An Ethical Hacker is one employed to undertake an attempt to penetrate networks and systems using the same methods and techniques as a hacker.
This individual is expected to help in achieving optimal information security posture through scanning, testing, hacking and securing their own systems....
Question: 1
What is the name of the software tool used to crack a single account on Netware Servers using a
dictionary attack?
A. NPWCrack
B. NWPCrack
C. NovCrack
D. CrackNov
E. GetCrack
Answer: B
Explanation:
NWPCrack is the software tool used to crack single accounts on Netware servers.
Question: 2
How can you determine if an LM hash you extracted contains a password that is less than 8
characters long?
A. There is no way to tell because a hash cannot be reversed
B. The right most portion of the hash is always the same
C. The hash always starts with AB923D
D. The left most portion of the hash is always the same
E. A portion of the hash will be all 0's
Answer: B
Explanation:
When loosheets at an extracted LM hash, you will sometimes observe that the right most portion
is always the same. This is padding that has been added to a password that is less than 8
characters long.
Question: 3
Several of your co-workers are having a discussion over the etc/passwd file. They are at odds
over what types of encryption are used to secure Linux passwords.(Choose all that apply).
A. Linux passwords can be encrypted with MD5
B. Linux passwords can be encrypted with SHA
C. Linux passwords can be encrypted with DES
D. Linux passwords can be encrypted with Blowfish
E. Linux passwords are encrypted with asymmetric algrothims
Answer: A, C D
Explanation:
Linux passwords can be encrypted with several types of hashing algorithms. These include SHQ,
MD5, and Blowfish.
Question: 4
What are the two basic types of attacks?(Choose two.
A. DoS
B. Passive
C. Sniffing
D. Active
Page 1 of 77
Explanation:
Passive and active attacks are the two basic types of attacks.
Question: 5
Sniffing is considered an active attack.
A. True
B. False
Answer: B
Explanation:
Sniffing is considered a passive attack.
Question: 6
When discussing passwords, what is considered a brute force attack?
A. You attempt every single possibility until you exhaust all possible combinations or discover the
password
B. You threaten to use the rubber hose on someone unless they reveal their password
C. You load a dictionary of words into your cracsheets program
D. You create hashes of a large number of words and compare it with the encrypted passwords
E. You wait until the password expires
Answer: A
Explanation:
Brute force cracsheets is a time consuming process where you try every possible combination of
letters, numbers, and characters until you discover a match.
Question: 7
Which of the following are well know password-cracsheets programs?(Choose all that apply.
A. L0phtcrack
B. NetCat
C. Jack the Ripper
D. Netbus
E. John the Ripper
Answer: A, E
Explanation:
L0phtcrack and John the Ripper are two well know password-cracsheets programs. Netcat is
considered the Swiss-army knife of hacsheets tools, but is not used for password cracsheets
Question: 8
Password cracsheets programs reverse the hashing process to recover passwords.(True/False.
Explanation:
Password cracsheets programs do not reverse the hashing process. Hashing is a one-way
process.
What these programs can do is to encrypt words, phrases, and characters using the same
encryption process and compare them to the original password. A hashed match reveals the true
password.
Question: 9
What does the following command achieve?
Telnet <IP Address> <Port 80>
HEAD /HTTP/1.0
<Return>
<Return>
A. This command returns the home page for the IP address specified
B. This command opens a backdoor Telnet session to the IP address specified
C. This command returns the banner of the website specified by IP address
D. This command allows a hacker to determine the sites security
E. This command is bogus and will accomplish nothing
Answer: C
Explanation:
This command is used for banner grabbing. Banner grabbing helps identify the service and
version of web server running.
Question: 10
Your lab partner is trying to find out more information about a competitors web site. The site has a
.com extension. She has decided to use some online whois tools and look in one of the regional
Internet registrys.
Which one would you suggest she looks in first?
A. LACNIC
B. ARIN
C. APNIC
D. RIPE
E. AfriNIC
Answer: B
Explanation:
Regional registries maintain records from the areas from which they govern. ARIN is responsible
for domains served within North and South America and therefore, would be a good starting point
for a .com domain.
Question: 11
Which of the following tools are used for footprinting?(Choose four.
Explanation:
All of the tools listed are used for footprinting except Cheops.
Question: 12
According to the CEH methodology, what is the next step to be performed after footprinting?
A. Enumeration
B. Scanning
C. System Hacsheets
D. Social Engineering
E. Expanding Influence
Answer: B
Explanation:
Once footprinting has been completed, scanning should be attempted next. Scanning should take
lace on two distinct levels: network and host.
Question: 13
NSLookup is a good tool to use to gain additional information about a target network. What does
the following command accomplish?
nslookup
> server <ipaddress>
> set type =any
> ls -d <target.com>
A. Enables DNS spoofing
B. Loads bogus entries into the DNS table
C. Verifies zone security
D. Performs a zone transfer
E. Resets the DNS cache
Answer: D
Explanation:
If DNS has not been properly secured, the command sequence displayed above will perform a
zone transfer.
Question: 14
While footprinting a network, what port/service should you look for to attempt a zone transfer?
A. 53 UDP
B. 53 TCP
C. 25 UDP
D. 25 TCP
E. 161 UDP
F. 22 TCP
G. 60 TCP
Page 4 of 77
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller supportmutiglobeapp. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $22.38. You're not tied to anything after your purchase.
