Exam 1
George hired an attacker named Joan to perform a few attacks on a competitor organization and gather sensitive information. In this process, Joan performed enumeration activities on the target organization's systems to access the directory listings within Active Directory. What is the type of enumeration that Joan has performed in the above scenario? SNMP enumeration LDAP enumeration NTP enumeration NetBIOS enumeration
LDAP enumeration
Which of the following Purdue levels is commonly referred to as an industrial demilitarized zone (IDMZ)? Level 2 Level 3 Level 3.5 Level 4
Level 3.5
Which of the following types of viruses infects Microsoft Word or similar applications by automatically performing a sequence of actions after triggering an application? Multipartite viruses Macro viruses Encryption viruses Sparse infector viruses
Macro viruses
CenSys Solutions hired Clark, a security professional, to enhance the Internet security of the organization. To achieve the goal, Clark employed a tool that provides various Internet security services, including anti-fraud and anti-phishing services, application testing, and PCI scanning. What is the tool used by Clark to perform the above activities? Blisqy OmniPeek Netcraft BTCrawler
Netcraft
Which of the following types of password attacks does not require any technical knowledge about hacking or system exploitation and includes techniques such as shoulder surfing, social engineering, and dumpster diving? Active online attacks Passive online attacks Non-electronic attacks Offline attacks
Non-electronic attacks
Which of the following information security elements guarantees that the sender of a message cannot later deny having sent the message and the recipient cannot deny having received the message? Confidentiality Non-repudiation Availability Integrity
Non-repudiation
Which of the following steganography techniques is used by attackers for hiding the message with a large amount of useless data and mixing the original data with the unused data in any order? Null ciphers Grille ciphers Jargon codes Semagrams
Null ciphers
In which of the following attacks does an attacker dump memory by rebooting a victim's device with a malicious OS and then extract sensitive data from the dumped memory? iOS jailbreaking OS data caching Carrier-loaded software User-initiated code
OS data caching
Which of the following OS discovery techniques is used by an attacker to identify a target machine's OS by observing the TTL values in the acquired scan result? OS discovery using Nmap OS discovery using Unicornscan OS discovery using Nmap Script Engine OS discovery using IPv6 fingerprinting
OS discovery using Unicornscan
David, a content writer, was searching online for a specific topic. He visited a web page that appears legitimate and downloaded a file. As soon as he downloaded the file, his laptop started to behave in a weird manner. Out of suspicion, he scanned the laptop for viruses but found nothing. Which of the following programs conceals the malicious code of malware via various techniques, making it difficult for security mechanisms to detect or remove it? Exploit Downloader Obfuscator Payload
Obfuscator
Jim, a professional hacker, was hired to perform an attack on an organization. In the attack process, Jim targeted the SMTP server of the target organization and performed SMTP enumeration using the smtp-user-enum tool. He used some options in the tool to gather the usernames of the target organization's employees. Which of the following options did Jim use in the SMTP command for guessing the username from among EXPN, VRFY, and RCPT TO? -m n -u user -M mode -p port
-M mode
An attacker is using DumpsterDiver, an automated tool, to identify potential secret leaks and hardcoded passwords in target cloud services. Which of the following flags is set by the attacker to analyze the files using rules specified in "rules.yaml"? -r, --remove -a, --advance -s, --secret -o OUTFILE
-s, --secret
In which of the following types of attack does an attacker exploit the carrier-sense multiple access with collision avoidance (CSMA/CA) clear channel assessment (CCA) mechanism to make a channel appear busy? Beacon flood Denial of service Access point theft EAP failure
Denial of service
John, an attacker, performed sniffing on a target organization's network and found that one of the protocols used by the target organization is vulnerable as it allows a client to access and manipulate the emails on a server. John exploited that protocol to obtain the data and employee credentials that are transmitted in cleartext. Which of the following protocols was exploited by John in the above scenario? IMAP HTTPS IPsec DTLS
IMAP
Through which of the following techniques can an attacker obtain a computer's IP address, alter the packet headers, and send request packets to a target machine while pretending to be a legitimate host? IP address decoy Source port manipulation Packet fragmentation IP address spoofing
IP address spoofing
Which of the following techniques involves sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones and laptops? Bluejacking Bluesmacking Bluebugging BluePrinting
Bluejacking
Which of the following attacks is performed by asking the appropriate questions to an application database, with multiple valid statements evaluated as true or false being supplied in the affected parameter in the HTTP request? Heavy query Error-based SQL injection No error message returned Boolean exploitation
Boolean exploitation
Which of the following tools in OSRFramework is used by attackers to check for a user profile on up to 290 different platforms? usufy.py phonefy.py entify.py searchfy.py
usufy.py
Given below are the different phases of the APT lifecycle. 1. Initial intrusion 2. Persistence 3. Preparation 4. Cleanup 5. Expansion 6. Search and exfiltration What is the correct sequence of phases in the APT lifecycle? 1 -> 2 -> 3 -> 4 -> 5 -> 6 3 -> 1 -> 5 -> 2 -> 6 -> 4 5 -> 3 -> 2 -> 6 -> 4 -> 1 2 -> 4 -> 6 -> 1 -> 5 -> 3
3 -> 1 -> 5 -> 2 -> 6 -> 4
Given below are the different phases of the vulnerability management lifecycle. 1. Monitor 2. Vulnerability scan 3. Identify assets and create a baseline 4. Risk assessment 5. Verification 6. Remediation What is the correct sequence of phases involved in the vulnerability management lifecycle? 1 -> 2 -> 3 -> 4 -> 5 -> 6 2 -> 1 -> 5 -> 3 -> 6 -> 4 3 -> 2 -> 4 -> 6 -> 5 -> 1 3 -> 1 -> 4 -> 5 -> 6 -> 2
3 -> 2 -> 4 -> 6 -> 5 -> 1
Which of the following IDS/firewall evasion techniques is used by an attacker to bypass Internet censors and evade certain IDS and firewall rules? IP address decoy Sending bad checksums Source port manipulation Anonymizers
Anonymizers
Which of the following countermeasures should be followed to safeguard the privacy, data, and reputation of an organization and to prevent information disclosure? Keeping the domain name profile public Enabling directory listings in the web servers Avoiding domain-level cross-linking for critical assets Turning on geolocation access on all mobile devices
Avoiding domain-level cross-linking for critical assets
One of the following techniques redirects all malicious network traffic to a honeypot after any intrusion attempt is detected. Attackers can identify such honeypots by examining specific TCP/IP parameters such as the round-trip time (RTT), time to live (TTL), and TCP timestamp. Which is this technique? Fake AP Snort_inline User-Mode Linux (UML) Bait and switch
Bait and switch
Which of the following encoding schemes represents any binary data using only printable ASCII characters and is used for encoding email attachments for safe transmission over SMTP? URL encoding Unicode encoding Base64 encoding Hex encoding
Base64 encoding
Joan, a professional hacker, was hired to retrieve sensitive information from a target organization. In this process, she used a post-exploitation tool to check common misconfigurations and find a way to escalate privileges. Which of the following tools helps Joan in escalating privileges? ShellPhish GFI LanGuard Netcraft BeRoot
BeRoot
Which of the following is a category of hackers who are also known as crackers, use their extraordinary computing skills for illegal or malicious purposes, and are often involved in criminal activities? Black Hats White hats Suicide hackers Script kiddies
Black Hats
Jaden, a security professional in an organization, introduced new tools and services into the organization. Before introducing the tools, he had to evaluate whether the tools are effective and appropriate for the organization. He used a publicly available and free-to-use list of standardized identifiers for software vulnerabilities and exposures to evaluate the tools. Which of the following databases did Jaden use to evaluate the tools and services? LACNIC CVE Whois ARIN
CVE
Which of the following firewalls works at the session layer of the OSI model or TCP layer of TCP/IP, forwards data between networks without verification, and blocks incoming packets from the host but allows traffic to pass through? Packet filtering firewall Circuit-level gateway firewall Application-level firewall Application proxy
Circuit-level gateway firewall
John, a professional hacker, has launched an attack on a target organization to extract sensitive information. He was successful in launching the attack and gathering the required information. He is now attempting to hide the malicious acts by overwriting the server, system, and application logs to avoid suspicion. Which of the following phases of hacking is John currently in? Maintaining access Scanning Clearing tracks Gaining access
Clearing tracks
Which of the following information is exploited by an attacker to perform a buffer overflow attack on a target web application? Cleartext communication Error message Application code Email interaction
Cleartext communication
In which of the following attacks does an attacker exploit the vulnerability residing in a bare-metal cloud server and use it to implant a malicious backdoor in its firmware? Wrapping attack Cloudborne attack Cryptanalysis attack Cross-site scripting attack
Cloudborne attack
In which of the following attack types does an attacker modify the content of a web page by examining its HTML code and identifying form fields that lack valid constraints? Directory traversal Buffer overflow attack Command injection attack Cross-site scripting (XSS) attack
Command injection attack
Which of the following types of malware remains dormant until the user performs an online financial transaction, replicates itself on the computer, and edits the registry entries each time the computer starts? TAN grabber Covert credential grabber HTML injection Form grabber
Covert credential grabber
Which of the following techniques is also called a one-click attack or session riding and is used by an attacker to exploit a victim's active session with a trusted site to perform malicious activities? Cross-site request forgery attack Cross-site script attack Session replay attacks Session fixation
Cross-site request forgery attack
In which of the following attack types does an attacker use compromised PCs with spoofed IP addresses to intensify DDoS attacks on the victims' DNS server by exploiting the DNS recursive method? DoS/DDoS attack DNS server hijacking DNS amplification attack Directory traversal attack
DNS amplification attack
What is the feature in FOCA that checks each domain to ascertain the host names configured in NS, MX, and SPF servers to discover the new host and domain names? Common names DNS search Web search Bing IP
DNS search
Which of the following is a bidirectional antenna used to support client connections, rather than site-to-site applications? Yagi antenna Reflector antenna Dipole antenna Directional antenna
Dipole antenna
In which of the following web application threats does an attacker manipulate the variables that reference files with "dot-dot-slash (../)" sequences and its variations? Unvalidated redirects and forwards Hidden field manipulation attack Directory traversal attack Cookie/session poisoning
Directory traversal attack
Clark, an ethical hacker, is performing vulnerability assessment on an organization's network. Instead of performing footprinting and network scanning, he used tools such as Nessus and Qualys for the assessment. Which of the following types of vulnerability assessment did Clark perform on the organization? Manual assessment Credentialed assessment Distributed assessment Automated assessment
Distributed assessment
Which of the following is the component in the docker architecture where images are stored and pulled and can be either private or public? Docker daemon Docker client Docker registries Docker objects
Docker registries
Which of the following techniques scans the headers of IP packets leaving a network and ensures that unauthorized or malicious traffic never leaves the internal network? Ingress filtering TCP intercept Rate limiting Egress filtering
Egress filtering
Which of the following information does an attacker enumerate by analyzing the AWS error messages that reveal information regarding the existence of a user? Enumerating AWS account IDs Enumerating S3 buckets Enumerating IAM roles Enumerating bucket permissions
Enumerating IAM roles
Which of the following cloud services provides data processing services, such as IoT services for connected devices, mobile and web applications, and batch-and-stream processing? Function as a service (FaaS) Container as a service (CaaS) Security as a service (SECaaS) Identity as a service (IDaaS)
Function as a service (FaaS)
Which of the following is an IDS evasion technique used by attackers to encode an attack packet payload in such a manner that the destination host can decode the packet but not the IDS? Evasion Session splicing Obfuscating Fragmentation
Evasion
Which of the following components of an IoT framework must incorporate strong encryption techniques for secure communications between endpoints and the authentication mechanism for the edge components? Gateway Cloud platform Mobile Edge
Gateway
Which of the following commands is used by the SNMP manager continuously to retrieve all the data stored in an array or table? GetResponse GetNextRequest GetRequest SetRequest
GetNextRequest
When Jake, a software engineer, was using social media, he abruptly received a friend request from an unknown lady. Out of curiosity, he accepted it. She pretended to be nice and tricked Jake into revealing sensitive information about his organization. Once she obtained the information, she deactivated her account. Which of the following types of attack was performed on Jake in the above scenario? Shoulder surfing Honey trap Diversion theft Tailgating
Honey trap
In which of the following phases of social engineering attacks does an attacker collect sensitive information about the organization's accounts, finance, technologies in use, and upcoming plans? Research the target company Select a target Develop a relationship Exploit the relationship
Exploit the relationship
A phase of the cyber kill chain methodology triggers the adversary's malicious code, which utilizes a vulnerability in the operating system, application, or server on a target system. At this stage, the organization may face threats such as authentication and authorization attacks, arbitrary code execution, physical security threats, and security misconfiguration. Which is this phase of the cyber kill chain methodology? Reconnaissance Weaponization Exploitation Installation
Exploitation
Which of the following types of IDS alerts is an alarm raised when no actual attack is in progress? True positive False positive True negative False negative
False positive
Which of the following attacks does not directly recover a WEP key and requires at least one data packet from a target AP for initiation? MAC spoofing attack Evil twin attack Fragmentation attack De-authentication attack
Fragmentation attack
In which of the following incident handling and response phases are the identified security incidents analyzed, validated, categorized, and prioritized? Incident recording and assignment Incident triage Containment Eradication
Incident triage
Rick, an ethical hacker, is performing a vulnerability assessment on an organization and a security audit on the organization's network. In this process, he used a tool for identifying vulnerabilities, configuration issues, and malware that attackers use to penetrate networks. Which of the following tools did Rick use to perform vulnerability assessment? Metagoofil Infoga Immunity Debugger Nessus
Nessus
Which of the following DNS poisoning techniques is used by an attacker to infect a victim's machine with a Trojan and remotely change their DNS IP address to that of the attacker's? DNS cache poisoning Proxy server DNS poisoning Internet DNS spoofing Intranet DNS spoofing
Internet DNS spoofing
Which of the following is an attack technique where the only information available to the attacker is some plaintext blocks along with the corresponding ciphertext and algorithm used to encrypt and decrypt the text? Ciphertext-only attack Adaptive chosen-plaintext attack Chosen-plaintext attack Known-plaintext attack
Known-plaintext attack
Kate, a disgruntled ex-employee of an organization, decided to hinder the operations of the organization and gather sensitive information by injecting malware into the organization's network. Which of the following categories of insiders does Kate belong to? Negligent insider Malicious insider Compromised insider Professional insider
Malicious insider
Which of the following is an attack where an attacker intercepts the communication between a client and server, negotiates cryptographic parameters to decrypt the encrypted content, and obtains confidential information such as system passwords? Chosen-key attack Man-in-the-middle attack Rubber hose attack Chosen-ciphertext attack
Man-in-the-middle attack
Which of the following attacks runs malicious code inside a browser and causes an infection that persists even after closing or browsing away from the malicious web page that spread the infection? Clickjacking attack DNS rebinding attack MarioNet attack XML poisoning
MarioNet attack
Through which of the following SCADA vulnerabilities does an attacker exploit code security issues that include out-of-bound read/write vulnerabilities and heap- and stack-based buffer overflow? Credential management Code injection Lack of authorization Memory corruption
Memory corruption
Which of the following protocols is often used for data compression, digital signing, encryption and decryption of messages, emails, files, and directories as well as to enhance the privacy of email communications? EAP PGP CHAP HMAC
PGP
Which of the following types of vulnerability assessment sniffs the traffic present on the network to identify the active systems, network services, applications, and vulnerabilities? Active assessment Passive assessment Credentialed assessment Distributed assessment
Passive assessment
Which of the following modules establishes a communication channel between the Metasploit framework and a victim host? Exploit module Auxiliary module Payload module NOPS module
Payload module
Which of the following cloud deployment models is also known as the internal or corporate cloud and is a cloud infrastructure operated by a single organization and implemented within a corporate firewall? Community cloud Multi cloud Private cloud Public cloud
Private cloud
Which of the following web services is designed to make services more productive and uses many underlying HTTP concepts to define the services? SOAP RESTful XML-RPC JSON-RPC
RESTful
Which of the following is a shim that runs in the user mode and is used by attackers to bypass UAC and perform different attacks including the disabling of Windows Defender and backdoor installation? RedirectEXE Schtasks launchd WinRM
RedirectEXE
In one of the following IoT attacks, attackers intercept legitimate messages from a valid communication and continuously send the intercepted message to the target device to perform a denial-of-service attack or crash the target device. Which is this IoT attack? Replay attack Exploit kits Network pivoting BlueBorne attack
Replay attack
Which of the following risk management phases involves selecting and implementing appropriate controls for the identified risks to modify them? Risk tracking and review Risk identification Risk treatment Risk assessment
Risk treatment
In which of the following attacks does an attacker install a fake communication tower between two authentic endpoints with the intention of misleading a user and interrupting the data transmission between the user and real tower to hijack an active session? Rogue AP attack Key reinstallation attack Wardriving aLTEr attack
Rogue AP attack
A certain type of port scanning technique is similar to the TCP SYN scan and can be performed quickly by scanning thousands of ports per second on a fast network that is not obstructed by a firewall, offering a strong sense of security. Which of the following is this type of port scanning technique? IDLE/IPID header scanning SCTP COOKIE ECHO scanning SSDP scanning SCTP INIT scanning
SCTP INIT scanning
Which of the following TCP communication flags notifies the transmission of a new sequence number and represents the establishment of a connection between two hosts? FIN flag SYN flag PSH flag RST flag
SYN flag
John, an employee of an organization, always connects to the corporate network using his own mobile device. Which of the following best practices prevents BYOD risk when John connects to the corporate network? Improperly disposing of a device Not reporting a lost or stolen device Providing support for many different devices Separating personal and private data
Separating personal and private data
Which of the following is a process that can be used to convert object data into a linear format for transportation to a different system or different network? Deserialization Serialization Insecure deserialization Directory traversal
Serialization
In which of the following attack types does an attacker exploit vulnerabilities that evolve from the unsafe use of functions in an application in public web servers to send crafted requests to internal or backend servers? SSH brute forcing Web-server password cracking Server-side request forgery Web-server misconfiguration
Server-side request forgery
Ray, a security professional in an organization, was instructed to identify all potential security weaknesses in the organization and fix them before an attacker can exploit them. In the process, he consulted a third-party consulting firm to run a security audit of the organization's network. Which of the following types of solutions did Ray implement in the above scenario? Product-based solution Service-based solution Tree-based assessment Inference-based assessment
Service-based solution
In which of the following attacks does an attacker obtain the user session ID and then reuse it to gain unauthorized access to a target user account? Session token prediction Session token tampering Session hijacking Session replay
Session replay
Santa, an attacker, targeted an organization's web infrastructure and sent partial HTTP requests to the target web server. When the partial requests were received, the web server opened multiple connections and waited for the requests to complete; however, these requests remained incomplete, causing the target server's maximum concurrent connection pool to be exhausted and additional connection attempts to be denied. Which of the following attack techniques was employed by Santa? Slowloris attack Ping-of-death (PoD) attack Multi-vector attack Smurf attack
Slowloris attack
In one of the following types of identity theft, the perpetrator obtains information from different victims to create a new identity by stealing a social security number and uses it with a combination of fake names, date of birth, address, and other details required for creating a new identity. Which is this type of identity theft? Social identity theft Synthetic identity theft Child identity theft Medical identity theft
Synthetic identity theft
Larry, a professional hacker, was hired to launch a few attacks on an organization. In the process, he identified that FTP server ports are open and performed enumeration on FTP to find the software version and state of existing vulnerabilities for performing further exploitations. What is the FTP port number that Larry has targeted? TCP 25 TCP 20/21 TCP/UDP 5060, 5061 TCP 179
TCP 20/21
Edward, a security professional in an organization, was instructed by higher officials to calculate the severity of the organization's systems. In the process, he used CVSS, a published standard that provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. He used three metrics provided by CVSS for measuring vulnerabilities. Which of the following CVSS metrics represents the features that continue to change during the lifetime of the vulnerability? Base metric Environmental metric Temporal metric Overall score
Temporal metric
Which of the following encryption algorithms is a large tweakable symmetric-key block cipher with equal block and key sizes of 256, 512, or 1024 and involves only three operations, that is, addition-rotation-XOR? RC4 Twofish RC5 Threefish
Threefish
Morris, an attacker, has targeted an organization's network. To know the structure of the target network, he combined footprinting techniques with a network utility that helped him create diagrammatic representations of the target network. What is the network utility employed by Morris in the above scenario? Netcraft Tracert Shodan BuzzSumo
Tracert
Which of the following is an evasion technique that involves replacing characters with their ASCII codes in hexadecimal form and prefixing each code point with the percent sign (%)? URL encoding Sophisticated matches Null byte Case variation
URL encoding
In which of the following techniques does an attacker use a combination of upper- and lower-case letters in an XSS payload to bypass the WAF? Using hex encoding to bypass the WAF Using ASCII values to bypass the WAF Using obfuscation to bypass the WAF Using ICMP tunneling
Using ASCII values to bypass the WAF
Which of the following protocols uses AES and the Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) for wireless data encryption? WEP WPA3 WPA2 WPA
WPA2
Which of the following is a mode of operation that includes EAP or RADIUS for centralized client authentication using multiple authentication methods, such as token cards, Kerberos, and certificates? WPA3-Personal WPA2-Personal WPA3-Enterprise WPA2-Enterprise
WPA2-Enterprise
Which of the following is a technique used by an attacker to gather valuable system-level data such as account details, OS, software version, server names, and database schema details? Whois Session hijacking Web server footprinting Vulnerability scanning
Web server footprinting
Which of the following techniques is used by an attacker to perform automated searches on the target website and collect specified information, such as employee names and email addresses? Web spidering Website mirroring Monitoring of web updates Website link extraction
Web spidering
Clark is a professional hacker. He targeted an organization for financial benefit and used various footprinting techniques to gather information about the target network. In this process, he employed a protocol used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system. What is the protocol employed by Clark in the above scenario? SMB Whois SNMP FTP
Whois
Which of the following scanning techniques is used by an attacker to send a TCP frame to a remote device with the FIN, URG, and PUSH flags set? Xmas scan TCP Maimon scan ACK flag probe scan IDLE/IPID header scan
Xmas scan
Which of the following Google advanced search operators displays similar websites to the specified URL? [site:] [info:] [inurl:] [related:]
[related:]
Given below are the steps involved in automated patch management. a. Test b. Assess c. Detect d. Acquire e. Maintain f. Deploy What is the correct sequence of steps involved in automatic patch management? c -> b -> a -> d -> f -> e b -> c -> d -> a -> f -> e c -> b -> d ->a -> f -> e a -> c -> b -> e -> f -> d
c -> b -> d ->a -> f -> e
Which of the following commands is used by an attacker to delete only the history of the current shell and retain the command history of other shells? cat /dev/null > ~.bash_history && history -c && exit history -w export HISTSIZE=0 history -c
history -w
Which of the following hping commands is used by an attacker to scan the entire subnet to detect live hosts in a target network? hping3 -8 50-60 -S 10.0.0.25 -V hping3 -F -P -U 10.0.0.25 -p 80 hping3 -1 10.0.1.x --rand-dest -I eth0 hping3 -9 HTTP -I eth0
hping3 -1 10.0.1.x --rand-dest -I eth0
An attacker performed OS banner grabbing on a target host. They analyzed the packets received from the target system and identified that the values of time to live (TTL) and TCP window size as 255 and 4128, respectively. What is the operating system of the target host on which the attacker performed banner grabbing? Linux (Kernel 2.4 and 2.6) Google Linux Windows 98, Vista, and 7 (Server 2008) iOS 12.4 (Cisco Routers)
iOS 12.4 (Cisco Routers)
Jude, an attacker, has targeted an organization's communication network. While conducting initial footprinting, he used a Google dork to find the VoIP login portals of the organization. What is the Google dork that helped Jude find the VoIP login portals? inurl:8080 intitle:"login" intext:"UserLogin" "English" inurl:/voice/advanced/ intitle:Linksys SPA configuration inurl:/remote/login?lang=en !Host=*.* intext:enc_UserPassword=* ext:pcf
inurl:8080 intitle:"login" intext:"UserLogin" "English"
Which of the following modbus-cli commands is used by attackers to manipulate the register values in a target PLC device? modbus write <Target IP> 101 1 1 1 1 1 1 1 1 1 1 modbus write <Target IP> %M100 1 1 1 1 1 1 1 1 1 1 modbus write <Target IP> %MW100 2 2 2 2 2 2 2 2 modbus write <Target IP> 400101 2 2 2 2 2 2 2 2 modbus read <Target IP> 101 10 modbus read <Target IP> %M100 10 modbus read <Target IP> %MW100 10 modbus read <Target IP> 400101 10
modbus write <Target IP> %MW100 2 2 2 2 2 2 2 2 modbus write <Target IP> 400101 2 2 2 2 2 2 2 2
Which of the following Net View commands is used by an attacker to view all the available shares in a domain? net view \\<computername> /ALL net view /domain:<domain name> net view /domain net view \\<computername>
net view /domain
Sam, an ethical hacker, is launching an attack on a target company. He performed various enumeration activities to detect any existing vulnerabilities on the target network and systems. In this process, he performed NTP enumeration and executed some commands to acquire the list of hosts connected to the NTP server. Which of the following NTP enumeration commands helps Sam in collecting system information such as the number of time samples from several time sources? ntptrace ntpdc ntpdate ntpq
ntpdate
Which of the following RFCrack commands is used by an attacker to perform an incremental scan on a target IoT device while launching a rolling-code attack? python RFCrack.py -b -v 5000000 python RFCrack.py -j -F 314000000 python RFCrack.py -r -M MOD_2FSK -F 314350000 python RFCrack.py -i
python RFCrack.py -b -v 5000000
