CREST CPSA Exam Questions and

Answers

Name all OSI layers - THE CORRECT ANSWER IS Application, Presentation, Session,

Transport, Network, Data Link, Physical.

Name all TCP/IP layers - THE CORRECT ANSWER IS Application, Transport, internet,

Network Access.

Name Four TCP head flags - THE CORRECT ANSWER IS ACK, FIN, SYN, URG, PSH,

RST

Which layer does HTTP protocl reside in the OSI model. - THE CORRECT ANSWER IS

Layer 7, Application.

Which layer does Ethernet reside in the OSI model. - THE CORRECT ANSWER IS

Layer 2, Data link.

Which Layer does IPv4 & IPv6 reside in TCP/IP model. - THE CORRECT ANSWER IS

Layer 4, transport.

RFC 1918 addresses - THE CORRECT ANSWER IS 10.0.0.0 - 10.255.255.255 (10/8

prefix)

172.16.0.0 - 172.31.255.255 (172.16/12 prefix)

192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

Name the well know, registered and dynamic port ranges. - THE CORRECT ANSWER

IS Well Known(0-1023), Registed(1024-49,151) & Dynamic(49,152-65,535)

What is an ephemeral port? - THE CORRECT ANSWER IS An ephemeral port is a

short-lived transport protocol port for Internet Protocol (IP) communications. Can be

used by both TCP & UDP.

What does IANA stand for? - THE CORRECT ANSWER IS Internet Assigned Numbers

Authority

Name 10 common ports and there protocols. - THE CORRECT ANSWER IS FTP21,

SSH22, DHCP67(C), DHCP68(S), NTP123, MYSQL3306, RDP3389, HTTP80,

HTTPS443, SMB445, KERBEROS88, CHARGEN19(UDP), DNS53, TACAS49,

WHOIS43, MSSQL1433, HIDDEN MSSQL2433.

Name five network types. - THE CORRECT ANSWER IS LAN, WAN, MAN, VLAN,

WLAN, PAN.

Name five network topologies - THE CORRECT ANSWER IS Mesh, Ring, star, Tree,

Bus.

Name five common ethernet and FDDI cable types. - THE CORRECT ANSWER IS

100Base5, 10Base2, 10BaseT, 100Base-FL, 1000Base-T.

What is WIFI the alias for? - THE CORRECT ANSWER IS IEEE 802.11

What does VLAN stand for? - THE CORRECT ANSWER IS Virtual Local Area Network

How does VLAN work? - THE CORRECT ANSWER IS Virtual Local Area Networks

(VLANs) separate an existing physical network into multiple logical networks.

Thus, each VLAN creates its own broadcast domain. Communication between two

VLANs can only occur through a router that is connected to both.

Name five common ICMP types. - THE CORRECT ANSWER IS 8-echo, 0-echo reply,

30-trace route, 5-redirect, 3-destination unreachable, 11, time execeed.

What does ICMP stand for? - THE CORRECT ANSWER IS Internet Control Message

Protocol

What does TTL stand for? - THE CORRECT ANSWER IS Time to Live

What is TTL? - THE CORRECT ANSWER IS TTL is a hop count system, and each

router decreases the TTL by 1. Upon reaching 0, the packet is dropped. This way you

don't have packets not reaching their destination and clogging the network.

OS TLL numbers? - THE CORRECT ANSWER IS 128 Windows, 64 linux, 255

solaris(kapp)

What is Traceroute - THE CORRECT ANSWER IS Traceroute is when you send a

packet with a TTL value of 1 once it reaches the first router it will die sending a ICMP

message to sender, at which point the sender can send another one with a value of 2 to

see how far it will go. By doing this we can see how many hops it will take to reach our

target. (A good way of enumeration of a network, when in a black box pen-test.)

What is ping sweep? - THE CORRECT ANSWER IS Ping sweep is just a technique that

can be used to find out which hosts are alive in a network or large number of IP

addresses.

Name Five Namp Flags. - THE CORRECT ANSWER IS (TCP SYN scan, -sS)

(Null Scan, -sN)

(Ping Scan, -sP)

(Ack Scan, -sA)

(OS dect, -O)

What are the three firewall states? - THE CORRECT ANSWER IS Open, Filtered

Dropped Blocked, Closed not listening.

What is TCP window size? - THE CORRECT ANSWER IS Window size a method of

controlling the flow of packets between two computers or network hosts. Decieded in

the tcp three way handshake.

What is encoding? - THE CORRECT ANSWER IS Encoding transforms data into

another format using a scheme that is publicly available so that it can easily be

reversed.

What is encryption? - THE CORRECT ANSWER IS scrambles information into an

alternative form that requires a key or password to decrypt the information back into its

orginial form.

What is hashing - THE CORRECT ANSWER IS Hashing serves the purpose of

ensuring integrity, i.e. making it so that if something is changed you can know that it's

changed.

What is obfuscation? - THE CORRECT ANSWER IS The purpose of obfuscation is to

make something harder to understand, usually for the purposes of making it more

difficult to attack or to copy.

What is symmetric encryption? - THE CORRECT ANSWER IS An encryption method in

which the same key is used to encrypt and decrypt the data.

What is asymmetric encryption? - THE CORRECT ANSWER IS An encryption method

in which two keys (one private, one public) are used to encrypt and decrypt a message.

Vunerable hashing algorithms - THE CORRECT ANSWER IS MD5, Sha-1, NTLM,

LanMan.

Eny Symmertric algorithms. - THE CORRECT ANSWER IS > DES

> 3DES (or Triple DES)

> RC4

> RC5

> AES (aka Rijndael)

> Blowfish

> Serpent

> Twofish

> CAST5

> IDEA