ITN 261 - MIDTERM REVIEW
QUESTIONS & ANSWERS 100%
CORRECT
Which of these devices would not be considered part of the Internet of Things?
Smartphone
Thermostat
Light bulb
Set-top cable box - ANSWERA. A thermostat is an embedded device without a
traditional user interface. A light bulb would have no user interface, even if it has
network capabilities. A set-top cable box would have a custom interface and not a
general-purpose one. The only device here that is a general-purpose computing
platform with a traditional user interface—screen and keyboard—is the smartphone, so
it isn't part of the IoT
If you wanted a lightweight protocol to send real-time data over, which of these would
you use?
TCP
HTTP
ICMP
UDP - ANSWERD. TCP uses a three-way handshake, which is fairly heavyweight.
HTTP uses TCP and adds more on top of it. ICMP is used for control messages. UDP
has very little overhead and is commonly used for real-time data transport.
What does pivoting on a compromised system get you?
Database access
A route to extra networks
Higher level of privileges
Persistent access - ANSWERB. Pivoting is the process of using a compromised system
to move onto other systems and networks within the target environment. Pivoting does
not get you higher-level permissions or persistent access. You may ultimately get to a
database server by pivoting, but that's not what pivoting does or is specifically used for.
It would be a nice side effect of pivoting.
If you were on a client engagement and discovered that you left an external hard drive
with essential data on it at home, which security principle would you be violating?
,Confidentiality
Integrity
Non-repudiation
Availability - ANSWERD. Confidentiality is about making sure secrets are kept secret.
Integrity makes sure that data isn't altered accidentally or by an unauthorized agent.
Non-repudiation makes sure someone can't say a message didn't originate with them if
it came from their identity. Availability means making sure data is where it needs to be
when it should be there. This includes services as well.
What would you use the program rtgen for?
Generating wordlists
Generating rainbow tables
Generating firewall rules
Persistent access - ANSWERB. The program rtgen is a program that is part of the
rcrack suite. rcrack is used to crack passwords with rainbow tables. It is used to
generate the rainbow tables that rcrack will use to crack passwords. Rainbow tables are
not wordlists but mappings of plaintext passwords to hashes, which makes it much
easier to get passwords from hashes.
What order, from bottom to top, does the TCP/IP architecture use?
Network Access, Network, Transport, Application
Link, Internet, Transport, Application
Physical, Network, Session, Application
Data Link, Internet, Transport, Application - ANSWERB. From top to bottom, the TCP/IP
architecture is Link, Internet, Transport, and Application. B is the only answer that
reflects that.
Which of these services would be considered a storage as a service solution?
Microsoft Azure
iCloud
Google Compute
DropLeaf - ANSWERB. While Microsoft Azure and Google Compute have storage
capabilities, they aren't storage as a service solutions. Drop leaf is a type of table.
Dropbox is a storage as a service solution. The only one listed here that is storage as a
solution is iCloud, which is Apple's cloud storage platform.
The UDP headers contain which of the following fields?
Source address, destination address, checksum, length
Destination port, source port, checksum, length
Flags, source port, destination port, checksum
, Length, checksum, flags, address - ANSWERB. The IP headers include addresses.
UDP headers use ports. TCP headers use flags, but UDP headers do not. The UDP
headers have the source and destination port fields along with checksum and length.
What are the three steps in the TCP handshake as described by the flags set?
SYN, SYN/URG, RST
RST, SYN, ACK
SYN, SYN/ACK, ACK
SYN, SYN/ACK, ACK/URG - ANSWERC. The three-way handshake is used to
establish a connection. The first message has the SYN flag set and includes the
sequence number. The response from the server has the ACK flag set for the SYN
message that was sent from the client. The acknowledgment number is set.
Additionally, in the same message, the server sends its own SYN flag and sequence
number. The client then responds with an ACK message. So, the sequence is SYN,
SYN/ACK, and ACK.
Which of these protocols would be used to communicate with an IoT device?
ICMP
SMTP
Telnet
HTTP - ANSWERD. While ICMP may be used as part of passing control messages in
case of errors in the network, it wouldn't be used between the IoT device and a server.
SMTP is an email protocol that also wouldn't be used. Telnet is a cleartext protocol used
to gain command-line access to a system. HTTP would commonly be used to pass
messages between a controlling server and an IoT device.
Which network topology are you most likely to run across in a large enterprise network?
Ring topology
Bus topology
Full mesh
Star-bus hybrid - ANSWERD. Ring networks were once common but are much less so
now. You may find a ring network in a service provider network today. A bus topology is
best suited for a smaller network. Full mesh isn't a very common topology, in part
because of the expense and complexity it brings. A star-bus hybrid would be common.
An enterprise would use multiple switches that were all connected to one another over a
bus, while all the endpoints would connect to the switch in a star topology.
If you were to see the subnet mask 255.255.252.0, what CIDR notation (prefix) would
you use to indicate the same thing?
/23
/22
/21
QUESTIONS & ANSWERS 100%
CORRECT
Which of these devices would not be considered part of the Internet of Things?
Smartphone
Thermostat
Light bulb
Set-top cable box - ANSWERA. A thermostat is an embedded device without a
traditional user interface. A light bulb would have no user interface, even if it has
network capabilities. A set-top cable box would have a custom interface and not a
general-purpose one. The only device here that is a general-purpose computing
platform with a traditional user interface—screen and keyboard—is the smartphone, so
it isn't part of the IoT
If you wanted a lightweight protocol to send real-time data over, which of these would
you use?
TCP
HTTP
ICMP
UDP - ANSWERD. TCP uses a three-way handshake, which is fairly heavyweight.
HTTP uses TCP and adds more on top of it. ICMP is used for control messages. UDP
has very little overhead and is commonly used for real-time data transport.
What does pivoting on a compromised system get you?
Database access
A route to extra networks
Higher level of privileges
Persistent access - ANSWERB. Pivoting is the process of using a compromised system
to move onto other systems and networks within the target environment. Pivoting does
not get you higher-level permissions or persistent access. You may ultimately get to a
database server by pivoting, but that's not what pivoting does or is specifically used for.
It would be a nice side effect of pivoting.
If you were on a client engagement and discovered that you left an external hard drive
with essential data on it at home, which security principle would you be violating?
,Confidentiality
Integrity
Non-repudiation
Availability - ANSWERD. Confidentiality is about making sure secrets are kept secret.
Integrity makes sure that data isn't altered accidentally or by an unauthorized agent.
Non-repudiation makes sure someone can't say a message didn't originate with them if
it came from their identity. Availability means making sure data is where it needs to be
when it should be there. This includes services as well.
What would you use the program rtgen for?
Generating wordlists
Generating rainbow tables
Generating firewall rules
Persistent access - ANSWERB. The program rtgen is a program that is part of the
rcrack suite. rcrack is used to crack passwords with rainbow tables. It is used to
generate the rainbow tables that rcrack will use to crack passwords. Rainbow tables are
not wordlists but mappings of plaintext passwords to hashes, which makes it much
easier to get passwords from hashes.
What order, from bottom to top, does the TCP/IP architecture use?
Network Access, Network, Transport, Application
Link, Internet, Transport, Application
Physical, Network, Session, Application
Data Link, Internet, Transport, Application - ANSWERB. From top to bottom, the TCP/IP
architecture is Link, Internet, Transport, and Application. B is the only answer that
reflects that.
Which of these services would be considered a storage as a service solution?
Microsoft Azure
iCloud
Google Compute
DropLeaf - ANSWERB. While Microsoft Azure and Google Compute have storage
capabilities, they aren't storage as a service solutions. Drop leaf is a type of table.
Dropbox is a storage as a service solution. The only one listed here that is storage as a
solution is iCloud, which is Apple's cloud storage platform.
The UDP headers contain which of the following fields?
Source address, destination address, checksum, length
Destination port, source port, checksum, length
Flags, source port, destination port, checksum
, Length, checksum, flags, address - ANSWERB. The IP headers include addresses.
UDP headers use ports. TCP headers use flags, but UDP headers do not. The UDP
headers have the source and destination port fields along with checksum and length.
What are the three steps in the TCP handshake as described by the flags set?
SYN, SYN/URG, RST
RST, SYN, ACK
SYN, SYN/ACK, ACK
SYN, SYN/ACK, ACK/URG - ANSWERC. The three-way handshake is used to
establish a connection. The first message has the SYN flag set and includes the
sequence number. The response from the server has the ACK flag set for the SYN
message that was sent from the client. The acknowledgment number is set.
Additionally, in the same message, the server sends its own SYN flag and sequence
number. The client then responds with an ACK message. So, the sequence is SYN,
SYN/ACK, and ACK.
Which of these protocols would be used to communicate with an IoT device?
ICMP
SMTP
Telnet
HTTP - ANSWERD. While ICMP may be used as part of passing control messages in
case of errors in the network, it wouldn't be used between the IoT device and a server.
SMTP is an email protocol that also wouldn't be used. Telnet is a cleartext protocol used
to gain command-line access to a system. HTTP would commonly be used to pass
messages between a controlling server and an IoT device.
Which network topology are you most likely to run across in a large enterprise network?
Ring topology
Bus topology
Full mesh
Star-bus hybrid - ANSWERD. Ring networks were once common but are much less so
now. You may find a ring network in a service provider network today. A bus topology is
best suited for a smaller network. Full mesh isn't a very common topology, in part
because of the expense and complexity it brings. A star-bus hybrid would be common.
An enterprise would use multiple switches that were all connected to one another over a
bus, while all the endpoints would connect to the switch in a star topology.
If you were to see the subnet mask 255.255.252.0, what CIDR notation (prefix) would
you use to indicate the same thing?
/23
/22
/21
