Certified Ethical Hacker TC Flashcards. Certified Ethical Hacker flash cards. QUESTIONOne way to defeat a multi level security solution is to leak data viaa covert channel. Explanation A Covert channel is a simple yet very effective mechanism for sending and receiving information data between machines without alerting any firewalls and IDSs on the network. The technique derives its stealthy nature by virtue of the fact that it sends traffic through ports that most firewalls will permit through. In addition the technique can bypass IDS by appearing to be innocuous packet carrying ordinary information when in fact it is concealing its actual data in one of the several control fields in the TCP and IP headers. QUESTIONWhich of the following is a hashing algorithm MD5. ExplanationReference MD5 is an algorithm that is used to verify data integrity through the creation of a 1. QUESTIONA company has five different subnets 1. How can NMAP be used to scan these adjacent Class C networks2014 Certified Ethical Hacker flash cards Learn with flashcards, games, and more for free. In my salad days I posted some supremely unflattering selfies. I was a photo newbie, a bearded amateur mugging for the camera. Im happy to say that the results of. A. NMAP P 1. 92. Explanation you could use nmap, which will scan these adjacent Class C networks ranges of IPs with the P option. For example Code nmap P 1. QUESTIONWhich vital role does the U. S. Computer Security Incident Response Team CSIRT provideA. Incident response services to any user, company, government agency, or organization in partnership with the Department of Homeland Security. Explanation Incident response services to any user, company, government agency, or organization in partnership with A Computer Security Incident Response Team CSIRT is a service organization that is responsible for receiving, reviewing, and responding to computer security incident reports and activity. Their services are usually performed for a defined constituency that could be a parent entity such as a corporation, governmental, oreducational organization a region or country a research network or a paid client, manager or team lead. What is the broadcast address for the subnet 1. C. 1. 90. 8. 6. 1. Explanation Address 1. Netmask 2. 55. 2. Wildcard 0. 0. 3. Network 1. 90. 8. Class BBroadcast 1. Host. Min 1. 90. Host. Max 1. 90. HostsNet 1. 02. Help. 6. QUESTIONJohn the Ripper is a technical assessment tool used to test the weakness of which of the following D. Passwords. Explanation John the Ripper is a password cracking software tool. It is one of the most popular password testing and breaking programs as it combines a number of password crackers into one package, auto detects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various UNIX versions based on DES,MD5, or Blowfish, Kerberos AFS, and Windows NT2. XP2. 00. 3 LM hash. Additional modules have extended its ability to include MD4 based password hashes and passwords stored in LDAP, My. SQL, and others. http www. MODES. shtml. 7. QUESTIONIn the software security development life cycle process, threat modeling occurs in which phase D. Implementation. Explanation. Design identify Design Requirements from security perspective Architecture Design Reviews Threat Modelinghttp resources. QUESTIONWhich of the following items of a computer system will an anti virus program scan for virusesA. Boot Sector. Explanation. A boot sector virus is one that infects the first sector, i. Boot sector viruses can also infect the MBR. The first PC virus in the wild was Brain, a boot sector virus that exhibited stealth techniques to avoid detection. QUESTIONWhich of the following conditions must be given to allow a tester to exploit a Cross Site Request Forgery CSRF vulnerable web application D. The web application should not use random tokens. Explanation. Any cross site scripting vulnerability can be used to defeat token, Double Submit cookie, referrer and origin based CSRF defenses. This is because an XSS payload can simply read any page on the site using an XMLHttp. Request and obtain the generated token from the response, and include that token with a forged request. QUESTIONA security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial out modem installed. Which security policy must the security analyst check to see if dial out modems are allowed C. Remote access policy. Explanation Remote access policy is a document which outlines and defines acceptable methods of remotely connecting to the internal network. It is essential in largeorganization where networks are geographically dispersed and extend into insecure network locations such as public networks or unmanaged home networkshttp en. Remoteaccesspolicy. QUESTION 1. 1A company is using Windows Server 2. Active Directory AD. What is the most efficient way to crack the passwords for the AD users C. Perform an attack with a rainbow table. Explanation A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a plaintext password, up to a certain length consisting of a limited set of characters. It is a practical example of a spacetime trade off, using more computer processing time at the cost of less storage when calculating a hash on every attempt, or less processing time and more storage when compared to a simple lookup table with one entry per hash. Rainbowtable. 12. When an alert rule is matched in network based IDS like snort, the IDS does which of the following B. Continues to evaluate the packet until all rules are checked. Explanation An intrusion detection system IDS is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. Networkintrusiondetectionsystem. QUESTIONAn attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key D. Chosen ciphertext attack. Explanation Explanation A chosen ciphertext attack CCA is an attack model for cryptanalysis in which the cryptanalyst gathers information, at least in part, by choosing a ciphertext and obtaining its decryption under an unknown key. In the attack, an adversary has a chance to enter one or more known ciphertexts into the system and obtain the resulting plaintexts. From these pieces of information the adversary can attempt to recover the hidden secret key used for decryption. Chosen ciphertextattack. QUESTIONLow humidity in a data center can cause which of the following problems. C. Static electricity. Explanation low humidity can cause buildup of Static electricity. Static discharge can damage data and equipment. ISC2low humidity in a data center can cause what problem1. QUESTIONWhich of the following describes a component of Public Key Infrastructure PKI where a copy of a private key is stored to provide third party access and to facilitate recovery operations D. Key escrow. Explanation Key escrow also known as a fair cryptosystem is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. QUESTIONWhich tool would be used to collect wireless packet data A. Net. Stumbler. Explanation Net. Stumbler also known as Network Stumbler is a tool for Windows that facilitates detection of Wireless LANs using the 8. WLAN standards. It runs on Microsoft Windows operating systems from Windows 2. Windows. 1. 7. QUESTIONWhich of the following processes evaluates the adherence of an organization to its stated security policy D. Security auditing. Explanation Security audit A computer security audit is a manual or systematic measurable technical assessment of a system or application. Securityaudit. 18. QUESTIONWhich of the following techniques can be used to mitigate the risk of an on site attacker from connecting to an unused network port and gaining full access to the network Choose three. A. Port Security. C. Network Admission Control NACE. Port Based Authentication. Explanation. Port security refers to the defense, law and treaty enforcement, and counterterrorism activities that fall within the port and maritime domain.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |