_________ is a type of phishing that targets high-profile executives such as CEOs,
CFOs, politicians, and celebrities who have access to confidential and highly valuable
information. - Answer -Whaling
By performing a penetration test, you gained access under a user account. During the
test, you established a connection with your own machine via the SMB service and
occasionally entered your login and password in plaintext. - Answer -.bash_history
An attacker is trying to redirect the traffic of a small office. That office is using their own
mail server, DNS server and NTP server because of the importance of their job. The
attacker gain access to the DNS server and redirect the direction www.google.com to
his own IP address. Now when the employees of the office want to go to Google they
are being redirected to the attacker machine. What is the name of this kind of attack? -
Answer -DNS spoofing
Ralph, a professional hacker, targeted Jane, who had recently bought new systems for
her company. After a few days, Ralph contacted Jane while masquerading as a
legitimate customer support executive, informing that her systems need to be serviced
for proper functioning and that customer support will send a computer technician. Jane
promptly replied positively. Ralph entered Jane's company using this opportunity and
gathered sensitive information by scanning terminals for passwords, searching for
important documents in desks, and rummaging bins. - Answer -Impersonation
A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire
information related to the current time from the target host machine. Which of the
following Zenmap options must the analyst use to perform the ICMP timestamp ping
scan? - Answer --PP
Ricardo has discovered the username for an application in his target's environment. As
he has a limited amount of time, he decides to attempt to use a list of common
passwords he found on the Internet. He compiles them into a list and then feeds that list
as an argument into his password-cracking application. What type of attack is Ricardo
performing? - Answer -Dictionary
, An attacker, using a rogue wireless AP, performed an MITM attack and injected an
HTML code to embed a malicious applet in all HTTP connections. When users
accessed any page, the applet ran and exploited many machines. Which one of the
following tools the hacker probably used to inject HTML code? - Answer -Ettercap
You have been authorized to perform a penetration test against a website. You want to
use Google dorks to footprint the site but only want results that show file extensions.
What Google dork operator would you use? - Answer -filetype
Which of these is capable of searching for and locating rogue access points? - Answer -
WIPS
Miley, a professional hacker, decided to attack a target organization's network. To
perform the attack, she used a tool to send fake ARP messages over the target network
to link her MAC address with the target system's IP address. By performing this, Miley
received messages directed to the victim's MAC address and further used the tool to
intercept, steal, modify, and block sensitive communication to the target system. What is
the tool employed by Miley to perform the above attack? - Answer -BetterCAP
Which of the following Bluetooth hacking techniques refers to the theft of information
from a wireless device through Bluetooth? - Answer -Bluesnarfing
Bob was recently hired by a medical company after it experienced a major cyber
security breach. Many patients are complaining that their personal medical records are
fully exposed on the Internet and someone can find them with a simple Google search.
Bob's boss is very worried because of regulations that protect those dat a. Which of the
following regulations is mostly violated? - Answer -HIPPA/PHl
Harper, a software engineer, is developing an email application. To ensure the
confidentiality of email messages. Harper uses a symmetric-key block cipher having a
classical 12- or 16-round Feistel network with a block size of 64 bits for encryption,
which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based on bent functions,
modular addition and subtraction, key-dependent rotation, and XOR operations. This
cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its
functions. What is the algorithm employed by Harper to secure the email messages? -
Answer -CAST-128
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP
does not encrypt email, leaving the information in the message vulnerable to being read
by an unauthorized person. SMTP can upgrade a connection between two mail servers
to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the
command used by SMTP to transmit email over TLS? - Answer -STARTTLS
What type of virus is most likely to remain undetected by antivirus software? - Answer -
Stealth virus
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller millyphilip. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £8.93. You're not tied to anything after your purchase.