SANS SEC 301 MAIN EXAMINATION SETS UPDATED
QUESTIONS AND ANSWERS GRADED A+
✔✔What are two prerequisites for attacking a system remotely? (choose two)
A. You have to know the IP Address
B. You have to know the operating system and version
C. You have to know the server software and version
D. You have to know the port number you will connect to - ✔✔You have to know the IP
Address
You have to know the port number you will connect to
✔✔What is the name of the Nmap GUI?
A. Nmap
B. WinMap
C. Zenmap
D. NmapFE - ✔✔Zenmap
✔✔What is a common problem of both network and host vulnerability scanners?
A. Neither can do port scanning
B. They both give a lot of false positives
C. They both give a lot of false negatives
D. Neither can determine patch level - ✔✔They both give a lot of false positives
✔✔How does exploit software differ from a vulnerability scanner?
A. They are the same thing
B. Vulnerability scanners produce a lot of false positives
C. Exploit software exploits the target system
D. Vulnerability scanner reports are much more reliable - ✔✔Exploit software exploits
the target system
✔✔At what point in your security process do you employ penetration testing?
A. Toward the end
B. Toward the beginning
C. It does not really matter, as long as you do it
D. In the middle to check your progress - ✔✔Toward the end
✔✔What is the difference between a red team and a tiger team?
A. The tiger team has had more extensive training
,B. The red team has had more extensive training
C. These are two names for the same thing
D. Red teams are defense; tiger teams are offense - ✔✔These are two names for the
same thing
✔✔What are three common names for small applications that extend a browser's
capability? (choose 3)
A. Browser Extensions
B. Browser Cookies
C. Browser Plugins
D. Browser Add-ons - ✔✔Browser extensions, browser plugins, browser add-ons
✔✔What is the smallest text file placed on your PC by a server called?
A. Malicious
B. Browser plugins
C. Cookies
D. Java - ✔✔Cookies
✔✔How many cookie repositories are on your PC?
A. One shared by all browsers
B. Each browser has at least 2
C. One per browser installed
D. One for each type of cookie - ✔✔One per browser installed
✔✔Why was the cookie initially invented?
A. To give web communications a "form of statefulness"
B. To allow tracking of web surfing activity
C. To make shopping carts work
D. To make web communications have no statefulness - ✔✔To give web
communications a "form of statefulness"
✔✔Which of the following is one of the things your browser sends to the web server
each time you connect?
A. Username and password
B. OS and version
C. Amount of RAM installed
D. Browsers only receive information, they don't send it - ✔✔OS and version
✔✔What can a cookie contain?
, A. A small amount of text
B. Graphics
C. Java, Javascript, and ActiveX
D. They don't contain anything - ✔✔A small amount of text
✔✔Which of the following are examples of Active Content? (Choose 3)
A. Active X
B. Browser Plugins
C. Java
D. Javascript - ✔✔Active X, Java, Javascript
✔✔Which is one of the most important things to do to ensure secure coding?
A. Always write in Java
B. never remove Trapdoor function
C. Input Validation
D. Place username / password combinations in all code - ✔✔Input Validation
✔✔When hardening an OS, you disable the XYZ service. What is the next step you
should perform?
A. Find the next service you want to disable
B. Delete the service from the system entirely
C. Configure your patching software to keep the service up-to-date
D. There is nothing more you need to do - ✔✔Delete the service from the system
entirely
✔✔If you cannot disable or remove a management utility, what must you do when
hardening the OS?
A. Find a way to disable or remove the utility
B. accept the risk
C. Ensure only system administrators can use the utility - ✔✔Ensure only system
administrators can use the utility
✔✔At what point did Microsoft include automatic patch updates?
A. Starting with Windows Vista
B. Stating with Windows 2000
C. Starting with Windows 7
D. Starting with Windows XP service pack 2 - ✔✔Starting with Windows XP service
pack 2
✔✔What does WSUS server do?
QUESTIONS AND ANSWERS GRADED A+
✔✔What are two prerequisites for attacking a system remotely? (choose two)
A. You have to know the IP Address
B. You have to know the operating system and version
C. You have to know the server software and version
D. You have to know the port number you will connect to - ✔✔You have to know the IP
Address
You have to know the port number you will connect to
✔✔What is the name of the Nmap GUI?
A. Nmap
B. WinMap
C. Zenmap
D. NmapFE - ✔✔Zenmap
✔✔What is a common problem of both network and host vulnerability scanners?
A. Neither can do port scanning
B. They both give a lot of false positives
C. They both give a lot of false negatives
D. Neither can determine patch level - ✔✔They both give a lot of false positives
✔✔How does exploit software differ from a vulnerability scanner?
A. They are the same thing
B. Vulnerability scanners produce a lot of false positives
C. Exploit software exploits the target system
D. Vulnerability scanner reports are much more reliable - ✔✔Exploit software exploits
the target system
✔✔At what point in your security process do you employ penetration testing?
A. Toward the end
B. Toward the beginning
C. It does not really matter, as long as you do it
D. In the middle to check your progress - ✔✔Toward the end
✔✔What is the difference between a red team and a tiger team?
A. The tiger team has had more extensive training
,B. The red team has had more extensive training
C. These are two names for the same thing
D. Red teams are defense; tiger teams are offense - ✔✔These are two names for the
same thing
✔✔What are three common names for small applications that extend a browser's
capability? (choose 3)
A. Browser Extensions
B. Browser Cookies
C. Browser Plugins
D. Browser Add-ons - ✔✔Browser extensions, browser plugins, browser add-ons
✔✔What is the smallest text file placed on your PC by a server called?
A. Malicious
B. Browser plugins
C. Cookies
D. Java - ✔✔Cookies
✔✔How many cookie repositories are on your PC?
A. One shared by all browsers
B. Each browser has at least 2
C. One per browser installed
D. One for each type of cookie - ✔✔One per browser installed
✔✔Why was the cookie initially invented?
A. To give web communications a "form of statefulness"
B. To allow tracking of web surfing activity
C. To make shopping carts work
D. To make web communications have no statefulness - ✔✔To give web
communications a "form of statefulness"
✔✔Which of the following is one of the things your browser sends to the web server
each time you connect?
A. Username and password
B. OS and version
C. Amount of RAM installed
D. Browsers only receive information, they don't send it - ✔✔OS and version
✔✔What can a cookie contain?
, A. A small amount of text
B. Graphics
C. Java, Javascript, and ActiveX
D. They don't contain anything - ✔✔A small amount of text
✔✔Which of the following are examples of Active Content? (Choose 3)
A. Active X
B. Browser Plugins
C. Java
D. Javascript - ✔✔Active X, Java, Javascript
✔✔Which is one of the most important things to do to ensure secure coding?
A. Always write in Java
B. never remove Trapdoor function
C. Input Validation
D. Place username / password combinations in all code - ✔✔Input Validation
✔✔When hardening an OS, you disable the XYZ service. What is the next step you
should perform?
A. Find the next service you want to disable
B. Delete the service from the system entirely
C. Configure your patching software to keep the service up-to-date
D. There is nothing more you need to do - ✔✔Delete the service from the system
entirely
✔✔If you cannot disable or remove a management utility, what must you do when
hardening the OS?
A. Find a way to disable or remove the utility
B. accept the risk
C. Ensure only system administrators can use the utility - ✔✔Ensure only system
administrators can use the utility
✔✔At what point did Microsoft include automatic patch updates?
A. Starting with Windows Vista
B. Stating with Windows 2000
C. Starting with Windows 7
D. Starting with Windows XP service pack 2 - ✔✔Starting with Windows XP service
pack 2
✔✔What does WSUS server do?
