Last Updated on July 23, 2021 by InfraExam
312-50 : CEH Certified Ethical Hacker (312-50v9) : Part 29
Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.
Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.
- Solarwinds IP Network Browser
If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?
- Brute force
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?
- Hardware, Software, and Sniffing.
- Hardware and Software Keyloggers.
- Passwords are always best obtained using Hardware key loggers.
- Software only, they are the most effective.
Study the snort rule given below:
From the options below, choose the exploit against which this rule applies.
- SQL Slammer
- MS Blaster
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?
- symmetric algorithms
- asymmetric algorithms
- hashing algorithms
- integrity algorithms
A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.
However, he is unable to capture any logons though he knows that other users are logging in.
What do you think is the most likely reason behind this?
- There is a NIDS present on that segment.
- Kerberos is preventing it.
- Windows logons cannot be sniffed.
- L0phtcrack only sniffs logons to web servers.
You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decrypting?
In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?
- Full Blown
What is the algorithm used by LM for Windows2000 SAM?
E-mail scams and mail fraud are regulated by which of the following?
- 18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers
- 18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices
- 18 U.S.C. par. 1362 Communication Lines, Stations, or Systems
- 18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication
Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)
Which of the following is the primary objective of a rootkit?
- It opens a port to provide an unauthorized service
- It creates a buffer overflow
- It replaces legitimate programs
- It provides an undocumented opening in a program
This kind of password cracking method uses word lists in combination with numbers and special characters:
- Brute Force
_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.
- DoS tool
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?
- Copy the system files from a known good system
- Perform a trap and trace
- Delete the files and try to determine the source
- Reload from a previous backup
- Reload from known good media
What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?
- All are hacking tools developed by the legion of doom
- All are tools that can be used not only by hackers, but also security personnel
- All are DDOS tools
- All are tools that are only effective against Windows
- All are tools that are only effective against Linux
How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?
- There is no way to tell because a hash cannot be reversed
- The right most portion of the hash is always the same
- The hash always starts with AB923D
- The left most portion of the hash is always the same
- A portion of the hash will be all 0’s
When discussing passwords, what is considered a brute force attack?
- You attempt every single possibility until you exhaust all possible combinations or discover the password
- You threaten to use the rubber hose on someone unless they reveal their password
- You load a dictionary of words into your cracking program
- You create hashes of a large number of words and compare it with the encrypted passwords
- You wait until the password expires
Which of the following are well known password-cracking programs?
- Jack the Ripper
- John the Ripper
Password cracking programs reverse the hashing process to recover passwords. (True/False.)