Ethical Hacker CH 8
You have created and sorted an md5 rainbow crack table. You want to crack the password. Which of the following commands would you use to crack a single hash?
rcrack . -h 202cb962ac59075b964b07152d234b70
Which of the following best describes CCleaner?
A tool that can remove files and clear internet browsing history. It also frees up hard disk space. It clears the temporary files, history, and cookies from each of the six major search engines.
Roger, a security analyst, wants to tighten up privileges to make sure each user has only the privileges they need to do their work. Which of the following additional countermeasure could he take to help protect privelige?
Instigate multi-factor authentication and authorization.
Jerry runs a tool to scan a clean system to create a database. The tool then scans the system again and compares the second scan to the clean database. Which of the following detection methods is Jerry using?
Integrity-based
Which of the following is malware that works by stealth to capture information and then sends it to a hacker to gain remote access?
Spyware
You have just run the John the Ripper command shown in the image. Which of the following was this command used for?
To extract the password hashes and save them in the secure.txt file.
Phil, a hacker, has found his way into a secure system. He is looking for a Windows utility he can use to retrieve, set, back up, and restore logging policies. Which of the following utilities should he consider?
auditpol
Which of the following is the name of the attribute that stores passwords in a Group Policy preference item in Windows?
cPasswords
Which of the following could a hacker use Alternate Data Streams (ADS) for?
Hiding evidence
Which of the following is a protocol that allows authentication over a non-secure network by using tickets or service principal names (SPNs)?
Kerberoasting
Which of the following system exploitation methods happens by adding a malicious file to a file path that is missing quotation marks and has spaces in it?
Path interception
Cameron wants to send secret messages to his friend Brandon, who works at a competitor's company. To secure these messages, he uses a technique to hide a secret message within a video. Which of the following techniques is he using?
Steganography
The method of embedding data into legitimate files like graphics to hide it and then extracting the data once it reaches its destination is called:
Steganography
You believe your system has been hacked. Which of the following is the first thing you should check?
System log files
James, a hacker, has hacked into a Unix system and wants to change the timestamps on some files to hide his tracks. Which of the following timestamp tools would he most likely use?
Touch
A hacker has gained physical access to a system and has changed an administrator's account password. Which of the following tools did the hacker most likely use to accomplish this?
Ultimate Boot CD
Which of the following privilege escalation risks happens when a program is being installed without the constant supervision of the IT employee and fails to clean up after?
Unattended installation
Which of the following best describes a rootkit?
Can modify the operating system and the utilities of the target system.
Who would be most likely to erase only parts of the system logs file?
A black hat hacker
Which of the following best describes the Security Account Manager (SAM)?
A database that stores user passwords in Windows as an LM hash or a NTLM hash.
Which of the following is used to remove files and clear the internet browsing history?
CCleaner
Which of the following best describes the heuristic or behavior-based detection method?
Searches for execution path hooking, which allows a function value in an accessible environment to be changed.
Which of the following is also known as ZeroAccess and has virus, Trojan horse, and rootkit components?
Sirefef
[ !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~] are the possible values in which of the following hash types?
Ascii-32-95
You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled?
Dumpster diving
Hackers can maintain access to a system in several ways. Which of the following best describes the unsecure file and folder method?
This can lead to DLL hijacking and malicious file installations on a non-admin targeted user.
Which of the following do hackers install in systems to allow them to have continued admittance, gather sensitive information, or establish access to resources and operations within the system?
Backdoors
You are using a password attack that tests every possible keystroke for each single key in a password until the correct one is found. Which of the following technical password attacks are you using?
Brute force
Jack is tasked with testing the password strength for the users of an organization. He has limited time and storage space. Which of the following would be the best password attack for him to choose?
Rainbow attack
Which of the following is a tool for cracking Windows login passwords using rainbow tables?
Ophcrack
A hacker finds a system that has a poorly design and unpatched program installed. He wants to create a backdoor for himself. Which of the following tools could he use to establish a backdoor?
Metasploit
Sam has used malware to access Sally's computer on the network. He has found information that will allow him to use the underlying NTLM to escalate his privileges without needing the plaintext password. Which of the following types of attacks did he use?
Pass the hash
Which of the following techniques involves adding random bits of data to a password before it is stored as a hash?
Password salting
Carl received a phone call from a woman who states that she is calling from his bank. She tells him that someone has tried to access his checking account and she needs him to confirm his account number and password to discuss further details. He gives her his account number and password. Which of the following types of non-technical password attack has occured?
Social engineering
Which of the following best describes shoulder surfing?
Someone nearby watches you enter your password on your computer and records it.
An attacker installed a malicious file in the application directory. When the victim starts installing the application, Windows searches in the application directory and selects the malicious file instead of the correct file. The malicious file gives the attacker remote access to the system. Which of the following escalation methods best describes this scenario?
DLL hijacking
Mark is moving files from a device that is formatted using NTFS to a device that is formatted using FAT. Which of the following is he trying to get rid of?
Malicious alternate data streams.
Which of the following includes all possible characters or values for plaintext?
Charset
