USB Dumper
Which is the following is a free tool that dumps the files from usb, copies the files and folders from the flash drive silently when connected to the pc. The user has no indication that his files are copied from his usb drive?
1,2,3
Which of the parameters describe LM Hash:
1- The maximum password length is 14 characters
2- There are no distinctions between uppercase and lowercase.
3- It's a simple algorithm, so 10,000,000 hashes can be generated per second.
Gramm-Leach-Bliley Act (GLBA)
Which regulation listed below imposes compliance obligations specifically only upon financial institutions?
HT banner grabbing using netcat
William is conducting a pen test. He issues the following command kali@root~#nc--v 172.17.19.66 8080 www.moviescope.com [172.17.19.66]8080(http-alt)open GET /HTTP/1.0
Nmap -p 1-65535 --sV -sS
Kendra wants to run an nmap scan that includes all TCP ports and uses services detection. Which of the following nmap commands should she execute?
SNMPv3
During a security audit Brenda discovers that attackers like herself were able to query information about her routers using SNMP. She also discovered that the SNMP traffic was sent in plain text through her company network management backend network. What
printer
Gordon conducted the following port scan: Nmap scan report for ocean plaza(172.17.19.66) Host s up(1.00s latency)
Not shown 992 closed ports
Port State
21/tcp open
23/tcp open
80/tcp open
443/tcp open
515/tcp open
9100/tcp open
What device was scanned?
ssh
James ran a port scan: Nmap scan report for movieplaza(172.17.19.61) Host s up(1.00s latency)
Not shown 997 closed ports
Port State
21/tcp open
23/tcp open
80/tcp open
110/tcp open
515/tcp open
1521/tcp open
3389/tcp open
Which does the scan not provide e
firewall
The security concept of separation of duties is most similar to the operation of which of the security device?
nmap
Which tool cannot be used as a web application vulnerability scanner/
John the Ripper (password cracker at the terminal)
Which of the following tools most likely generated the following output while the file was found on the system within your network during a pen-test?
Loaded2486 password hashes with 2486 different salts (bsdicrypt, BSDI crypt(4) [DES 128/128 SSE2-16])
Sal
covering tracks
Which phase of the ethical hacking methodology would a hacker seek to eliminate error messages, log files, and other items that may have been altered during the attack process?
RSA
This asymmetric cipher is based on factoring the product of two large prime number.
TLS
Which of the following is the successor of SSL?
ping scan
What does this NMAP command perform? NMAP -sn 192.168.11.200-215
white team
What term refers to an attacker conducting a penetration test?
grey hat
John is a CEH, only he uses his skills for both benign and malicious reasons at different times. What is he?
promiscuous Mode
What configuration allows a wired or wireless network interface controller to pass all traffic it received to the central processing unit (CPU), rather than passing only the frames that the controller is intended to receive?
integrity
What is assured by the use of a hash?
AV $200.000 x EF .50 = SLE $100,000
SLE $100.000 x ARO .10 = ALE $10,000
Tornado is estimated to damage 50% of a facility if it hits. The facility is worth $200.000. The probability of a tornado is once every ten years. What is the SLE and ALE?
SLE=Asset Value (AV) x Exposure Factor (EF)
How to calculate Single Loss Expectancy (SLE)
Single Loss Expectancy (SLE) x Anual Rate of Occurance (ARO) = ALE
How to determine the annual probability of loss or Annual Loss Expectancy (ALE)
protocol analyzer
An intrusion detection system (IDS) has altered the network. A possible malicious sequence of packets sent to a web server in the networks external DMZ. The packer traffic was captured by the IDS and saved to a file. What network tool can be used to deter
the internal operations of a system is only partly accessible to the tester
Grey Box Testing methodology enforces what kind of restrictions?
residual risk
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
brute force
Which method of password cracking takes the most time and effort
vulnerability scanner
Mike received a report of all the computers in the network that showed all the missing patches and the weak passwords. What type of software generates this report?
TOR
In order to have an anonymous internet surf what should be used?
SYN, SYN-ACK, ACK - FIN, ACK-FIN, ACK
What is the correct process for the TCP 3-Way Handshake connection establishment and termination?
hping3 -1 192.18.1.10
You want to conduct an ICMP scan on a remote computer using HPING3. What is the proper syntax?
tcp.port==25
You need to find and verify only SMTP traffic What filter in Wireshark will help you find this kind of traffic?
1521
What port is Oracle
1522 to 1521
Oracle listens on which ports
UDP port 1433/1434
Which port is used for Microsoft SQL?
3306
MySQL default port is
9100
What port is for Printer
TCP port 49
TACACS+ uses which port
port 514
The UDP port that has been assigned to syslog is
UDP port 137 (name services)
UDP port 138 (datagram services) TCP port 139 (session services)
NetBT uses the following TCP and UDP ports
it has few heavy security restrictions
What best describes and intranet zone
scanning and enumeration
I which phase of the ethical hacking methodology would a hacker be expected to discover available targets on a network?
grey box
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
to gather infomrtion about internal hosts used in the organizations email system
A pen test member sends an email to an address that he knows is not valid inside an organization. Why did he take this action?
...
What is being attempted with this string: root@kali
grey box
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
grey box
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
grey box
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
grey box
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
...
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
...
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
...
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?
...
Your company was hired to conduct a pen test. During the brief your learned the client wants the pen test attack to simulate a normal user who finds ways to elevate privilege and create attacks. What test does the client want?