In what default directory (fully qualified path) does nmap store scripts?
C
Explanation:
Nmap (Network Mapper) is a network scanning and security auditing tool. Scripts used by Nmap for
performing different network discovery and security auditing tasks are stored in
/usr/share/nmap/scripts. This directory contains a collection of scripts for NSE (Nmap Scripting
Engine), which enables Nmap to perform additional networking tasks, often used for detecting
vulnerabilities, misconfigurations, and security-related information about network services.
Reference:
Nmap documentation, "Nmap Scripting Engine (NSE)".
Which of the registrars contains the information for the domain owners in South America?
C
Explanation:
LACNIC (Latin American and Caribbean Network Information Centre) is the regional Internet registry
for Latin America and parts of the Caribbean. It manages the allocation and registration of Internet
number resources (such as IP addresses and AS numbers) within this region and maintains the
registry of domain owners in South America.
Reference:
LACNIC official website, "About LACNIC".
Which of the hacking methodology steps can be used to identify the applications and vendors used?
B
Explanation:
OSINT (Open Source Intelligence) refers to the collection and analysis of information gathered from
public, freely available sources to be used in an intelligence context. In the context of hacking
methodologies, OSINT can be used to identify applications and vendors employed by a target
organization by analyzing publicly available data such as websites, code repositories, social media,
and other internet-facing resources.
Reference:
Michael Bazzell, "Open Source Intelligence Techniques".
Which of the following is a component of an IDS?
A
Explanation:
An Intrusion Detection System (IDS) is designed to monitor network or system activities for malicious
activities or policy violations and can perform several functions:
Monitor: Observing network traffic and system activities for unusual or suspicious behavior.
Detect: Identifying potential security breaches including both known threats and unusual activities
that could indicate new threats.
Respond: Executing pre-defined actions to address detected threats, which can include alerts or
triggering automatic countermeasures.
Reference:
Cisco Systems, "Intrusion Detection Systems".
Which of the IEC 62443 Security Levels is identified by a cybercrime/hacker target?
B
Explanation:
IEC 62443 is an international series of standards on Industrial communication networks and system
security, specifically related to Industrial Automation and Control Systems (IACS). Within the IEC
62443 standards, Security Level 3 is defined as protection against deliberate or specialized intrusion.
It is designed to safeguard against threats from skilled attackers (cybercriminals or hackers) targeting
specific processes or operations within the industrial control system.
Reference:
International Electrotechnical Commission, "IEC 62443 Standards".
Which of the following was attacked using the Stuxnet malware?
A
Explanation:
Stuxnet is a highly sophisticated piece of malware discovered in 2010 that specifically targeted
Supervisory Control and Data Acquisition (SCADA) systems used to control and monitor industrial
processes.
The primary targets of Stuxnet were Programmable Logic Controllers (PLCs), which are critical
components in industrial control systems.
Stuxnet was designed to infect Siemens Step7 software PLCs. It altered the operation of the PLCs to
cause physical damage to the connected hardware, famously used against Iran's uranium enrichment
facility, where it caused the fast-spinning centrifuges to tear themselves apart.
Reference
Langner, R. "Stuxnet: Dissecting a Cyberwarfare Weapon." IEEE Security & Privacy, May-June 2011.
"W32.Stuxnet Dossier," Symantec Corporation, Version 1.4, February 2011.
What is the size in bytes of the TCP sequence number in the header?
D
Explanation:
In the Transmission Control Protocol (TCP) header, the sequence number field is crucial for ensuring
the correct sequencing of the packets sent over a network.
The sequence number field in the TCP header is 32 bits long, which equates to 4 bytes.
This sequence number is used to keep track of the bytes in a sequence that are transferred over a
TCP connection, ensuring that packets are arranged in the correct order and data integrity is
maintained during transmission.
Reference
Postel, J., "Transmission Control Protocol," RFC 793, September 1981.
"TCP/IP Guide," Kozierok, C. M., 2005.
Which mode within IPsec provides a secure connection tunnel between two endpoints AND protects
the sender and the receiver?
B
Explanation:
IPsec (Internet Protocol Security) has two modes: Transport mode and Tunnel mode.
Tunnel mode is used to create a secure connection tunnel between two endpoints (e.g., two
gateways, or a client and a gateway) and it encapsulates the entire IP packet.
This mode not only protects the payload but also the header information of the original IP packet,
thereby providing a higher level of security compared to Transport mode, which only protects the
payload.
Reference
Kent, S. and Seo, K., "Security Architecture for the Internet Protocol," RFC 4301, December 2005.
"IPsec Services," Microsoft TechNet.
Which of the following can be used to view entire copies of web sites?
A
Explanation:
The Wayback Machine is an internet service provided by the Internet Archive that allows users to see
archived versions of web pages across time, enabling them to browse past versions of a website as it
appeared on specific dates.
It captures and stores snapshots of web pages, making it an invaluable tool for accessing the
historical state of a website or recovering content that has since been changed or deleted.
Other options like Google Cache may also show snapshots of web pages, but the Wayback Machine
is dedicated to this purpose and holds a vast archive of historical web data.
Reference
Internet Archive:
https://archive.org
"Using the Wayback Machine," Internet Archive Help Center.
The NIST SP 800-53 defines how many management controls?
B
Explanation:
NIST SP 800-53 is a publication that provides a catalog of security and privacy controls for federal
information systems and organizations and promotes the development of secure and resilient federal
information and information systems.
According to the NIST SP 800-53 Rev. 5, the framework defines a comprehensive set of controls,
which are divided into different families. Among these families, there are specifically nine families
categorized under management controls. These include categories such as risk assessment, security
planning, program management, and others.
Reference
"NIST Special Publication 800-53 (Rev. 5) Security and Privacy Controls for Information Systems and
Organizations."
NIST website:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf