Questions

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

1. Examine the following password hashes obtained from a Windows XP machine using LM hashing:

B757BF5C0D87772FAAD3B435B51404EE

BA810DBA98995F1817306D272A9441BB

E52CAC67419A9A224A3B108F3FA6CB6D

0182BD0BD4444BF836077A718CCDF409

CEC52EB9C8E3455DC2265B23734E0DAC

Which of the following is true regarding the hashes listed?

A. The hashes are protected using Syskey.

B. The third hash listed is the local administrator’s password.

C. The first hash listed is from a password of seven characters or less.

D. The hashes can be easily decrypted by reversing the hash algorithm.

2. Which of the following correctly describes brute-force password attacks?

A. Feed a list of words into a cracking program.

B. Compare the hash values to lists of pre-hashed values for a match.

C. Attempt all possible combinations of letters, numbers, and special characters in succession.

D. Threaten the user with physical violence unless they reveal their password.

3. Which password theft method is almost always successful, requires little technical knowledge, and is nearly impossible to detect?

A. Install a hardware keylogger.

B. Install a software keylogger.

C. Sniff the network segment with Ettercap.

D. Brute force using Cain and Abel.

4. Which of the following will extract an executable file from NTFS streaming?

A. c:> cat file1.txt:hidden.exe > visible.exe

B. c:> more file1.txt | hidden.exe > visible.exe

C. c:> type notepad.exe > file1.txt:hidden.exe

D. c:> list file1.txt$hidden.exe > visible.exe

5. Which command is used to allow all privileges to the user, read-only to the group and read-only for all others to a particular file, on a Linux machine?

A. chmod 411 file1

B. chmod 114 file1

C. chmod 117 file1

D. chmod 711 file1

E. chmod 744 file1

6. Examine the following passwd file:

Which of the following statements are true regarding this passwd file? (Choose all that apply.)

A. None of the user accounts have passwords assigned.

B. The system makes use of the shadow file.

C. The root account password is root.

D. The root account has a shadowed password.

E. Files created by Alecia will initially be viewable by Jason.

7. You are attempting to hack a Windows machine and wish to gain a copy of the SAM file. Where can you find it? (Choose all that apply.)

A. etcpasswd

B. etcshadow

C. c:windowssystem32config

D. c:winntconfig

E. c:windows epair

8. Which of the following statements are true concerning Kerberos? (Choose all that apply.)

A. Kerberos uses symmetric encryption.

B. Kerberos uses asymmetric encryption.

C. Clients ask for authentication tickets from the KDC in clear text.

D. KDC responses to clients never include a password.

E. Clients decrypt a TGT from the server.

9. What is the difference between a dictionary attack and a hybrid attack?

A. Dictionary attacks are based solely on word lists, whereas hybrid attacks make use of both word lists and rainbow tables.

B. Dictionary attacks are based solely on whole word lists, whereas hybrid attacks can use a variety of letters, numbers, and special characters.

C. Dictionary attacks use predefined word lists, whereas hybrid attacks substitute numbers and symbols within those words.

D. Hybrid and dictionary attacks are the same.

10. Which of the following SIDs indicates the true administrator account?

A. S-1-5-21-1388762127-2960977290-773940301-1100

B. S-1-5-21-1388762127-2960977290-773940301-1101

C. S-1-5-21-1388762127-2960977290-773940301-500

D. S-1-5-21-1388762127-2960977290-773940301-501

11. You have obtained a password hash and wish to quickly determine the associated plaintext password. Which of the following is the best choice?

A. Use a rainbow table.

B. Reverse the hash algorithm.

C. Use User2SID.

D. Use SID2User.

E. Use the public key of the user.

12. You are monitoring traffic between two systems communicating over SSL. Which of the following techniques is your best bet in gaining access?

A. Sniff the traffic with Cain and Abel

B. Practice active sniffing

C. Sidejacking

D. ARP poisoning

13. Which password would be considered the most secure?

A. CEH123TEST

B. CEHisaHARDTEST

C. 638154849675

D. C3HisH@rd

14. Your client makes use of Sigverif on his servers. What functionality does this tool provide?

A. Verifies digital signatures in SSL certificates.

B. Displays a list of unsigned drivers.

C. Displays a list of corrupted (nonfunctioning) drivers.

D. Verifies SAM database integrity.

15. Which of the following are considered offline password attacks? (Choose all that apply.)

A. Using a hardware keylogger

B. Brute-force cracking with Cain and Abel on a stolen SAM file

C. Using John the Ripper on a stolen passwd file

D. Shoulder surfing

16. Examine the following portion of a log file, captured during a hacking attempt:

What was the attacker attempting to do?

A. Copy files for later examination.

B. Cover his tracks.

C. Chang the shell to lock out other users.

D. Upload a rootkit.

17. You suspect a hack has occurred against your Linux machine. Which command will display all running processes for you to review?

A. ls -d

B. ls -l

C. su

D. ps -ef

E. ifconfig

18. Examine the following command output:

Which of the following are true regarding this output? (Choose all that apply.)

A. This output is from net commands.

B. This output is from nbtstat.

C. This output is from netstat.

D. This output is from nslookup.

19. Which rootkit type makes use of system-level calls to hide their existence?

A. Application level

B. Kernel level

C. Library level

D. System level

20. Which folder in Linux holds administrative commands and daemons?

A. /sbin

B. /bin

C. /dev

D. /mnt

E. /usr

21. What are the three commands necessary to install an application in Linux?

A. ./install

B. make

C. make install

D. ./configure

22. You are examining files on a Windows machine and note one file’s attributes include “h.” What does this indicate?

A. The file is flagged for backup.

B. The file is part of the help function.

C. The file is fragmented due to size.

D. The file has been quarantined by an antivirus program.

E. The file is hidden.

23. You have gained access to a SAM file from an older Windows machine and are preparing to run a Syskey cracker against it. How many bits are used for Syskey encryption?

A. 128

B. 256

C. 512

D. 1024

24. Which of the following tools can assist in discovering the use of NTFS file streams? (Choose all that apply.)

A. LADS

B. ADS Spy

C. Sfind

D. Snow

25. Which authentication method uses DES for encryption and forces 14-character passwords for hash storage?

A. NTLMv1

B. NTLMv2

C. LAN Manager

D. Kerberos

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Questions

Create new playlist

Sign In

Sign Up

Table of Contents for
Questions