Cyber MGT
What does the -c option do when used in conjunction with ping?
Defines the number of pings to send.
The building you work in has a motion detecting alarm system, which would be considered a type of _________ control.
Detective
A wordlist file contains password hashes.
False
After you embedded the .txt file into the earth.jpg file the SHA1 hash was still the same?
False
The grep command was used to hide a ZIP file within a jpeg file?
False
Running curl http://www.google.com would pull _________ from Google's web servers.
HTML
Which of the following hash types was used for this attack?
NTLM
What type of attack did you perform when you you ran the command: mimikatz # sekurlsa::pth /user:lab-user /domain:LAB /ntlm: /run:cmd.exe
Pass-The-Hash
_________ is the protection of the confidentiality of personal information.
Privacy
What encryption cipher was being used when you embedded the .txt file into the earth.jpg file?
Rijndael
What is the technical term for hiding or concealing a message within another message or object?
Steganography
Ping is a utility that uses the ICMP protocol.
True
Running netstat -ab requires admin rights.
True
The # sign indicates you are logged in with the root account.
True
Using Mimkatz requires the cmd prompt to be ran as an administrator.
True
What is contained in the /etc/passwd file?
User Accounts
What was the system name (NOT OS version) of the server that was used as the Logon Server (Active Directory Domain Controller)?
Win12R2
What information were you able to view using the sekurlsa module?
Windows credentials
Running usermod -G staff joe at the command-line of a Ubuntu server results in the user joe being _________ the staff group.
added to
Running the command useradd ben -g anongroup at the command-line results in the user being added to the group called _________.
anongroup
What command would you use to view the groups on a Linux server?
cat /etc/group
What command would be used to view the encrypted passwords in Linux?
cat /etc/shadow
What command would be used to remove read, write and execute permissions for an entire group?
chmod g-rwx
Running cat bike.jpg secrets.zip > motorcycle.jpg simply _________ the ZIP file and JPEG into a new JPEG image.
concatenates
Using the _______ command allows the user to manipulate privilege on the Mimikatz process.
debug
Using cut -d "8" at the command-line extracts and displays characters from text that was piped to the cut command. The "8" is this case is the _________.
delimiter
What do you type to leave a terminal session?
exit
Running ls -l provides a list of files and folders on a Ubuntu server. The ______ character in the 10 permissions fields of the objects listed indicates if the object is a file or folder.
first
What was the decrypted password for ftpadmin?
ftp
A .gnmap file is a _________ output file from Nmap.
grepable
Another name for a one-way encrypted password is a _________.
hash
You can confirm a secret message has been embedded in a JPEG image using steghide by comparing the before and after _________ values of the same image.
hash
In Linux to display interface information you use the ___________ command.
ifconfig
Running steghide _________ earth.jpg at the command-line of a Linux server (which has steghide installed) will determine the storage capacity of a JPEG image in bytes.
info
To determine if there is a secret message in a JPEG image using steghide, execute the command steghide _________ earth.jpg and enter the password when prompted.
info
There are two different ways to learn more information (help pages) about a command in Linux, these are _______ and ________.
info and man
In Windows to show IP configurations and gather extended IP information you use the _____________ command.
ipconfig /all
Which user account did you compromise?
lab-user
When using the sekurlsa module which of the following commands did you have to use to locate entries for the user.
logonpasswords
What command is used to set a password for a user through the terminal?
passwd
In Ubuntu, when attempting to ping an IPv6 address you must use the following version of the command ________.
ping6
In Ubuntu if you wanted your interface to process all packets it received which mode would you put it in?
promiscuous mode
Using SteGUI (and steghide), an encrypted file can be hidden in an audio file using the __________ encryption cipher.
rijndael (or AES)
You can utilize a tool like Mimikatz to assess the _________ of an organization
security posture
On a Linux system, the encrypted passwords are stored in the _________ file.
shadow
To always see the last lines in a file that is being continually written to (such as a log file), you would use the _________ command on a Ubuntu system.
tail
You have access to a corporate read-only FTP server without providing credentials (anonymously). By accident, you discover that you can delete the files, which was a surprise to you. This is most likely _________.
the result of failure of an Systems Administrator to follow the FTP Server Build Procedures
Running chmod ____ secrets at the command-line of a Ubuntu server results in the current user being prevented from reading the secrets file. HINT: What letters (symbolic permissions) should be put in place of the blank?
u-r
Running cd .. at the command-line of a Ubuntu server results in the user going _________ one directory level from the current position of the prompt in the directory tree.
up
On a Windows system, the encrypted passwords are stored in the _________ file.
winhashes
In John the Ripper, the list of passwords used to test against is system is called a _________.
wordlist
A ________ exploit is an attack program that is created before patches are available from the vendor.
zero-day
You can use the _________ option with the netstat command to view port numbers for eachnetworking address.
-an
Running chmod ____ secrets at the command-line of a Ubuntu server results in EVERYONE being prevented from reading, writing or executing the secrets file. HINT: What three numbers (absolute permissions) should be put in place of the blank?
000
The following is a corporate IT Security Policy ACME Corporation: 11.4 Network Access Control11.4.1 ACME's internal, restricted network will be protected by a core firewall centrally controlled by IT.11.4.2 The core firewall will by default deny all inbound and outbound ports, only enabling ports as required to allow Information Systems to perform their functions properly.11.4.3 Only active workforce members will have access to the wireless network and the associated application resources.11.4.4 Visitors will only have access to a restricted guest wireless network.11.4.5 All remote access to the network will occur using a VPN solution provided by IT and in adherence with the VPN Standard.11.4.6 Information Systems in remote or separate locations will identify themselves before allowing connections (e.g., IP restrictions), whenever feasible.11.4.7 All remote diagnostic and configuration ports will be blocked at the core network firewall or disabled at the Information System.11.4.8 All publicly accessible Information Systems will reside in a highly restricted subnet (DMZ) with limited access to the restricted network.11.4.9 No systems containing SENSITIVE information will reside in the DMZ.
11.4.3
During the lab when using Hydra what port was used during the attack?
21
Which port was not open when viewing the dvlscan1 file?
25
To find a line with an email address in a text file you piped to grep, you would issue the symbol _________ as an argument or option to grep.
@
Which of the following is NOT a mode in the Password cracking tool John the Ripper?
Brute force mode
