Ethical Hacking Module 8

[ !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~] are the possible values in which of the following hash types? Mix alpha-numeric Ascii-32-65-123-4 Ascii-32-95 Alpha-numeric-symbol32-space

Ascii-32-95

You are using a password attack that tests every possible keystroke for each single key in a password until the correct one is found. Which of the following technical password attacks are you using? Pass the hash Keylogger Password sniffing Brute force

Brute force

Which of the following includes all possible characters or values for plaintext? Table_index Chain_len Chain_num Charset

Charset

Hackers can maintain access to a system in several ways. Which of the following best describes the unsecure file and folder method? There is no problem if the path is written within quotation marks and has no spaces This can lead to DLL hijacking and malicious file installations on a non-admin targeted user Services with weak permissions allow anyone to alter the execution of the service The hacker will have rights to do whatever the admin account can do

This can lead to DLL hijacking and malicious file installations on a non-admin targeted user

What is the following John the Ripper command used for? zip2john secure.zip > secure.txt To extract the password and save it in the secure.txt file To extract the password from a rainbow hash and save it in the secure.txt file To extract the password and save it in a rainbow table named secure.txt To extract the password hashes and save them in the secure.txt file

To extract the password hashes and save them in the secure.txt file

James, a hacker, has hacked into a Unix system and wants to change the timestamps on some files to hide his tracks. Which of the following timestamp tools would he most likely use? Timestomp Meterpreter Touch ctime

Touch

A hacker has gained physical access to a system and has changed an administrator's account password. Which of the following tools did the hacker most likely use to accomplish this? Timestomp CCleaner Ultimate Boot CD StegoStick

Ultimate Boot CD

Which of the following privilege escalation risks happens when a program is being installed without the constant supervision of the IT employee and fails to clean up after? Gaining credentials in LSASS Kerberoasting DLL hijacking Unattended installation

Unattended installation

Phil, a hacker, has found his way into a secure system. He is looking for a Windows utility he can use to retrieve, set, back up, and restore logging policies. Which of the following utilities should he consider? poledit gpedit secedit auditpol

auditpol

Who would be most likely to erase only parts of the system logs file? An everyday user A black hat hacker A penetration tester The network admin

A black hat hacker

Which of the following best describes the Security Account Manager (SAM)? A file in the directory that performs the system's security protocol A database that stores user passwords in Windows as an LM hash or a NTLM hash A protocol that allows authentication over an unsecure network through tickets or service principal names The attribute that stores passwords in a Group Policy preference item in Windows

A database that stores user passwords in Windows as an LM hash or a NTLM hash

Which of the following is sued to remove files and clear the internet browsing history? CCleaner User Account Control cPassword Steganography

CCleaner

Which of the following best describes a rootkit? Scans the system and compares the current scan to the clean database Can modify the operating system and the utilities of the target system Allows each file an unlimited number of data streams with unlimited size Allows the user to create a password to make the hidden file more secure

Can modify the operating system and the utilities of the target system

Roger, a security analyst, wants to tighten up privileges to make sure each user has only the privileges they need to do their work. Which of the following additional countermeasures could he take to help protect privilege? Instigate multi-factor authentication and authorization Allow unrestricted interactive logon privileges Restrict the interactive logon privileges Create plain text storage for passwords

Instigate multi-factor authentication and authorization

Which of the following system exploitation methods happens by adding a malicious file to a file path that is missing quotation marks and has spaces in it? Writable services Spyware Path interception Unsecure file and folder permissions

Path interception

Jack is tasked with testing the password strength for the users of an organization. He has limited time and storage space. Which of the following would be the best password attack for him to choose? Brute force attack Dictionary attack Rainbow attack Keylogger attack

Rainbow attack

Which of the following best describes the heuristic or behavior-based detection method? Searches for execution path hooking, which allows a function value in an accessible environment to be changed. Uses an algorithm as it goes through the system files, processes, and registry keys to create a baseline that is compared to the data returned by the operating system's APIs. Runs a tool to scan a clean system and create a database, then scans the system and compares the current scan to the clean database. Scan a system's processes and executable files, looking for byte sequences of known malicious rootkit programs.

Searches for execution path hooking, which allows a function value in an accessible environment to be changed.

Which of the following is the name of the attribute that stores passwords in a Group Policy preference item in Windows? SPNs LSASS cPasswords SAM

cPasswords

You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled? Social engineering Dumpster diving Shoulder surfing Password guessing

Dumpster diving

Which of the following could a hacker use Alternate Data Streams (ADS) for? Tracking evidence Erasing evidence Modifying evidence Hiding evidence

Hiding evidence

Which of the following is a protocol that allows authentication over a non-secure network by using tickets or service principal names (SPNs)? Unattended installation Credentials in LSASS Kerberoasting DLL hijacking

Kerberoasting

Which of the following best describes shoulder surfing? Giving someone you trust your username and account password. Finding someone's password in the trash can and using it to access their account. Guessing someone's password because it is so common or simple. Someone nearby watches you enter your password on your computer and records it.

Someone nearby watches you enter your password on your computer and records it.

Which of the following is malware that works by stealth to capture information and then sends it to a hacker to gain remote access? Writable services Spyware Crackers ERD Commander

Spyware

Cameron wants to send secret messages to his friend Brandon, who works at a competitor's company. To secure these messages, he uses a technique to hide a secret message within a video. Which of the following techniques is he using? Public-key cryptograph Encryption RSA algorithm Steganography

Steganography

Which of the following do hackers install in systems to allow them to have continued admittance, gather sensitive information, or establish access to resources and operations within the system? Backdoors Crackers Kerberos cPassword

Backdoors

Sam has used malware to access Sally's computer on the network. He has found information that will allow him to use the underlying NTLM to escalate his privileges without needing the plaintext password. Which of the following types of attacks did he use? Dictionary attack Rainbow attack Password sniffing Pass the hash

Pass the hash

You believe your system has been hacked. Which of the following is the first thing you should check? Modified timestamps Browser history System log files Hidden files

System log files

Which of the following best describes CCleaner? A command line tool in Windows 2000 that will dump a remote or local event log into a tab-separated text file. It can also be used to filter specific types of events. A program that searches for carrier files through statistical analysis techniques, scans for data hiding tools, and can crack password-protected data to extract the payload. A software that can clear cookies, stored data like passwords, browser history, and temporary cached filed. It can clear the recycling bin, clipboard data, and recent documents lists as well. A tool that can remove files and clear internet browsing history. It also frees up hard disk space. It clears the temporary files, history, and cookies from each of the six major search engines.

A tool that can remove files and clear internet browsing history. It also frees up hard disk space. It clears the temporary files, history, and cookies from each of the six major search engines.

Jerry runs a tool to scan a clean system to create a database. The tool then scans the system again and compares the second scan to clean the database. Which of the following detection methods is Jerry using? Integrity-based Cross view-based Behavior-based Signature-based

Integrity-based

The method of embedding data into legitimate files like graphics to hide it and then extracting the data once it reaches its destination is called: NTFS data streaming Execution path profiling Steganography Rootkits

Steganography

You have created and sorted an md5 rainbow crack table. You want to crack the password. Which of the following commands would you use to crack a single hash? rtgen md5 ascii-32-95 1 20 0 1000 1000 0 rcrack . -l /root/hashes.txt rtgen sha1 ascii-32-95 1 20 0 1000 1000 0 rcrack . -h 202cb962ac59075b964b07152d234b70

rcrack . -h 202cb962ac59075b964b07152d234b70

Which of the following is also known as ZeroAccess and has virus, Trojan horse, and rootkit components? Touch DeepSound Sirefef GrayFish

Sirefef

Carl received a phone call from a woman who states that she is calling from his bank. She tells him that someone has tried to access his checking account and she needs him to confirm his account number and password to discuss further details. He gives her his account number and password. Which of the following types of non-technical password attack has occurred? Password guessing Shoulder surfing Dumpster diving Social engineering

Social engineering

Which of the following is a tool for cracking Windows login passwords using rainbow tables? Trinity Rescue Kit GreyFish ERD Commander Ophcrack

Ophcrack

Which of the following techniques involves adding random bits of data to a password before it is stored as a hash? Pass the hash Keylogging Password salting Password sniffing

Password salting

An attacker installed a malicious file in the application directory. When the victim starts installing the application, Windows searches in the application directory and selects the malicious file instead of the correct file. The malicious file gives the attacker remote access to the system. Which of the following escalation methods best describes this scenario? DLL hijacking Kerberoasting Unattended installation Clear text credentials in LDAP

DLL hijacking

Mark is moving files from a device that is formatted using NTFS to a device that is formatted using FAT. Which of the following is he trying to get rid of? Antivirus and anti-spyware programs Encrypted steganographic information Malicious alternate data streams Software programs that hackers use

Malicious alternate data streams

A hacker finds a system that has a poorly designed and unpatched program installed. He wants to create a backdoor for himself. Which of the following tools could he use to establish a backdoor? Timestomp Metasploit CCleaner AuditPol

Metasploit