Chapter 8: Microsoft Operating System Vulnerability

MIS 4600/MBA 5880
Ethical Hacking & Network Defense

Chapter 8: Microsoft Operating System Vulnerability

Review Questions

1. Which of the following is true about using multiple tools for vulnerability test and assessment? (Choose all that apply)

a)Test results obtained using one tool/method may not be accurate

b)Unless the tool/method was created by the OS developer it cannot identify and report vulnerabilities accurately

c)Test results obtained using one tool/method need to be verified using another tool/method

d)All of the above

1. MBSA is developed to help with which of the following? (Choose all that apply)

a)Finding configuration errors in a Microsoft system.

b)Putting malware-infected files in quarantine to make a Microsoft system safe

c)Finding missing patches in a Microsoft system

d)Finding blank or weak passwords in a Microsoft system

1. When MBSA is used to scan a system, which of the following cannot be checked?

a)Whether security updates for Microsoft OS and any other OS installed on the machine are missing.

b)Whether security updates for the Microsoft OS, services like Internet Information Service, and applications like Internet Explorer are missing.

c)All of the above

1. You want to use MBSA to locally scan a computer system that has a Microsoft OS installed. You cannot do it if the computer has which of the following OS installed?

a)Windows XP

b)Windows Server 2003

c)Windows 98

d)Windows 2000

e)Windows NT

1. You tried to use MBSA to scan a computer for possible IE vulnerabilities, but the scanning didn’t work. Which of the following may be a reason?

a)The target computer has Internet Explorer 5.01 installed

b)The target computer has Internet Explorer 4.00 installed

c)The target computer has Internet Explorer 7.00 installed

d)None of the above

1. Which of the following is true about using MBSA? (Choose all that apply)

a)You can use MBSA from the command-line

b)Using the GUI interface gives the tester more control over the scans.

c)You can use MBSA from the GUI window

d)All of the above

7. / You do not have to be the Administrator on the scanned machine to perform the scan / T / F
8. / When using the command-line to perform a scan of a remote machine, you must specify your own credentials in the command. / T / F
9. / When using the command-line to perform a scan of a remote machine, you must specify the remote machine administrator’s credentials in the command. / T / F

1. Winfingerprint is an administrative tool that can be used to scan network resources and determine possible vulnerabilities. Which of the following is true about Winfingerprint?

a)It can be used to gather information without any logon credentials.

b)It works, in part, because many organizations fail to disable null sessions.

c)It can detect NetBIOS shares, disk information and services, as well as null sessions.

d)All of the above

1. Which of the following defines a remote procedure call or RPC?

a)It is when a program calls another program or function.

b)It is when a user on a local machine uses a procedure to connect to a remote machine.

c)It is a communication mechanism that allows a program running on one machine to run code on a remote machine.

d)None of the above

1. Explain why RPC could pose a security treat.

Read the NetBIOS Basics section in the course textbook (pages 115-116 and page 176) could help answer the following 7questions.

13. / NetBIOS is a feature implemented in Microsoft systems that allow computers to communicate across a LAN / T / F
14. / NetBIOS refers to the location of network resources like computers and user accounts. / T / F
15. / A computer’s NetBIOS name could be up to 15-character long and one special character. / T / F
16. / The special character added to a NetBIOS name is referred to as a prefix. / T / F
17. / You can gather NetBIOS information like usernames and shared files/folders names through a null session. / T / F

1. Imagine that the SALESREP computer is running the server service, meaning it is configured to share resources like printers or files. Which of the following would be it full NetBIOS name as found by an enumeration scan?

a)SALESREP<03>

b)SALESREP<20>

c)SALESREP<1C>

d)None of the above

1. Which of the following is true about NetBIOS and NetBIOS over TCP/IP?

a)Older versions of Windows use NetBIOS as a mean of sharing files.

b)Newer versions of Windows like Vista and Windows 7 can share resources without using NetBIOS.

c)In newer versions of Windows like Windows 7, NetBIOS is still used.

d)All of the above

1. Server Message Block or SMB is a technology that runs on top of NetBIOS and TCP/IP to allow older versions of Windows to share files. Which protocol is implemented in newer version of Windows like Windows 2000, Windows XP, and Windows Server 2003 to replace SMB?

a)TCP/IP

b)SMB/IP

c)NetBEUI.

d)None of the above

1. With Common Internet File System, folders can be shared with share-level security or user-level security. Which is more secure? Explain.

22. / CIFS allows for anonymous, as well as authenticated access to files over a network. / T / F

1. What is Samba?

a)The Macintosh proprietary system that allows Mac systems to access share resources on Windows systems.

b)A Brazilian operating system.

c)An open-source implementation of CIFS that allows Linux and UNIX servers to share resources with Windows-based clients.

d)All of the above

24. / Most versions of Mac computer come with Samba already installed / T / F

Ch7ReviewQuestions.doc1/3