The protocol which secures the network login credentials in a Windows domain is:
PAM
Kerberos
Lan Manager
NTLM
Dictionary password cracking is a technique which..
compares passwords against saved passwords
goes through every possible combination of a password to find the saved password
Applies the dictionary to generate passwords
Tests the hashes generated by a predetermined set of words to see if they match the password hashes saved
A method of automating nap scans to do complex tasks uses files with a file extension of;
.txt
.nse
.nmp
.sh
Passwords on a modern Linux machine, like CentOS are stored in;
/proc/shadow
/etc/passwd
/proc/passwd
/etc/shadow
Which of the following would NOT be a logical choice to include in a Forward DNS Brute Force attack?
mars
mail
www
proxy
Metasploit is utility built into backtrack and is useful for:
Determining which ports are open and available for attack
Querying DNS to gain more information about a network
Capturing authentication traffic off the network and then cracking target passwords
Using existing exploits to deliver a specific payload to a target machine
An attacker can get access to a command line on a target machine behind a NAT firewall provided they...
Have access to port 1047 on the target machine
Can establish a reverse bind shell with the target machine
Can establish a bind shell with the target machine
Since a NAT firewall drops ALL traffic originating outside the network, it is not possible to get command line access to a target machine
The process of sending out a fake MAC address to target machines in a Man in the middle attack is known as:
MAC Rendering
MAC engineering
ARP Poisoning
ARP engineering
An effective tool an attacker might use to discover information about the topology and layout of your physical network would be;
Netcat
Ettercap
Maltego
Metasploit
The registry on a Windows 7 machine, is located in the ______________ directory by default.
C:\win\system32
C:\Documents and Settings\all users\registry
C:\windows\system32\config
C:\windows\system32\drivers\etc
The use of rainbow tables is effective in greatly reducing the time required for cracking password hashes on a Windows machine. If you were interested in attacking passwords on a Linux machine, rainbow tables would;
Greatly reduce the time required to crack the passwords since the hashes could be run against the rainbow table
This would not help speed up the process since Linux stores passwords as reversibly encrypted passwords which would is a different technology
This would not help speed up the process since password hashes on a Linux system are "salted", making rainbow tables useless
This would not help speed up the process since password hashes on a Linux system are created using SHA-1 which is unbreakable
One concern with logging on as the local administrator account on a domain machine is that;
The password of the domain administrator will be cached in the registry
The machine will cache credentials of a user who has rights to modify
This will overwrite the credentials of other users when running applications
There is no concern in this case, since the local administrator has no rights in the domain
NMAP is a port scanner capable of which of the following?
Determining ports open on a target machine
Finding the Operating System of the target machine
Identifying the user accounts on a Windows Server
All of the Above
A reverse DNS Brute force attack is a useful method to discover potential targets provided the victim DNS system has created what kind of records?
A
CNAME
MX
PTR
Which of the following utilities will allow an attacker to perpetrate a Man in the Middle attack on a https:// connection?
netcat
None - you can not do a Man in the middle attack of a https:// connection
Which of the following passwords would be the most difficult to brute force?
A 10 character password which includes lower case letters and numbers
A 6 character password which includes lower case and upper case letters and numbers
Which of the following would NOT be considered an important consideration in building a AAA secured network?
Autosecure
Auditing
Authentication
Authorization
netcat is a tool which is useful for "banner grabbing" - why might this be useful for an attacker
A banner provides the security token to run the program
Once the banner is taken, the attacker then gets control of the program
The banner often displays information about the program and version number
The banner is required to press legal charges against an attacker, once the attacker has it, they can not be legally charged
The Microsoft Framework describes the following steps important in securing an asset EXCEPT....
Depth of Defense
Least Privilege
Minimized attack surface
In order to ensure that passwords are managed correctly on your network it is a good idea to
Create a written policy that details how passwords should be created and managed on your network, and make sure that all personnel understand the policy
Ensure that passwords are complex
Ensure that passwords are long
Ensure that passwords are unique.