chapter 6 ethical hacker pro test out
Which of the following best describes IPsec enumeration? Uses SIP to enable voice and video calls over an IP network. Is used to manage devices such as routers, hubs, and switches. Uses ESP, AH, and IKE to secure communication between VPN endpoints. Is used by most email servers and clients to send email messages.
Uses ESP, AH, and IKE to secure communication between VPN endpoints.
Diana, a penetration tester, executed the following command. Which answer describes what you learn from the information displayed? This is a DNS zone transfer. There are DNS restrictions in place. Split DNS is being used. DNS translation is being used.
This is a DNS zone transfer.
Robby, a security specialist, is taking countermeasures for SNMP. Which of the following utilities would he most likely use to detect SNMP devices on the network that are vulnerable to attacks? SNscan Scany Currport Colasoft
SNscan
Which of the following ports are used by null sessions on your network? 139 and 445 139 and 444 135 and 445 137 and 443
139 and 445
In which phase of the ethical hacking process do you gather information from a system to learn more about its configurations, software, and services? Reconnaissance Enumeration Sniffing Scanning
Enumeration
A hacker has managed to gain access to the /etc/passwd file on a Linux host. What can the hacker obtain from this file? The root username and password Usernames and passwords No usernames or passwords Usernames, but no passwords
Usernames, but no passwords
Which enumeration process tries different combinations of usernames and passwords until it finds something that works? Exploiting SMTP Brute force Zone transfers Default passwords
Brute force
LDAP is an internet protocol for accessing distributed directory services. If this port is open, it indicates that Active Directory or Exchange may be in use. What port does LDAP use? TCP/UDP 3268 TCP/UDP 389 TCP/UDP 53 TCP/UDP 445
TCP/UDP 389
Which of the following enumeration tools provides information about users on a Linux machine? SuperScan Null session finger PsTools
finger
Jorge, a hacker, has gained access to a Linux system. He has located the usernames and IDs. He wants the hashed passwords for the users that he found. Which file should he look in? /etc/group /etc/passwd /etc/shadow /etc/services
/etc/shadow
The Simple Network Management Protocol (SNMP) is used to manage devices such as routers, hubs, and switches. SNMP works with an SNMP agent and an SNMP management station in which layer of the OSI model? Session Layer Application Layer Network Layer Transport Layer
Application Layer
Which of the following is the most basic way to counteract SMTP exploitations? Ignore messages to unknown recipients instead of sending back error messages. Review and implement the security settings and services available with your server software. Monitor ports, remove agents, update systems, and change default passwords. Restrict zones to ensure where zones are copied, use digital signatures, and split zones.
Ignore messages to unknown recipients instead of sending back error messages.
After the enumeration stage, you have are considering blocking port 389. Your colleague has advised you to use caution when blocking ports that could potentially impact your network. Which of the following necessary services could be blocked? SMTP DNS LDAP SNMP
LDAP
Hugh, a security consultant, recommended the use of an internal and external DNS to provide an extra layer of security. Which of the following DNS countermeasures is being used? DNS zone transfer Digital signatures Split DNS DNS zone restriction
Split DNS
Shawn, a malicious insider, has obtained physical access to his manager's computer and wants to listen for incoming connections. He has discovered the computer's IP address, 192.168.34.91, and he has downloaded netcat. Which of the following netcat commands would he enter on the two computers? nc -l -p 2222 (manager's computer) and nc -nv 192.168.34.91 2222 (Shawn's machine) nc -l -p 2222 (manager's computer) and nc -sv 192.168.34.91 2222 (Shawn's machine) nc -n -s 2222 (manager's computer) and nc -lp 192.168.34.91 2222 (Shawn's machine) nc -l -s 2222 (manager's computer) and nc -pv 192.168.34.91 2222 (Shawn's machine)
nc -l -p 2222 (manager's computer) and nc -nv 192.168.34.91 2222 (Shawn's machine)
What port does a DNS zone transfer use? TCP 23 TCP 139 TCP 53 TCP 445
TCP 53
Typically, you think of the username as being the unique identifier behind the scenes, but Windows actually relies on the security identifier (SID). Unlike the username, a SID cannot be used again. When viewing data in the Windows Security Account Manager (SAM), you have located an account ending in -501. Which of the following account types did you find? The domain guests The built-in guest The domain admins The built-in administrator
The built-in guest
