Take Test: Exploits – 14818-1910 5/29/20, 20:47

Suman Shah 9
Home Library My Account Help

COMP623 - Digital Security - 14818 - WIN - 201910 Quizzes Take Test: Exploits ?

Take Test: Exploits

Test Information
Description
Instructions
Timed Test This test has a time limit of 40 minutes.This test will save and be submitted
automatically when the time expires.
Warnings appear when half the time, 5 minutes, 1 minute, and 30 seconds
remain.
Multiple This Test allows 2 attempts. This is attempt number 1.
Attempts
Force Once started, this test must be completed in one sitting. Do not leave the test
Completion before clicking Save and Submit.
Your answers are saved automatically.

Remaining Time: 09 minutes, 14 seconds.

Question Completion Status:

QUESTION 1 1 points Saved

Stand-alone exploits were traditionally written in which

programming language?

Java

Ruby

C#

https://my.leedsbeckett.ac.uk/webapps/assessment/take/launch.jsp?…t_id=_27649_1&course_id=_128277_1&content_id=_2700502_1&step=null Page 1 of 4
Take Test: Exploits – 14818-1910 5/29/20, 20:47

QUESTION 2 1 points Saved

Software vulnerabilities in operating systems, such as

the Microsoft Windows DCOM RPC Interface Bu!er Overrun
Vulnerability, are becoming rarer, and many more attacks are
now found in webservices and applications
True
False

QUESTION 3 1 points Saved

Who founded the Metasploit project?

Linus Torvalds
Click Save and Submit to save and submit. Click Save All Answers to save all answers.
Bruce Schneier

Ron Rivest Save All Answers Save a

HD Moore

QUESTION 4 1 points Saved

Which of the following would be a valid CVE-ID?

exploit/adobe_utilprintf

CVE-2004-0012

exploit/windows/"leformat/adobe_utilprintf

CVE-04-000012

QUESTION 5 1 points Saved

Common Vulnerabilities and Exposures (CVE) is a database

containing, which of the following:

Detailed information about zero-day exploits

Brief details and links for public vulnerabilities

https://my.leedsbeckett.ac.uk/webapps/assessment/take/launch.jsp?…_id=_27649_1&course_id=_128277_1&content_id=_2700502_1&step=null Page 2 of 4
Take Test: Exploits – 14818-1910 5/29/20, 20:47

Brief details and links for public exploits

Exploit code

QUESTION 6 1 points Saved

Which of the following will NOT provide you with working

exploit code?

SecurityFocus

Metasploit

CVE database

The Exploit DB

QUESTION 7 1 points Saved

What port does CVE-2003-0352 a!ect?

8080

135

21

80

QUESTION 8 1 points Saved

In msfconsole, what command would you use to set the attack

target to a host in the Metasploit database running a
webserver?

sevices -p 135

services -p 80 -T

services -p 80 -R

hosts -p 80

https://my.leedsbeckett.ac.uk/webapps/assessment/take/launch.jsp?…_id=_27649_1&course_id=_128277_1&content_id=_2700502_1&step=null Page 3 of 4
Take Test: Exploits – 14818-1910 5/29/20, 20:47

QUESTION 9 1 points Saved

A current organisation should NOT use Windows Server 2000

as a webserver. Why not?

There are no "xes available for Microsoft Windows DCOM

RPC Interface Bu!er Overrun Vulnerability (CVE-2003-0352)

Windows 2000 contains many security vulnerabilities such

as bu!er over#ows, which will never be "xed since it has
reached end of lifecycle

Windows 2000 was not designed to host websites

Windows should NEVER be used as a server

QUESTION 10 1 points Saved

What is a disadvantage of using Armitage's "Find Attacks"

feature?

May cause the remote system to crash: it launches attacks,

including dangerous ones

Not as thorough as a vulnerability scan: false positives and

false negatives

All of these

Causes lots of network tra$c, including log entries that

would raise suspicions

https://my.leedsbeckett.ac.uk/webapps/assessment/take/launch.jsp?…_id=_27649_1&course_id=_128277_1&content_id=_2700502_1&step=null Page 4 of 4