OSP201 SU24 Questions and Answers 2024
221. Which tool is generally not used to decrypt and test passwords?
a. RainbowCrack
b. Nessus®
c. Hydra
d. John the Ripper ** Answ** b
222. You want to list open files, focusing the output on network-related processes and
organizing the connections by service. Which command can you use?
a. lsof -ni
b. netstat -atun
c. netstat -r
d. netstat -t ** Answ** a
223. Which command uses the ping command to display a list of active systems on a
network?
a. nmap -sP 10.0.0.0/8
b. nmap 192.168.0.1-3
c. nmap 192.168.0.0/24
d. nmap -sO 192.168.0.3 ** Answ** a
224. Of the following virtualization solutions, which one runs Linux systems only as
guests?
a. Kernel-based Virtual Machine (KVM)
b. Microsoft Virtual Server
c. VMware
d. Virtualbox, open source edition ** Answ** b
225. Which of the following is a valid reason to use a Live CD on a suspected
compromised system?
a. The live CD can restore the system back to its original state before the compromise.
b. The Live CD can trick the black-hat hacker into exploiting the Live CD instead of the
production system.
c. The Live CD can be used for forensic analysis.
d. This Live CD can temporarily replace the compromised system while a restore is
being performed ** Answ** c
226. Which of the following commands is used to transfer data over an SSH connection
in encrypted format?
,a. dd -encrypt
b. rsync -e ssh
c. cp -e ssh
d. dump /dev/sda ** Answ** b
227. Which of the following do you need to work with an encrypted filesystem during a
digital forensic investigation?
a. lvm2
b. cryptsetup
c. Both A and B
d. Neither A nor B ** Answ** c
228. Which instrument documents where evidence came from, how that evidence was
duplicated, and the methods used to analyze that evidence?
a. Evidence log
b. Evidence access documentation
c. Chain of access
d. Chain of custody ** Answ** d
229. Which command creates a bit-by-bit duplicate of an original disk?
a. dd
b. rr
c. mount
d. async ** Answ** a
230. What is a drawback of the rsync command for backing up files?
a. It does not include free space in a disk or partition in the backup.
b. Efficiency.
c. It transmits data in clear text.
d. None of the above. ** Answ** c
231. What is one of the first steps in incident response?
a. Identify compromised systems.
b. Confirm the breach.
c. Have gold replace system in place.
d. Report to senior management ** Answ** b
232. Which command does not include free space in the duplication process?
a. dd
,b. dd_rescue
c. icat
d. rsync ** Answ** d
233. You want to see which users are currently logged into a system including
information on the process currently being executed by the logged-in user. Which
command can you use?
a. w
b. who
c. utmpdump /var/log/wtmp
d. users ** Answ** a
234. You want to find executable files in user directories. Which command is the best
choice?
a. find
b. where
c. ls
d. strace ** Answ** a
235. You are performing computer forensics and need to review data currently in RAM.
What do you do to ensure you don't lose or modify the RAM data?
a. Shut down the computer and then restart it when connected to a network segment.
b. Use a forensics kit such as Helix Knoppix.
c. Use the xcopy command.
d. Use the dd command. ** Answ** b
236. You are performing computer forensics. You just transferred data from the victim's
hard disk to a forensic system. What is the next step you should perform?
a. Wipe the victim's hard disk.
b. Reboot the forensic system.
c. Create a checksum file.
d. None of the above ** Answ** c
237. What is the best description of a functional bug?
a. A flaw in software that prevents part of a program from running properly
b. A security threat
c. A bug that promotes the functioning of a program
d. None of the above ** Answ** a
238. Which command upgrades rather than installs a Linux distribution?
, a. apt-get install
b. apt-get dist-upgrade
c. apt-get update
d. apt-get dist-fresh ** Answ** b
239. Which software, when available, should allow you to configure Linux as a domain
controller on a Microsoft Active Directory network?
a. Enhanced Squid
b. Apache 4.0
c. Samba 4.0
d. NFS 4.0 ** Answ** c
240. What is Content Scramble System (CSS) associated with?
a. Web page design
b. Web page security
c. Content filtering
d. Digital rights management ** Answ** d
241. Where is the best place to report bugs you encounter in open source software?
a. Bug reporting site
b. The developers themselves
c. The store where you purchased the software media
d. User forums ** Answ** a
242. What is the name of the emerging firewall that is expected to replace iptables?
a. nttables
b. nftables
c. Linux Firewall
d. Hot Armor ** Answ** b
201. Which of the following is not an Ubuntu repository?
a. OpenSource
b. Restricted
c. Universe
d. Multiverse ** Answ** a
202. What is Anaconda?
a. A Linux desktop
b. A Linux installation program
c. A Web browser
221. Which tool is generally not used to decrypt and test passwords?
a. RainbowCrack
b. Nessus®
c. Hydra
d. John the Ripper ** Answ** b
222. You want to list open files, focusing the output on network-related processes and
organizing the connections by service. Which command can you use?
a. lsof -ni
b. netstat -atun
c. netstat -r
d. netstat -t ** Answ** a
223. Which command uses the ping command to display a list of active systems on a
network?
a. nmap -sP 10.0.0.0/8
b. nmap 192.168.0.1-3
c. nmap 192.168.0.0/24
d. nmap -sO 192.168.0.3 ** Answ** a
224. Of the following virtualization solutions, which one runs Linux systems only as
guests?
a. Kernel-based Virtual Machine (KVM)
b. Microsoft Virtual Server
c. VMware
d. Virtualbox, open source edition ** Answ** b
225. Which of the following is a valid reason to use a Live CD on a suspected
compromised system?
a. The live CD can restore the system back to its original state before the compromise.
b. The Live CD can trick the black-hat hacker into exploiting the Live CD instead of the
production system.
c. The Live CD can be used for forensic analysis.
d. This Live CD can temporarily replace the compromised system while a restore is
being performed ** Answ** c
226. Which of the following commands is used to transfer data over an SSH connection
in encrypted format?
,a. dd -encrypt
b. rsync -e ssh
c. cp -e ssh
d. dump /dev/sda ** Answ** b
227. Which of the following do you need to work with an encrypted filesystem during a
digital forensic investigation?
a. lvm2
b. cryptsetup
c. Both A and B
d. Neither A nor B ** Answ** c
228. Which instrument documents where evidence came from, how that evidence was
duplicated, and the methods used to analyze that evidence?
a. Evidence log
b. Evidence access documentation
c. Chain of access
d. Chain of custody ** Answ** d
229. Which command creates a bit-by-bit duplicate of an original disk?
a. dd
b. rr
c. mount
d. async ** Answ** a
230. What is a drawback of the rsync command for backing up files?
a. It does not include free space in a disk or partition in the backup.
b. Efficiency.
c. It transmits data in clear text.
d. None of the above. ** Answ** c
231. What is one of the first steps in incident response?
a. Identify compromised systems.
b. Confirm the breach.
c. Have gold replace system in place.
d. Report to senior management ** Answ** b
232. Which command does not include free space in the duplication process?
a. dd
,b. dd_rescue
c. icat
d. rsync ** Answ** d
233. You want to see which users are currently logged into a system including
information on the process currently being executed by the logged-in user. Which
command can you use?
a. w
b. who
c. utmpdump /var/log/wtmp
d. users ** Answ** a
234. You want to find executable files in user directories. Which command is the best
choice?
a. find
b. where
c. ls
d. strace ** Answ** a
235. You are performing computer forensics and need to review data currently in RAM.
What do you do to ensure you don't lose or modify the RAM data?
a. Shut down the computer and then restart it when connected to a network segment.
b. Use a forensics kit such as Helix Knoppix.
c. Use the xcopy command.
d. Use the dd command. ** Answ** b
236. You are performing computer forensics. You just transferred data from the victim's
hard disk to a forensic system. What is the next step you should perform?
a. Wipe the victim's hard disk.
b. Reboot the forensic system.
c. Create a checksum file.
d. None of the above ** Answ** c
237. What is the best description of a functional bug?
a. A flaw in software that prevents part of a program from running properly
b. A security threat
c. A bug that promotes the functioning of a program
d. None of the above ** Answ** a
238. Which command upgrades rather than installs a Linux distribution?
, a. apt-get install
b. apt-get dist-upgrade
c. apt-get update
d. apt-get dist-fresh ** Answ** b
239. Which software, when available, should allow you to configure Linux as a domain
controller on a Microsoft Active Directory network?
a. Enhanced Squid
b. Apache 4.0
c. Samba 4.0
d. NFS 4.0 ** Answ** c
240. What is Content Scramble System (CSS) associated with?
a. Web page design
b. Web page security
c. Content filtering
d. Digital rights management ** Answ** d
241. Where is the best place to report bugs you encounter in open source software?
a. Bug reporting site
b. The developers themselves
c. The store where you purchased the software media
d. User forums ** Answ** a
242. What is the name of the emerging firewall that is expected to replace iptables?
a. nttables
b. nftables
c. Linux Firewall
d. Hot Armor ** Answ** b
201. Which of the following is not an Ubuntu repository?
a. OpenSource
b. Restricted
c. Universe
d. Multiverse ** Answ** a
202. What is Anaconda?
a. A Linux desktop
b. A Linux installation program
c. A Web browser
