Password cracking programs reverse the hashing process to recover passwords.
(True/False.)
A.
True
B.
False
By performing a penetration test, you gained access under a user account. During the test,
you established a connection with your own machine via the SMB service and occasionally
entered your login and password in plaintext.
Which file do you have to clean to clear the password?
A.
X session-log
B.
bashrc
C.
profile
D.
bash_history
What does the –oX flag do in an Nmap scan?
A.
Perform an eXpress scan
B.
Output the results in truncated format to the screen
C.
Output the results in XML format to a file
D.
Perform an Xmas scan
DNS cache snooping is a process of determining if the specified resource address is
present in the DNS cache records. It may be useful during the examination of the network
to determine what software update resources are used, thus discovering what software is
installed.
What command is used to determine if the entry is present in DNS cache?
A.
nslookup -fullrecursive update.antivirus.com
B.
dnsnooping –rt update.antivirus.com
C.
nslookup -norecursive update.antivirus.com
D.
dns --snoop update.antivirus.com
Ethical backer jane Doe is attempting to crack the password of the head of the it
department of ABC company. She Is utilizing a rainbow table and notices upon entering a
password that extra characters are added to the password after submitting. What
countermeasure is the company using to protect against rainbow tables?
A.
Password key hashing
B.
Password salting
C.
Password hashing
D.
Account lockout
An attacker is trying to redirect the traffic of a small office. That office is using their own
mail server, DNS server and NTP server because of the importance of their job. The
attacker gain access to the DNS server and redirect the direction www.google.com to his
own IP address. Now when the employees of the office want to
go to Google they are being redirected to the attacker machine. What is the name of this
kind of attack?
A.
MAC Flooding
B.
Smurf Attack
C.
DNS spoofing
D.
ARP Poisoning
Which of the following is a low-tech way of gaining unauthorized access to systems?
A.
Social Engineering
B.
Eavesdropping
C.
Scanning
D.
Sniffing
Shellshock allowed an unauthorized user to gain access to a server. It affected many
Internet-facing services, which OS did it not directly affect?
A.
Linux
B.
Unix
C.
OS X
D.
Windows
What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?
A.
All are hacking tools developed by the legion of doom
B.
All are tools that can be used not only by hackers, but also security personnel
C.
All are DDOS tools
D.
All are tools that are only effective against Windows
E.
All are tools that are only effective against Linux
DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which
security feature on switchers leverages the DHCP snooping database to help prevent manin-
the-middle attacks?
A.
Spanning tree
B.
Dynamic ARP Inspection (DAI)
C.
Port security
D.
Layer 2 Attack Prevention Protocol (LAPP)
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless
communications. He installed a fake communication tower between two authentic
endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data
transmission between the user and real tower, attempting to hijack an active session, upon
receiving the users request. Bobby manipulated the traffic with the virtual tower and
redirected the victim to a malicious website. What is the attack performed by Bobby in the
above scenario?
A.
Wardriving
B.
KRACK attack
C.
jamming signal attack
D.
aLTEr attack
in this form of encryption algorithm, every Individual block contains 64-bit data, and three
keys are used, where each key consists of 56 bits. Which is this encryption algorithm?
A.
IDEA
B.
Triple Data Encryption standard
C.
MDS encryption algorithm
D.
AES
Page 5 out of 44 Pages |
Previous |