What would you answer and why?

ConstantlyLearning · January 2008

1) When a stored key and memorized password is not sufficient enough for an authentiction method, which of the follwing can be used as an additional layer of security?

1. Certificate
2. Mutual
3. Token
4. Multi-factor

2) Which of the following occurs when an attacker provides information to the legitimate user that causes the user to believe the attacker is authorized employee of the IT help desk?

1. social engineering
2. luring
3. Psychological Engineering
4. Reverse social engineering

3) Back Orifice is considered a(n)__________

1. Illicit Server
2. Virus
3. Worm
4. System Scanner

4) Which of the following IDS types is virtually platform independent? (Select 2)

1. Knowledge-based IDS
2. Host-based IDS
3. Network-based IDS
4. Behavior-based IDS

5) _________is used is situations where users or systems provide information as to who they are to a given network resource in an attempt to gain access to the resource.

1. Password
2. Authentication
3. Credentials
4. Identification

vital · January 2008

1) multifactor - current authentication method requires something you know, to increase an additional layer of security, additional authentication method can require something you have. With both, it would be considered multifactor
2) reverse social engineering - trying to trick an employee that you're a person of authority
3) Illicit server - back orifice opens a port
4) knowledge and behavior - all others are platform dependent
5) authentication

Sie · January 2008

3 is a little grey area for me however,

Depends if the attacker contacts the person pretends to be the IT Desk and extracts information from them this would be social engineering.

If he disrupted the network, then edited contact information for the IT Desk to his contact information so they would contact him this would be reverse social engineering.

I always understood social engineering as the attacker contacting the victim and reverse social engineering as the victim contacting the attacker.

Thou i think im now reading to much into it!!

supertechCETma · January 2008

1. token
2. social engineering
3. Illicit server
4. Knowledge-based IDS, Behavior-based IDS
5. authentication

ConstantlyLearning · January 2008

Cheers for the replies so far guys.

These are some questions I wasn't sure about from www.free-tests.com.

1) Why did you say token supertech? Why couldn't it be certificate? I think the confusion comes from the "stored key". "Password" and "stored key" gives the impression that you are already using multi-factor authentication but what is this stored key? If it's already stored on the system and you don't actually need to know it or implement it then your not really using it are you so its kind of irrelevant. Therefore I think the answer is multi-factor authentication because 1. you are only really using a password and 2. because you can't choose token or certificate because if you can choose one, you can choose the other and its not a multiple answer question!
The answer given was multi-factor.

2) So is reverse social engineering when you make a user believe you are a member of helpdesk/security etc. but not actually get any information from them?
The answer given was reverse SE.

3) Are sub7 and netbus illicit servers as well?

4) The answer given for this was network based and behaviour based which I believe to be the correct answer because knowledge based works on the idea of signatures like anti-virus software and these signatures are probably specific to certain platforms because they're are differant steps to breaking into various OS's. Not sure about that, just my thoughts.

5) The answer given for this one was actually Identification. It never mentions in the question that you were "challenged", just that you are throwing out info in the hope of being given access. So maybe that's why the answer is Identification.

I'm kinda just waffling here and giving my thoughts.

Any thoughts would be appreciated. Cheers.

sthomas · January 2008

1) I thought the answer may have been certificate as well but I could be wrong, I think the question is kinda vague.

2) I have never heard of reverse social engineering, I am pretty sure the answer is social engineering.

3) Yes Netbus and Sub7 are in the same group as Back Orifice

5) This question also seems kinda vague but I would have said athentication as well.

ConstantlyLearning · January 2008

sthomas wrote:

1) I thought the answer may have been certificate as well but I could be wrong, I think the question is kinda vague.

2) I have never heard of reverse social engineering, I am pretty sure the answer is social engineering.

3) Yes Netbus and Sub7 are in the same group as Back Orifice

5) This question also seems kinda vague but I would have said athentication as well.

I answered the same as you would have answered.

So either the answers given by free-tests.com are wrong, we're wrong or they're just really bad questions.

I might be just making up reasons why the answers given are correct to just try and make some sense of them.

Here's a thread about reverse social engineering I just found.

http://www.techexams.net/forums/viewtopic.php?t=17105

What would you answer and why?

Comments