Match the attack type with the respective description.
Match the attack type with the respective description. Reflected DOS ==> This attack uses spoofed packets that appear to be from the victim. Then the sources become unwitting participants in…
What is a Kerberoasting attack?
What is a Kerberoasting attack? It is an attempt to steal the hash value of a user credential and use it to create a new user session on the same network.…
Which is a characteristic of the pass-the-hash attack?
Which is a characteristic of the pass-the-hash attack? capture of a password hash (as opposed to the password characters) and using the same hashed value for authentication and lateral access…
Which two best practices would help mitigate FTP server abuse and attacks? (Choose two.)
Which two best practices would help mitigate FTP server abuse and attacks? (Choose two.) limit anonymous logins to a select group of people edit the hosts file to limit the…
Match the SMTP command with the respective description.
Match the SMTP command with the respective description. MAIL ==> Used to denote the email address of the sender RSET ==> Used to cancel an email transaction EHELO ==> Used…
Which Kali Linux tool or script can gather information on devices configured for SNMP?
Which Kali Linux tool or script can gather information on devices configured for SNMP? snmp-check nslookup snmp-brute.nse snmp-netstat.nse Explanation & Hint: The Kali Linux snmp-check tool can perform an SNMP…
Which is a characteristic of a DNS poisoning attack?
Which is a characteristic of a DNS poisoning attack? The DNS server forward lookup zone is cleared. The DNS server reverse lookup zone is cleared. The DNS resolver cache is…
What UDP port number is used by SNMP protocol?
What UDP port number is used by SNMP protocol? 161 182 128 176 Explanation & Hint: Simple Network Management Protocol (SNMP) is a protocol that many individuals and organizations use…
What two features are present on DNS servers using BIND 9.5.0 and higher that help mitigate DNS cache poisoning attacks? (Choose two.)
What two features are present on DNS servers using BIND 9.5.0 and higher that help mitigate DNS cache poisoning attacks? (Choose two.) randomization of ports provision of cryptographically secure DNS…
Match the port type and number with the respective NetBIOS protocol service.
Match the port type and number with the respective NetBIOS protocol service. UDP port 138 ==> NetBIOS Datagram Service UDP port 137 ==> NetBIOS Name Service TCP port 445 ==>…
Which NetBIOS service is used for connection-oriented communication?
Which NetBIOS service is used for connection-oriented communication? NetBIOS-NS NetBIOS-DGM NetBIOS-SSN LLMNR Explanation & Hint: NetBIOS provides three different services: NetBIOS Name Service (NetBIOS-NS) for name registration and resolution Datagram…
A user has found a USB pen drive in the corporate parking lot. What should the user do with this pen drive?
A user has found a USB pen drive in the corporate parking lot. What should the user do with this pen drive? throw the pen drive away deliver the pen…
A new employee is celebrating their position with a large company by posting a picture of their access identification on social media. What kind of physical attack has the new employee unknowingly enabled?
A new employee is celebrating their position with a large company by posting a picture of their access identification on social media. What kind of physical attack has the new…
Which tool can send fake notifications to the browser of a victim?
Which tool can send fake notifications to the browser of a victim? Nexpose BeEF Nikto Asterisk Explanation & Hint: Browser Exploitation Framework (BeEF) is a tool that can be used…
Which tool permits post-exploitation activities, such as Windows reverse VNC DLL and reverse TCP shell?
Which tool permits post-exploitation activities, such as Windows reverse VNC DLL and reverse TCP shell? BeEF SET Nessus Nikto Explanation & Hint: Social Engineer Toolkit (SET) is a tool that…
A threat actor has sent a text message to a victim stating that they have won bitcoins in a bank contest. To claim their prize, the victim must click the provided link and enter their bank account information. What social engineering attack can be accomplished if the user enters their banking information?
A threat actor has sent a text message to a victim stating that they have won bitcoins in a bank contest. To claim their prize, the victim must click the…
Which Apple iOS and Android tools can spoof a phone number, record calls, and generate different background noises?
Which Apple iOS and Android tools can spoof a phone number, record calls, and generate different background noises? Nessus Asterisk SpoofCard BeEF Explanation & Hint: Several call spoofing tools can…
What is the purpose of a vishing attack?
What is the purpose of a vishing attack? to create emails and web pages to collect sensitive information from a user to convince a victim on a phone call to…
Who is the target of a whaling attack?
Who is the target of a whaling attack? upper managers such as the CEO or key individuals in an organization ordinary users user groups of social networks such as Facebook…
Which tool can launch social engineering attacks and be integrated with third-party tools and frameworks such as Metasploit?
Which tool can launch social engineering attacks and be integrated with third-party tools and frameworks such as Metasploit? BeEF Nessus SET Asterisk Explanation & Hint: Social-Engineer Toolkit (SET) is a…
- Go to the previous page
- 1
- …
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- …
- 266
- Go to the next page