question 19 Samba is a proprietary implementation of CIFS.

Question 19 options:

True

False

Question 20 When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?

Question 20 options:

NT level security

Share-level security

User-level security

CIF level security

COM546 Advanced Penetration Testing

Module 8 Exam 4

Question 1 Which of the following is the interface that determines how a Web server passes data to a Web browser?

Question 1 options:

Perl

ASP

CGI

PHP

Question 2 Which type of vulnerabilities can result from a server accepting untrusted, unvalidated input?

Question 2 options:

redirection

spoofing

injection

insertion

Question 3 Which of the following is a programming interface for connecting a Web application to a database and defines technologies that allow applications, such as Word or Excel, to interact with the Web?

Question 3 options:

ADOSQL

ADO

SQL

SNAOLEDB

Question 4 Which of the following does Object Linking and Embedding Database (OLE DB) rely on that allows an application to access data stored on an external device?

Question 4 options:

connection strings

program strings

SQL strings

string interfaces

Question 5 Which specific type of tag do All CFML tags begin with?

Question 5 options:

#

CF

CFML

%

Question 6 Which of the following resources is an excellent starting point for security professionals when investigating VBScript vulnerabilities?

Question 6 options:

CVE Web site

CERT

Microsoft Security Bulletin

Macromedia security

Question 7 Which of the following refers to the flow a user is expected to follow in an application to accomplish a goal?

Question 7 options:

error handling

delay logic

client flow

business logic

Question 8 Adobe System’s ColdFusion uses its proprietary tags, which are written in which of the following languages?

Question 8 options:

XML

DHTML

PHP

CFML

Question 9 What is the specific act of checking a user’s privileges to understand if they should or should not have access to a page, field, resource, or action in an application?

Question 9 options:

authentication

authorization

auditing

discovery

Question 10 OLE DB relies on connection strings that enable the application to access the data stored on an external device.

Question 10 options:

True

False

Question 11 What type of modulation spreads data across a large-frequency bandwidth instead of traveling across just one frequency band?

Question 11 options:

Infrared (IR)

Narrowband

Spread spectrum

Microwave

Question 12 The 802.11 standard applies to the Physical layer of the OSI model, which deals with wireless connectivity issues of fixed, portable, and moving stations in a local area, and the Media Access Control (MAC) sublayer of which OSI model layer?

Question 12 options:

Network Link layer

Data Link layer

transport layer

session layer

Question 13 Which of the following terms is the rate at which a sound wave repeat?

Question 13 options:

frequency

amplitude

channel

link

Question 14 What standard specifically defines the process of authenticating and authorizing users on a network?

Question 14 options:

802.11

802.1

802.1X

WEP

Question 15 Which frequency band is used by commercial AM radio stations?

Question 15 options:

extremely low frequency (ELF)

very low frequency (VLF)

medium frequency (MF)

high frequency (HF)

Question 16 Which of the following is a flawed wireless authentication standard created to allow users to easily add devices to a wireless network securely?

Question 16 options:

WPS

WSS

WEP

AES

Question 17 What protocol improves WPA encryption by adding Message Integrity Checks, Extended Initialization Vectors, Per-packet key mixing, and a Re-keying mechanism to improve encryption?

Question 17 options:

WEP

TKIP

802.1X

RADIUS

Question 18 What type of encryption is currently used to secure WPA2?

Question 18 options:

Radius

TKIP

WEP

AES

Question 19 Which IEEE standard can achieve a throughput of 54 Mbps?

Question 19 options:

802.11b

802.11e

802.11g

802.11d

Question 20 In 802.11, which of the following is an addressable unit?

Question 20 options:

host

Data Terminal Equipment (DTE)

station (STA)

wireless NIC (WNIC)