Question 1
Question
The protocol which secures the network login credentials in a Windows domain is:
Answer
-
PAM
-
Kerberos
-
Lan Manager
-
NTLM
Question 2
Question
Dictionary password cracking is a technique which..
Answer
-
compares passwords against saved passwords
-
goes through every possible combination of a password to find the saved password
-
Applies the dictionary to generate passwords
-
Tests the hashes generated by a predetermined set of words to see if they match the password hashes saved
Question 3
Question
A method of automating nap scans to do complex tasks uses files with a file extension of;
Question 4
Question
Passwords on a modern Linux machine, like CentOS are stored in;
Answer
-
/proc/shadow
-
/etc/passwd
-
/proc/passwd
-
/etc/shadow
Question 5
Question
Which of the following would NOT be a logical choice to include in a Forward DNS Brute Force attack?
Question 6
Question
Metasploit is utility built into backtrack and is useful for:
Answer
-
Determining which ports are open and available for attack
-
Querying DNS to gain more information about a network
-
Capturing authentication traffic off the network and then cracking target passwords
-
Using existing exploits to deliver a specific payload to a target machine
Question 7
Question
An attacker can get access to a command line on a target machine behind a NAT firewall provided they...
Answer
-
Have access to port 1047 on the target machine
-
Can establish a reverse bind shell with the target machine
-
Can establish a bind shell with the target machine
-
Since a NAT firewall drops ALL traffic originating outside the network, it is not possible to get command line access to a target machine
Question 8
Question
The process of sending out a fake MAC address to target machines in a Man in the middle attack is known as:
Answer
-
MAC Rendering
-
MAC engineering
-
ARP Poisoning
-
ARP engineering
Question 9
Question
An effective tool an attacker might use to discover information about the topology and layout of your physical network would be;
Answer
-
Netcat
-
Ettercap
-
Maltego
-
Metasploit
Question 10
Question
The registry on a Windows 7 machine, is located in the ______________ directory by default.
Answer
-
C:\win\system32
-
C:\Documents and Settings\all users\registry
-
C:\windows\system32\config
-
C:\windows\system32\drivers\etc
Question 11
Question
The use of rainbow tables is effective in greatly reducing the time required for cracking password hashes on a Windows machine. If you were interested in attacking passwords on a Linux machine, rainbow tables would;
Answer
-
Greatly reduce the time required to crack the passwords since the hashes could be run against the rainbow table
-
This would not help speed up the process since Linux stores passwords as reversibly encrypted passwords which would is a different technology
-
This would not help speed up the process since password hashes on a Linux system are "salted", making rainbow tables useless
-
This would not help speed up the process since password hashes on a Linux system are created using SHA-1 which is unbreakable
Question 12
Question
One concern with logging on as the local administrator account on a domain machine is that;
Answer
-
The password of the domain administrator will be cached in the registry
-
The machine will cache credentials of a user who has rights to modify
-
This will overwrite the credentials of other users when running applications
-
There is no concern in this case, since the local administrator has no rights in the domain
Question 13
Question
NMAP is a port scanner capable of which of the following?
Answer
-
Determining ports open on a target machine
-
Finding the Operating System of the target machine
-
Identifying the user accounts on a Windows Server
-
All of the Above
Question 14
Question
A reverse DNS Brute force attack is a useful method to discover potential targets provided the victim DNS system has created what kind of records?
Question 15
Question
Which of the following utilities will allow an attacker to perpetrate a Man in the Middle attack on a https:// connection?
Question 16
Question
Which of the following passwords would be the most difficult to brute force?
Question 17
Question
Which of the following would NOT be considered an important consideration in building a AAA secured network?
Answer
-
Autosecure
-
Auditing
-
Authentication
-
Authorization
Question 18
Question
netcat is a tool which is useful for "banner grabbing" - why might this be useful for an attacker
Answer
-
A banner provides the security token to run the program
-
Once the banner is taken, the attacker then gets control of the program
-
The banner often displays information about the program and version number
-
The banner is required to press legal charges against an attacker, once the attacker has it, they can not be legally charged
Question 19
Question
The Microsoft Framework describes the following steps important in securing an asset EXCEPT....
Answer
-
Depth of Defense
-
Auditing
-
Least Privilege
-
Minimized attack surface
Question 20
Question
An attacker can get access to a command line on a target machine behind a NAT firewall provided they...
Answer
-
Have access to port 1047 on the target machine
-
Can establish a reverse bind shell with the target machine
-
Can establish a bind shell with the target machine
-
Since a NAT firewall drops ALL traffic originating outside the network, it is not possible to get command line access to a target machine
Question 21
Question
In order to ensure that passwords are managed correctly on your network it is a good idea to
Answer
-
Create a written policy that details how passwords should be created and managed on your network, and make sure that all personnel understand the policy
-
Ensure that passwords are complex
-
Ensure that passwords are long
-
Ensure that passwords are unique.