Topic 4, Enumeration
Which of the following tools are used for enumeration? (Choose three.)
A.
SolarWinds
B.
USER2SID
C.
Cheops
D.
SID2USER
E.
DumpSec
USER2SID
SID2USER
DumpSec
Explanation: USER2SID, SID2USER, and DumpSec are three of the tools used for
system enumeration. Others are tools such as NAT and Enum. Knowing which tools are
used in each step of the hacking methodology is an important goal of the CEH exam. You
should spend a portion of your time preparing for the test practicing with the tools and
learning to understand their output.
What port number is used by LDAP protocol?
A.
110
B.
389
C.
445
D.
464
389
Explanation: Active Directory and Exchange use LDAP via TCP port 389 for clients.
Peter, a Network Administrator, has come to you looking for advice on a tool that
would help him perform SNMP enquires over the network. Which of these tools
would do the SNMP enumeration he is looking for?
Select the best answers.
A.
SNMPUtil
B.
SNScan
C.
SNMPScan
D.
Solarwinds IP Network Browser
E.
NMap
SNMPUtil
SNScan
Solarwinds IP Network Browser
Explanation: Explanations:
SNMPUtil is a SNMP enumeration utility that is a part of the Windows 2000 resource kit.
With SNMPUtil, you can retrieve all sort of valuable information through SNMP. SNScan is
a SNMP network scanner by Foundstone. It does SNMP scanning to find open SNMP
ports. Solarwinds IP Network Browser is a SNMP
enumeration tool with a graphical tree-view of the remote machine's SNMP data.
One of the most common and the best way of cracking RSA encryption is to being to
derive the two prime numbers, which are used in the RSA PKI mathematical process.
If the two numbers p and q are discovered through a _________________ process,
then the private key can be derived.
A.
Factorization
B.
Prime Detection
C.
Hashing
D.
Brute-forcing
Factorization
Explanation: In April 1994, an international cooperative group of mathematicians and
computer scientists solved a 17-year-old challenge problem, the factoring of a 129-digit
number, called RSA-129, into two primes. That is, RSA-129 =
1143816257578888676692357799761466120102182
9672124236256256184293570693524573389783059
7123563958705058989075147599290026879543541
= 34905295108476509491478496199038 98133417764638493387843990820577 times
32769132993266709549961988190834 461413177642967992942539798288533.
Se more at http://en.wikipedia.org/wiki/RSA_Factoring_Challenge
_____ is a type of symmetric-key encryption algorithm that transforms a fixed-length
block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text)
data of the same length.
A.
Bit Cipher
B.
Hash Cipher
C.
Block Cipher
D.
Stream Cipher
Block Cipher
Explanation: A block cipher is a symmetric key cipher which operates on fixed-length
groups of bits, termed blocks, with an unvarying transformation. When encrypting, a block
cipher might take a (for example) 128-bit block of plaintext as input, and output a
corresponding 128-bit block of ciphertext.
Which of the following is NOT true of cryptography?
A.
Science of protecting information by encoding it into an unreadable format
B.
Method of storing and transmitting data in a form that only those it is intended for can
read and process
C.
Most (if not all) algorithms can be broken by both technical and non-technical means
D.
An effective way of protecting sensitive information in storage but not in transit
An effective way of protecting sensitive information in storage but not in transit
Explanation: Cryptography will protect data in both storage and in transit.
Steven the hacker realizes that the network administrator of company is using
syskey to protect organization resources in the Windows 2000 Server. Syskey
independently encrypts the hashes so that physical access to the server, tapes, or
ERDs is only first step to cracking the passwords. Steven must break through the
encryption used by syskey before he can attempt to brute force dictionary attacks
on the hashes. Steven runs a program called “SysCracker” targeting the Windows
2000 Server machine in attempting to crack the hash used by Syskey. He needs to
configure the encryption level before he can launch attach.
How many bits does Syskey use for encryption?
A.
40 bit
B.
64 bit
C.
256 bit
D.
128 bit
128 bit
Explanation: SYSKEY is a utility that encrypts the hashed password information in a SAM
database using a 128-bit encryption key.
Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to
replay the cookie even while the session is valid on the server. Why do you think
this is possible?
A.
Any cookie can be replayed irrespective of the session status
B.
The scenario is invalid as a secure cookie cannot be replayed
C.
It works because encryption is performed at the network layer (layer 1 encryption)
D.
It works because encryption is performed at the application layer (single encryption key)
It works because encryption is performed at the application layer (single encryption key)
An attacker runs netcat tool to transfer a secret file between two hosts.
Machine A: netcat -1 –p 1234 < secretfile
Machine B: netcat 192.168.3.4 > 1234
He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt information before transmitting it on
the wire?
A.
Machine A: netcat -1 –p –s password 1234 < testfile
Machine B: netcat <machine A IP> 1234
B.
Machine A: netcat -1 –e magickey –p 1234 < testfile
Machine B: netcat <machine A IP> 1234
C.
Machine A: netcat -1 –p 1234 < testfile –pw password
Machine B: netcat <machine A IP> 1234 –pw password
D.
Use cryptcat instead of netcat.
Use cryptcat instead of netcat.
Explanation:
Cryptcat is the standard netcat enhanced with twofish encryption with ports for WIndows
NT, BSD and Linux. Twofish is courtesy of counterpane, and cryptix. A default netcat
installation does not contain any cryptography support
How many bits encryption does SHA-1 use?
A.
64 bits
B.
128 bits
C.
160 bits
D.
256 bits
160 bits
Explanation: SHA-1 (as well as SHA-0) produces a 160-bit digest from a message with a
maximum length of 264 - 1 bits, and is based on principles similar to those used by
Professor Ronald L. Rivest of MIT in the design of the MD4 and MD5 message digest
algorithms.
Bob is a Junior Administrator at ABC Company. He is installing the RedHat
Enterprise Linux on his machine. At installation time, he removed the “Use MD5”
options. What will be the hashing standard?
A.
MD2
B.
DES
C.
3DES
D.
RSA
DES
Explanation: crypt() will return an encrypted string using the standard Unix DES-based
encryption algorithm or alternative algorithms that may be available on the system. By
removing the “Use MD5” option Bob forces crypt() to revert to DES encryption.
What is SYSKEY # of bits used for encryption?
A.
40
B.
64
C.
128
D.
256
128
Explanation:
System Key hotfix is an optional feature which allows stronger encryption of SAM. Strong
encryption protects private account information by encrypting the password data using a
128-bit cryptographically random key, known as a password encryption key.
| Page 21 out of 64 Pages |
| Previous |