Digital Forensics CH11

Ace your homework & exams now with Quizwiz!

Zombies

Machines used on a DDoS are known as ____ simply because they have unwittingly become part of the attack.

PCAP

Most packet sniffer tools can read anything captured in ____ format.

3

Most packet sniffers operate on layer 2 or ____ of the OSI model.

Bootable Linux

Helix operates in two modes:Windows Live (GUI or command line) and ____.

SYN Flood

In a(n) ____ attack, the attacker keeps asking your server to establish a connection.

chntpw

The Knoppix STD tool ____ enables you to reset passwords on a Windows computer, including the administrator password.

PsKill

The PSTools ____ kills processes by name or process ID.

Honeynet

The ____ Project was developed to make information widely available in an attempt to thwart Internet and network hackers.

False

When intruders break into a network, they rarely leave a trail behind.

Honeypot

A ____ is a computer set up to look like any other machine on your network, but it lures the attacker to it.

Tcpdump

A common way of examining network traffic is by running the ____ program.

False

Network forensics is a fast, easy process.

True

PsList from PsTools allows you to list detailed information about processes.

True

With the Knoppix STD tools on a portable CD, you can examine almost any network system.

Packet Sniffers

____ are devices and/or software placed on a network to monitor traffic.

Helix

____ can be used to create a bootable forensic CD and perform a live acquisition.

Network Forensics

____ can help you determine whether a network is truly under attack or a user has inadvertently installed an untested patch or custom program.

Network

____ forensics is the systematic tracking of incoming and outgoing traffic on your network.

Layered Network Defense Strategies

____ hide the most valuable data at the innermost part of the network.

RegMon

____ is a Sysinternals command that shows all Registry data in real time on a Windows computer.

Tcpslice

____ is a good tool for extracting information from large Libpcap files.

Snort

____ is a popular network intrusion detection system that performs packet capture and analysis in real time.

PsTools

____ is a suite of tools created by Sysinternals.

dcfldd

____ is the U.S. DoD computer forensics lab's version of the dd command that comes with Knoppix-STD.

tethereal

____ is the text version of Ethereal, a packet sniffer tool.


Related study sets

3.5 Banking and Finance - Commercial Banking

View Set

Chapter 12 International Air Transportation

View Set

nclex GU, Pediatric GU questions Nclex, renal gu nclex, Renal & GU- NCLEX, GU NCLEX 3500, NCLEX GU

View Set

Safety fundamental concepts terms (Safety health Eng Chapter 3)

View Set

AWS Developer Associate Exam Questions

View Set

Chapter 3 Additional Government Influence (Class 5)

View Set

Medical Terms: Ch. 9 Final Review

View Set

PSY 315 Final Exam- Chapter Quizzes (ALL CHAPTERS)

View Set

Chapter 24: Management of Patients With Chronic Pulmonary Disease

View Set