Password cracking programs reverse the hashing process to recover passwords.
(True/False.)
A.
True
B.
False
False
By performing a penetration test, you gained access under a user account. During the test,
you established a connection with your own machine via the SMB service and occasionally
entered your login and password in plaintext.
Which file do you have to clean to clear the password?
A.
X session-log
B.
bashrc
C.
profile
D.
bash_history
X session-log
Explanation: If you would like to seek out more information a few problem during a
session or want to repair it, consult the system log, which stores log data for your user
session and applications.The ~/.xsession-errors X session log file has been deprecated
and is not any longer used.On systemd-based systems, you’ll find the session log data
within the systemd journal, which stores the info during a binary format. to look at the logs,
use the journalctl command.To view your user session logs:1. Determine your user ID (uid)
by running the subsequent command:2. $ id –user10003. View the journal logs for the user
ID determined above:$ journalctl _UID=1000For more information on the systemd journal,
see the journalctl(1) man page
What does the –oX flag do in an Nmap scan?
A.
Perform an eXpress scan
B.
Output the results in truncated format to the screen
C.
Output the results in XML format to a file
D.
Perform an Xmas scan
Output the results in XML format to a file
DNS cache snooping is a process of determining if the specified resource address is
present in the DNS cache records. It may be useful during the examination of the network
to determine what software update resources are used, thus discovering what software is
installed.
What command is used to determine if the entry is present in DNS cache?
A.
nslookup -fullrecursive update.antivirus.com
B.
dnsnooping –rt update.antivirus.com
C.
nslookup -norecursive update.antivirus.com
D.
dns --snoop update.antivirus.com
nslookup -norecursive update.antivirus.com
Ethical backer jane Doe is attempting to crack the password of the head of the it
department of ABC company. She Is utilizing a rainbow table and notices upon entering a
password that extra characters are added to the password after submitting. What
countermeasure is the company using to protect against rainbow tables?
A.
Password key hashing
B.
Password salting
C.
Password hashing
D.
Account lockout
Password salting
Explanation: Passwords are usually delineated as “hashed and salted”. salting is simply
the addition of a unique, random string of characters renowned solely to the site to every
parole before it’s hashed, typically this “salt” is placed in front of each password.
The salt value needs to be hold on by the site, which means typically sites use the same
salt for each parole. This makes it less effective than if individual salts are used.
The use of unique salts means that common passwords shared by multiple users – like
“123456” or “password” – aren’t revealed revealed when one such hashed password is
known – because despite the passwords being the same the immediately and hashed
values are not.
Large salts also protect against certain methods of attack on hashes, including rainbow
tables or logs of hashed passwords previously broken.
Both hashing and salting may be repeated more than once to increase the issue in
breaking the security.
An attacker is trying to redirect the traffic of a small office. That office is using their own
mail server, DNS server and NTP server because of the importance of their job. The
attacker gain access to the DNS server and redirect the direction www.google.com to his
own IP address. Now when the employees of the office want to
go to Google they are being redirected to the attacker machine. What is the name of this
kind of attack?
A.
MAC Flooding
B.
Smurf Attack
C.
DNS spoofing
D.
ARP Poisoning
DNS spoofing
Which of the following is a low-tech way of gaining unauthorized access to systems?
A.
Social Engineering
B.
Eavesdropping
C.
Scanning
D.
Sniffing
Social Engineering
Shellshock allowed an unauthorized user to gain access to a server. It affected many
Internet-facing services, which OS did it not directly affect?
A.
Linux
B.
Unix
C.
OS X
D.
Windows
Windows
What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?
A.
All are hacking tools developed by the legion of doom
B.
All are tools that can be used not only by hackers, but also security personnel
C.
All are DDOS tools
D.
All are tools that are only effective against Windows
E.
All are tools that are only effective against Linux
All are DDOS tools
DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which
security feature on switchers leverages the DHCP snooping database to help prevent manin-
the-middle attacks?
A.
Spanning tree
B.
Dynamic ARP Inspection (DAI)
C.
Port security
D.
Layer 2 Attack Prevention Protocol (LAPP)
Dynamic ARP Inspection (DAI)
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless
communications. He installed a fake communication tower between two authentic
endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data
transmission between the user and real tower, attempting to hijack an active session, upon
receiving the users request. Bobby manipulated the traffic with the virtual tower and
redirected the victim to a malicious website. What is the attack performed by Bobby in the
above scenario?
A.
Wardriving
B.
KRACK attack
C.
jamming signal attack
D.
aLTEr attack
KRACK attack
Explanation: We discovered serious weaknesses in WPA2, a protocol that secures all
trendy protected Wi-Fi networks. an attacker within range of a victim will exploit these
weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers will use this
novel attack technique to scan info that was previously assumed to be safely encrypted.
this will be abused to steal sensitive info like mastercard numbers, passwords, chat
messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi
networks. depending on the network configuration, it’s additionally doable to inject and
manipulate information. as an example, an attacker can be ready to inject ransomware or
alternative malware into websites.The weaknesses are within the Wi-Fi standard itself, and
not in individual products or implementations. Therefore, any correct implementation of
WPA2 is likely affected. to forestall the attack, users should update affected products as
soon as security updates become offered. Note that if your device supports Wi-Fi, it’s most
likely affected. during our initial analysis, we have a tendency to discovered ourselves that
android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, area unit all
affected by some variant of the attacks. For more info about specific products, consult the
info of CERT/CC, or contact your merchant.The analysis behind the attack are presented at
the pc and Communications Security (CCS) conference, and at the Black Hat Europe
conference. Our detailed analysis paper will already be downloaded.Update October 2018:
we’ve a follow-up paper wherever we generalize attacks, analyze additional handshakes,
bypass Wi-Fi’s official defense, audit patches, and enhance attacks using implementationspecific
bugs.
DEMONSTRATIONAs a proof-of-concept we have a tendency to executed a key
in this form of encryption algorithm, every Individual block contains 64-bit data, and three
keys are used, where each key consists of 56 bits. Which is this encryption algorithm?
A.
IDEA
B.
Triple Data Encryption standard
C.
MDS encryption algorithm
D.
AES
Triple Data Encryption standard
Explanation:
Triple DES is another mode of DES operation. It takes three 64-bit keys, for an overall key
length of 192 bits. In Stealth, you merely type within the entire 192-bit (24 character) key
instead of entering each of the three keys individually. The Triple DES DLL then breaks the
user-provided key into three subkeys, padding the keys if necessary in order that they are
each 64 bits long. The procedure for encryption is strictly an equivalent as regular DES, but
it’s repeated 3 times , hence the name Triple DES. the info is encrypted with the primary
key, decrypted with the second key, and eventually encrypted again with the third
key.Triple DES runs 3 times slower than DES, but is far safer if used properly. The
procedure for decrypting something is that the same because the procedure for encryption,
except it’s executed in reverse. Like DES, data is encrypted and decrypted in 64-bit
chunks. Although the input key for DES is 64 bits long, the particular key employed by DES
is merely 56 bits long . the smallest amount significant (right-most) bit in each byte may be
a parity , and will be set in order that there are always an odd number of 1s in every byte.
These parity bits are ignored, so only the seven most vital bits of every byte are used,
leading to a key length of 56 bits. this suggests that the effective key strength for TripleDES is really 168 bits because each of the three keys contains 8 parity bits that aren’t used
during the encryption process.Triple DES ModesTriple ECB (Electronic Code Book)• This
variant of Triple DES works precisely the same way because the ECB mode of DES.• this
is often the foremost commonly used mode of operation.Triple CBC (Cipher Block
Chaining)• This method is extremely almost like the quality DES CBC mode.• like Triple
ECB, the effective key length is 168 bits and keys are utilized in an equivalent manner, as
described above, but the chaining features of CBC mode also are employed.• the primary
64-bit key acts because the Initialization Vector to DES.• Triple ECB is then executed for
one 64-bit block of plaintext.• The resulting ciphertext is then XORed with subsequent
plaintext block to be encrypted, and therefore the procedure is repeated.• This method
adds an additional layer of security to Triple DES and is therefore safer than Triple ECB,
although it’s not used as widely as Triple ECB.
| Page 5 out of 44 Pages |
| Previous |