Richard, an attacker, aimed to hack IoT devices connected to a target network. In this process, Richard
recorded the frequency required to share information between connected devices. After obtaining the
frequency, he captured the original data when commands were initiated by the connected devices.
Once the original data were collected, he used free tools such as URH to segregate the command
sequence.Subsequently, he started injecting the segregated command sequence on the same frequency
into the IoT network, which repeats the captured signals of the devices.What is the type of attack
performed by Richard in the above scenario? - Replay attack
_________ is a tool that can hide processes from the process list, can hide files, registry entries, and
intercept keystrokes. - RootKit
Firewalk has just completed the second phase (the scanning phase) and a technician receives the output
shown below. What conclusions can be drawn based on these scan results?TCP port 21 no responseTCP
port 22 no responseTCP port 23 Time-to-live exceeded - The scan on port 23 passed through the filtering
device. This indicates that port 23 was not blocked at the firewall
A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer's
software and hardware without the owner's permission. Their intention can either be to simply gain
knowledge or to illegally make changes.Which of the following class of hacker refers to an individual
who works both offensively and defensively at various times? - Gray Hat
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems? -
msfencode
Which of the following allows attackers to draw a map or outline the target organization's network
infrastructure to know about the actual environment that they are going to hack. - Scanning networks
Which of the following programs is usually targeted at Microsoft Office products? - Macro virus
How can rainbow tables be defeated? - Password salting
, What does the -oX flag do in an Nmap scan - Output the results in XML format to a file
Mr. Omkar performed tool-based vulnerability assessment and found two vulnerabilities. During
analysis, he found that these issues are not true vulnerabilities. What will you call these issues? - False
positives
Henry is a penetration tester who works for XYZ organization. While performing enumeration on a client
organization, he queries the DNS server for a specific cached DNS record. Further, by using this cached
record, he determines the sites recently visited by the organization's user. What is the enumeration
technique used by Henry on the organization? - DNS cache snooping
Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker.
Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob, an attacker, takes
advantage of this vulnerability and secretly exploits the hardware of Kate's phone so that he can
monitor the loudspeaker's output from data sources such as voice assistants, multimedia messages, and
audio files by using a malicious app to breach speech privacy. What is the type of attack Bob performed
on Kate in the above scenario? - aLTEr attack
Which command can be used to show the current TCP/IP connections? - Netstat
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and
software as many of the other clients on the network. The client can see the network, but cannot
connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the
association requests being sent by the wireless client. What is a possible source of this problem? - The
WAP does not recognize the client's MAC address
Which system consists of a publicly available set of databases that contain domain name registration
contact information? - WHOIS
Your company was hired by a small healthcare provider to perform a technical assessment on the
network.What is the best approach for discovering vulnerabilities on a Windows-based computer? - Use
a scan tool like Nessus
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller oneclass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.48. You're not tied to anything after your purchase.