1) Which of the following Linux distributions are suited for penetration testing?
A. Backtrack
B. Trapdoor
C. Kali
D. All of these
Answer: A, C
Solution: Both Backtrack and Kali are Linux distributions, containing a set of tools using which, one can test networks, devices and systems for vulnerability. Backtrack is an old distribution, based on Ubuntu; whereas Kali is an updated version mostly based on Debian. Trapdoor is not a Linux distribution. The correct options are (A) and (C).
2) Which of the following takes advantage of some security flaw in software to penetrate into a network or system?
A. Malware
B. Exploits
C. Botnet
D. All of these
Answer: B
Solution: An exploit is a program or piece of code that takes advantage of some security flaw in an application or system so that hackers can use it for their benefit. Exploits are not malware themselves, but rather methods for delivering the malware. Vulnerability scanners such as Nexpose and Nessus can be used for finding such vulnerabilities, and then they are exploited using such programs and scripts.
3) Which of the following provides a comprehensive archive of public exploits associated with specific vulnerabilities?
A. Google
B. Bing
C. Exploit-db
D. Hacker-site
Answer: C
Solution: The Exploit Database is a not-profit project that is provided as a public service by Offensive Security. It contains an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The web site is: https://www.exploit-db.com.
4) Which of the following is/are example(s) of privilege escalation attack?
A. An attacker with a privilege set of โread onlyโ permissions somehow elevates the set to include โread and โwriteโ.
B. An attacker prevents higher priority processes from running.
C. An attacker prevents access to resources by legitimate clients.
D. None of these.
Answer: A
Solution: Privilege escalation means a user receives privileges they are not entitled to. Option (A) is such an example.
5) Which of the following constitute active fingerprinting?
A. Use a sniffer to capture and analyze traffic, but never send any packet to the target.
B. It is the process of transmitting packets to a remote host and analyzing corresponding response.
C. Identify a device from the packets it is sending
D. None of these
Answer: B
Solution: The difference between active fingerprinting and passive fingerprinting is that active fingerprinting will send queries to the target and analyze the response. Passive fingerprinting only uses a sniffer to capture and analyze traffic, but never sends traffic to the target. The correct option is (B).
