Ethical Hacking II

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What needs to be in the GRUB to run a terminal with root permissions?

'rw initrd=/install/gtk/initrd.gz quiet splash init=/bin/bash', to have read-write permissions.

What protocol is exploited to achieve the On-Path position?

ARP

This is not an automated web application vulnerability scanning tool?

Bettercap

What describes the HTTP GET method?

The method requests a specified resource from the server.

If you run the nmap 5.25.128.0/18 -p 3389 command, how many potential IPs are you looking for, and with which default service?

16,384 IPs with remote desktop

Which user would you compromise if you could not get root access?

A user with sudo permissions

Sasha wants to crack a password on a website. To do so, she did some research on the user and gathered information about him. What tool can be used to make the cracking process easier?

CUPP (Common Users Passwords Profiler)

What must you do to make your browser use an interception proxy like Burpe Suite?

Change the manual proxy configuration to the loopback on port 8080.

What type of attack is an XSS?

Client-side attack

What is the BEST way to mitigate unwanted pre-boot access to a Windows machine?

Full disk encryption

Which of the following password attack method that uses pre-computed hash values?

Rainbow table

Cross-site scripting or XSS comes in which three forms?

Reflected, stored, and DOM

Hierarchy of Windows privileges

Regular User Admin NT Authority Delegated Admin Domain Admin Enterprise Admin

In Metasploit, how do you display the required fields of an exploit?

Show Options

In Meterpreter, what command would you use to find the current user?

getuid

What nmap command would you use to fingerprint or to find out versions?

nmap 192.168.1.100 -sV

server-side technologies

ASP/ASP.NET, Oracle, PHP, Ruby, JSP, SQL/NoSQL, & CGI

Thomas tries to change his friend's PC boot order but encounters a password request. Which security solution was implemented?

BIOS (Basic Input/Output System) password

What tool is highly effective when testing client-server transactions, can be used to manipulate captured data, and can send the data to the server?

Burp Suite

What SQL Injection attack is the easiest to perform?

Error based SQLi

What are some defensive measures you can take against a Brute-force attack?

Fail2Ban, strong password, and login attempt limitation.

What does Talos do?

Gathers global information about cyber attacks.

This is not a server-side technology?

HTML

client-side technologies

HTML, CSS, and JS

Apache, Nginx, and IIS are examples of what?

HTTP servers

John wants to launch a phishing campaign. He is looking for a tool to help him clone a specific website. What tool can he use to create the website?

HTTrack

What is true about Hashcat?

Hashcat can use the GPU as the processing unit for the brute-force attacks.

These establishments would need to have a HIPPA certification?

Hospitals

What are social engineering attacks based on?

Human errors

What tool can crack protected PDF files using the Brute-force technique?

John the Ripper

What is EternalBlue?

Known Windows exploit

Ted was hired to perform penetrating testing on a system. Which platform can help him accomplish that?

MetaSploit

What is used to perform customized network scans?

Nmap

In a database, if you want the data to be sequential, which command would you use?

ORDER

Intercepting and eavesdropping on communication is which type of attack?

On-Path attack

What does an ethical hacker require to start evaluating a system?

Permission

What can Leanne use to prevent SQL injection on her website?

Prepared Statements

What is true regarding an SFX attack?

SFX are self-extracting & SFX can be used to deceive a victim into running background executables and scripts.

This is not a HASH algorithm.

SHA-67 or SHA-25

What tool can you use to search for an exploit?

SearchSploit

John built a forum-based website. He wants to save a payload in the database to affect its viewers. What attack is most likely used?

Stored XSS

In a database query, what does 1=1 do?

Tell the system that it is a true statement.

Tom is a cyber consultant. He used Nmap to map an organization and find open ports. For one scanned port, he received RST as a response. What is the port status?

The port is closed.

What happens when you create a DWORD key in the registry HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon with a username and a value of zero?

The user is hidden.

Why may cookies be stolen via XSS?

To steal another's user's session.

What SQL query is used to change existing values?

UPDATE: updates the value in single or multiple rows or columns

A password on the GRUB boot loader in Linux systems prevents the following?

Unwanted reboots & Editing

For the dirbuster tool to work, it requires:

Wordlists

David recently discovered a new security vulnerability in his software that wasn't known before. What is the correct term for his discovery?

Zero-Day


Ensembles d'études connexes

History, Tech and Society Test #1

View Set

Chapter 10 Basics of Word Processing

View Set