E - CEHv9 Module 05 System Hacking

QUESTION 13 How can rainbowtables be defeated? A. Password salting B. All upper case character passwords C. Lock out accounts under brute force password cracking attempts D. Use of non-dictionary words

A

QUESTION 17 Bob learned that his username and password for a popular game has been compromised. He contacts the company and resets all the information. The company suggests he use two-factor authentication, which option below offers that? A. A fingerprint scanner and his username and password B. His username and a stronger password C. A new username and password D. Disable his username and use just a fingerprint scanner.

A

QUESTION 15 By using a smart card and pin, you are using a two-factor authentication that satisfies A. Something you are and something you remember B. Something you have and something you know C. Something you know and something you are D. Something you have and something you are

B

QUESTION 19 Shellshock had the potential for an unauthorized user to gain access to a server. It affected many internetfacing services, which OS did it not directly affect? A. OS X B. Windows C. Linux D. Unix

B

QUESTION 2 Which method of password cracking takes the most time and effort? A. Rainbow tables B. Brute force C. Shoulder surfing D. Dictionary attack

B

QUESTION 4 Ricardo wants to send secret messages to a competitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message. The technique provides "security through obscurity". What technique is Ricardo using? A. RSA algorithm B. Steganography C. Public-key cryptography D. Encryption

B

QUESTION 6 You've gained physical access to a Window 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your tool kit you have an Ubuntu 9.10 Linux LiveCD. Which Linux based tool has the ability to change any user's password or to activate disabled Windows accounts? A. SET B. CHNTPW C. John the Ripper D. Cain & Abel

B

QUESTION 8 John the ripper is a technical assessment tool used to test the weakness of which of the following? A. Usernames B. Passwords C. Firewall rulesets D. File permissions

B

QUESTION 10 A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it? A. The file reveals the passwords to the root user only. B. He cannot read it because it is encrypted. C. The password file does not contain the passwords themselves. D. He can open it and read the user IDs and corresponding passwords.

C

QUESTION 20 Which tool can be used to silently copy files from USB devices? A. USB Grabber B. USB Snoopy C. USB Dumper D. USB Sniffer

C

QUESTION 7 Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following that best describes this type of system? A. An authentication system that uses passphrases that are converted into virtual passwords B. A biometric system that bases authentication decisions on behavioral attributes C. An authentication system that creates one-time passwords that are encrypted with secret keys D. A biometric system that bases authentication decisions on physical attributes

C

What attack is used to crack passwords by using a precomputed table of hashed passwords? A. Hybrid Attack B. Dictionary Attack C. Rainbow Table Attack D. Brute Force Attack

C

- CEHv9 Module 05 System Hacking QUESTION 1 After trying multiple exploits, you've gained root access to a Centos 6 server. To ensure you maintain access, what would you do first? A. Download and Install Netcat B. Disable IP Tables C. Disable Key Services D. Create User Account

D

QUESTION 11 In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of rquiring the associated plaintext password as is normally the case. Metasploit Framework of the has a module for this technique; psexec. The psexec module is often ussed by penetration testers to obtain access to a given system that you already know the credentials for. It was written by sysinternals and has been integrated within the framework. Often is penetration testers, successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or chachedump and then utilize rainbowtables to crack those hash values. Which of the following is true hash type and sort order that is using in the psexec module's 'smbpass' A. NTLM:LM B. NT:LM C. LM:NT D. LM:NTLM

D

QUESTION 12 A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allows the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try a against the secured PDF until the correct password is found or the list is exhausted. Which cryptography attack is the student attempting? A. Brute force attack B. Man in the middle attack C. Session hijacking D. Dictionary attack

D

QUESTION 14 In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information; How can he achieve this? A. Shoulder-Surfing B. Hacking Active Directory C. Port Scanning D. Privilege Escalation

D

QUESTION 5 A network administrator discovers several unknown files in the roof directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc". The FTP server's access logs show that the anonymous user account logged into the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server' software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port. What kind of vulnerability must be present of make this remote attack possible? A. File system permissions B. Directory traversa C. Brute force login D. Privilege escalation

D

QUESTION 9 Even stole a file named a secret.text, transferred it to your computer and she just entered these commands: [eve@localhost ~] john secret.txt Loaded 2 password hashes with no different salts (LM [DES 128/128 SSE2-16]) Press 'q' or Ctrl-C to abort, almost any other key for status What is she trying to acheive? A. She is using FTP to transfer the file to another hacker named John. B. She is encrypting the file. C. She is using john the ripper to view the contents of the file. D. She's using john the ripper to crack the passwords in the secrets.txt file.

D

QUESTION 18 Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands: [eve@localhost ~]$ john secret.txt Loaded 2 password hashes with no different salts (LM [DES 128/128 SSE2-16]) Press 'q' or Ctrl-C to abort, almost any other key for status 0g 0:00:00:03 3/3 0g/s 86168p/s 86168c/s 172336C/s MERO..SAMPLUI 0g 0:00:00:04 3/3 0g/s 3296Kp/s 3296Kc/s 6592KC/s GOS..KARIS4 0g 0:00:00:07 3/3 0g/s 8154Kp/s 8154Kc/s 16309KC/s NY180K..NY1837 0g 0:00:00:10 3/3 0g/s 7958Kp/s 7958Kc/s 15917KC/s SHAGRN..SHENY9 What is she trying to achieve? A. She is using John the Ripper to crack the passwords in the secret.txt file. B. She is using John the Ripper to view the contents of the file. C. She is using ftp to transfer the file to another hacker named John. QUESTION 18 Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands: [eve@localhost ~]$ john secret.txt Loaded 2 password hashes with no different salts (LM [DES 128/128 SSE2-16]) Press 'q' or Ctrl-C to abort, almost any other key for status 0g 0:00:00:03 3/3 0g/s 86168p/s 86168c/s 172336C/s MERO..SAMPLUI 0g 0:00:00:04 3/3 0g/s 3296Kp/s 3296Kc/s 6592KC/s GOS..KARIS4 0g 0:00:00:07 3/3 0g/s 8154Kp/s 8154Kc/s 16309KC/s NY180K..NY1837 0g 0:00:00:10 3/3 0g/s 7958Kp/s 7958Kc/s 15917KC/s SHAGRN..SHENY9 What is she trying to achieve? A. She is using John the Ripper to crack the passwords in the secret.txt file. B. She is using John the Ripper to view the contents of the file. C. She is using ftp to transfer the file to another hacker named John. D. She is encrypting the file.

A

QUESTION 3 Which of the following parameters describe LM Hash: I - The maximum password length is 14 characters. II - There are no distinctions between uppercase and lowercase. III - It's a simple algorithm, so 10,000,000 hashes can be generated per second A. I and II B. I C. I, II, and III D. II

A