Exam 1 Review
•
Question 1
5 out of 5 points
Which of the following files is edited to block a search engine’s bots from indexing an organizational Web site?
Selected Answer:
robots.txt
Answers:
lmhosts.txt robots.txt host.txt index.txt •
Question 2
5 out of 5 points
Web resources used to footprint a company include all but which one of the following? Selected Answer:
Request for Comments (RFC) archive
Answers:
Internet archive
SEC EDGAR
Company Web site
Request for Comments (RFC) archive
•
Question 3
5 out of 5 points
What can be revealed from the information gathered from a company’s Web site, job postings, and employee blog?
Selected Answer:
Information that will help fine-tune scans or probes
Answers:
Information about vulnerabilities
Information that will help fine-tune scans or probes
Passwords
Competitors
•
Question 4
5 out of 5 points
What database of financial records should penetration testers review?
Selected Answer:
EDGAR
Answers:
ALICE
EDGAR
Both A and B
Neither A nor B
•
Question 5
5 out of 5 points
Which of the following examples best portrays passive information gathering?
Selected
Answer:
Reviewing job listings posted by the targeted company
Answers:
Reviewing job listings posted by the targeted company
Port scanning the targeted company
Calling the company and asking questions about its services
Driving around the targeted company connecting to open wireless connections •
Question 6
5 out of 5 points
Which of the following databases would be valuable for obtaining information about a company’s financial history?
Selected Answer:
EDGAR
Answers:
Internet Assigned Numbers Authority (IANA)
Wayback Machine
EDGAR
Whois
•
Question 7
5 out of 5 points
What technique should be used to secure DNS?
Selected Answer:
Separate internal and external servers
Answers:
DNSSec
Custom DNS server code
Whois
Separate internal and
Question 1
5 out of 5 points
Which of the following files is edited to block a search engine’s bots from indexing an organizational Web site?
Selected Answer:
robots.txt
Answers:
lmhosts.txt robots.txt host.txt index.txt •
Question 2
5 out of 5 points
Web resources used to footprint a company include all but which one of the following? Selected Answer:
Request for Comments (RFC) archive
Answers:
Internet archive
SEC EDGAR
Company Web site
Request for Comments (RFC) archive
•
Question 3
5 out of 5 points
What can be revealed from the information gathered from a company’s Web site, job postings, and employee blog?
Selected Answer:
Information that will help fine-tune scans or probes
Answers:
Information about vulnerabilities
Information that will help fine-tune scans or probes
Passwords
Competitors
•
Question 4
5 out of 5 points
What database of financial records should penetration testers review?
Selected Answer:
EDGAR
Answers:
ALICE
EDGAR
Both A and B
Neither A nor B
•
Question 5
5 out of 5 points
Which of the following examples best portrays passive information gathering?
Selected
Answer:
Reviewing job listings posted by the targeted company
Answers:
Reviewing job listings posted by the targeted company
Port scanning the targeted company
Calling the company and asking questions about its services
Driving around the targeted company connecting to open wireless connections •
Question 6
5 out of 5 points
Which of the following databases would be valuable for obtaining information about a company’s financial history?
Selected Answer:
EDGAR
Answers:
Internet Assigned Numbers Authority (IANA)
Wayback Machine
EDGAR
Whois
•
Question 7
5 out of 5 points
What technique should be used to secure DNS?
Selected Answer:
Separate internal and external servers
Answers:
DNSSec
Custom DNS server code
Whois
Separate internal and