what is the port to block first in case you are suspicious that an loT device has been compromised?
A.
22
B.
443
C.
48101
D.
80
443
Explanation: You can perceive Port 443 as an online browsing port wont to secure
browser communication or HTTPS services.
It will offer coding and transport over secure ports. Thus, the information you transfer
across such connections are extremely proof against third-party eavesdropping and
interruption.
Moreover, the identity of the server that you just connect remotely may be documented
confidently.
Once the association is established, internet browsers can show signs sort of a padlock,
Associate in Nursing unbroken key, etc. within the standing region of your window,
informing you regarding the secured connections.
Though Port 443 is that the commonplace port for HTTPS traffic, HTTPS port 443 also can
support HTTP sites. just in case the positioning uses HTTPS however is unable to load
over port 443, port eighty that handles all unencrypted HTTP internet traffic can step in to
load the HTTPS-enabled web site.
You have successfully comprised a server having an IP address of 10.10.0.5. You would
like to enumerate all machines in the same network quickly.
What is the best Nmap command you will use? A. nmap -T4 -q 10.10.0.0/24
B. nmap -T4 -F 10.10.0.0/24 C. nmap -T4 -r 10.10.1.0/24 D. nmap -T4 -O 10.10.0.0/24
Answer: B
Which results will be returned with the following Google search query? site:target.com – site:Marketing.target.com accounting
A.
Results from matches on the site marketing.target.com that are in the domain
target.com but do not include the word accounting.
B.
Results matching all words in the query.
C.
Results for matches on target.com and Marketing.target.com that include the word “accounting”
D.
Results matching “accounting” in domain target.com but not on the site
Marketing.target.com
Results matching “accounting” in domain target.com but not on the site
Marketing.target.com
What is the algorithm used by LM for Windows2000 SAM?
A.
MD4
B.
DES
C.
SHA
D.
SSL
DES
Morris, a professional hacker, performed a vulnerability scan on a target organization by
sniffing the traffic on the network lo identify the active systems, network services,
applications, and vulnerabilities. He also obtained the list of the users who are currently
accessing the network. What is the type of vulnerability assessment that Morris performed
on the target organization?
A.
internal assessment
B.
Passive assessment
C.
External assessment
D.
Credentialed assessment
Credentialed assessment
This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-2S6. MMAC-SHA384, and
ECDSA using a 384-bit elliptic curve. Which is this wireless security protocol?
A.
WPA2 Personal
B.
WPA3-Personal
C.
WPA2-Enterprise
D.
WPA3-Enterprise
WPA3-Enterprise
Explanation: Enterprise, governments, and financial institutions have greater security with
WPA3-Enterprise. WPA3-Enterprise builds upon WPA2 and ensures the consistent
application of security protocol across the network.WPA3-Enterprise also offers an optional
mode using 192-bit minimum-strength security protocols and cryptographic tools to raised
protect sensitive data:• Authenticated encryption: 256-bit Galois/Counter Mode Protocol
(GCMP-256)• Key derivation and confirmation: 384-bit Hashed Message Authentication
Mode (HMAC) with Secure Hash Algorithm (HMAC-SHA384)• Key establishment and
authentication: Elliptic Curve Diffie-Hellman (ECDH) exchange and Elliptic Curve Digital
Signature Algorithm (ECDSA) employing a 384-bit elliptic curve• Robust management
frame protection: 256-bit Broadcast/Multicast Integrity Protocol Galois Message
Authentication Code (BIP-GMAC-256)The 192-bit security mode offered by WPA3-
Enterprise ensures the proper combination of cryptographic tools are used and sets a
uniform baseline of security within a WPA3 network.
what firewall evasion scanning technique make use of a zombie system that has low network activity as well as its fragment identification numbers?
A.
Decoy scanning
B.
Packet fragmentation scanning
C.
Spoof source address scanning
D.
Idle scanning
Idle scanning
Explanation: The idle scan could be a communications protocol port scan technique that
consists of causing spoofed packets to a pc to seek out out what services square measure
obtainable. this can be accomplished by impersonating another pc whose network traffic is
extremely slow or nonexistent (that is, not transmission or receiving information). this might
be associate idle pc, known as a “zombie”.
This action are often done through common code network utilities like nmap and hping. The
SQL injection (SOU) attacks attempt to inject SOL syntax into web requests, which may
Bypass authentication and allow attackers to access and/or modify data attached to a web
application.
Which of the following SQLI types leverages a database server's ability to make DNS requests to pass data to an attacker?
A.
Union-based SQLI
B.
Out-of-band SQLI
C.
ln-band SQLI
D.
Time-based blind SQLI
Union-based SQLI
in the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in?
A.
3.0-6.9
B.
40-6.0
C.
4.0-6.9
D.
3.9-6.9
4.0-6.9
You are a penetration tester tasked with testing the wireless network of your client
Brakeme SA. You are attempting to break into the wireless network with the SSID
"Brakeme-lnternal." You realize that this network uses WPA3 encryption, which of the
following vulnerabilities is the promising to exploit?
A.
Dragonblood
B.
Cross-site request forgery
C.
Key reinstallation attack
D.
AP Myconfiguration
Dragonblood
Explanation: Dragonblood allows an attacker in range of a password-protected Wi-Fi
network to get the password and gain access to sensitive information like user credentials,
emails and mastercard numbers. consistent with the published report:“The WPA3
certification aims to secure Wi-Fi networks, and provides several advantages over its
predecessor WPA2, like protection against offline dictionary attacks and forward secrecy.
Unfortunately, we show that WPA3 is suffering from several design flaws, and analyze
these flaws both theoretically and practically. Most prominently, we show that WPA3’s
Simultaneous Authentication of Equals (SAE) handshake, commonly referred to as
Dragonfly, is suffering from password partitioning attacks.”Our Wi-Fi researchers at
WatchGuard are educating businesses globally that WPA3 alone won’t stop the Wi-Fi
hacks that allow attackers to steal information over the air (learn more in our recent blog
post on the topic). These Dragonblood vulnerabilities impact alittle amount of devices that
were released with WPA3 support, and makers are currently making patches available. one
among the most important takeaways for businesses of all sizes is to know that a long-term
fix might not be technically feasible for devices with lightweight processing capabilities like
IoT and embedded systems. Businesses got to consider adding products that enable a
Trusted Wireless Environment for all kinds of devices and users alike.Recognizing that
vulnerabilities like KRACK and Dragonblood require attackers to initiate these attacks by
bringing an “Evil Twin” Access Point or a Rogue Access Point into a Wi-Fi environment,
we’ve been that specialize in developing Wi-Fi security solutions that neutralize these
threats in order that these attacks can never occur. The Trusted Wireless Environment
framework protects against the “Evil Twin” Access Point and Rogue Access Point. one
among these hacks is required to initiate the 2 downgrade or side-channel attacks
referenced in Dragonblood.What’s next? WPA3 is an improvement over WPA2 Wi-Fi
encryption protocol, however, as we predicted, it still doesn’t provide protection from the six
known Wi-Fi threat categories. It’s highly likely that we’ll see more WPA3 vulnerabilities
announced within the near future.To help reduce Wi-Fi vulnerabilities, we’re asking all of
you to hitch the Trusted Wireless Environment movement and advocate for a worldwide
security standard for Wi-Fi.
You just set up a security system in your network. In what kind of system would you find
the following string of characters used as a rule within its configuration? alert tcp any any ->
192.168.100.0/24 21 (msg: ““FTP on the network!””;)
A.
A firewall IPTable
B.
FTP Server rule
C.
A Router IPTable
D.
An Intrusion Detection System
An Intrusion Detection System
When discussing passwords, what is considered a brute force attack?
A.
You attempt every single possibility until you exhaust all possible combinations or discover the password
B.
You threaten to use the rubber hose on someone unless they reveal their password
C.
You load a dictionary of words into your cracking program
D.
You create hashes of a large number of words and compare it with the encrypted passwords
E.
You wait until the password expires
You attempt every single possibility until you exhaust all possible combinations or discover the password
| Page 11 out of 44 Pages |
| Previous |