Ethical Hacking Exam Questions with Answers
Where in Internet Explorer can ActiveX controls be disabled? - Answer-Tools>>Internet Options >>Security>>Custom level
You have gained access to a client computer that has e-mail software installed, and would like to prove that th...
Where in Internet Explorer can ActiveX controls be disabled? - Answer-Tools>>Internet
Options >>Security>>Custom level
You have gained access to a client computer that has e-mail software installed, and
would like to prove that the e-mail software built in protections do not adequately protect
saved passwords. What tool(s) can you use to recover the e-mail account passwords? -
Answer-Mail PassView
Advanced MailBox Password Recovery
What happens when a packet with a flag of RST is sent to a host? - Answer-The
receiving host closes the connection and enters the CLOSED state, and releases all
resources from the connection
After gaining access to a Windows Active Directory domain controller, you are now
hoping to crack passwords for accounts across the domain. What utility can you use to
attempt to gain authentication details on this server? - Answer-L0phtCrack
After scanning a targeted server, you discover that UDP port 1434 is open and appears
to be active. What does this tell you about the target server? - Answer-It is possible that
arbitrary code can be executed utilizing a specially crafted request to the UDP port
The server is using the SQL Server Resolution Service (SSRS) and may be vulnerable
to buffer overflow attacks
In securing IIS, what steps should be taken to implement sufficient auditing and
logging? - Answer-IIS log files should be relocated and protected by IISLockdown
Failed logon attempts should be enabled in logging
What is the primary source for web server vulnerabilities? - Answer-server side scripting
exploits
As part of an audit, you are performing reconnaissance of a client's network. You are
attempting to target SQL servers, which you then plan to attempt to gain access to.
What program can you use to perform SQL server fingerprinting, as well as brute force
attacks, and create a custom xp_cmdshell? - Answer-Sqlninja
What HTTP authentication mechanism can utilize the Windows credentials of the
logged in user to attempt to authenticate to a Web page? - Answer-NTLM based
authentication
, How can a web serve application be secured against SQL injection attacks? - Answer-
User input should be validated and sanitized, as well as checked for expected data
types, and should not be allowed as part of a query if these checks fail
Upon finding an IIS server in your client's network, you discover that a virtual directory
named MSADC is accessible on the web page's root structure. How could you take
advantage of this? - Answer-You could use the showcase.asp script along with a single
file on the server to view the source code of the file, and you can view other file contents
via directory traversal
What regular expressions can be used to check for single quotes or double dashes, for
input validation purposes? - Answer-/(\%27)|(\')|(\-\-)|(\%23)|(#)/ix
//(\%3D)|(=)[^\n]*((\%27)|(\')|(\-\-)|(\%3B)|(;))/i
What countermeasure can be deployed to reduce the likelihood of log tampering? -
Answer-Ensure all logs are digitally signed and time stamped
What does the Address-bar protection setting do in Internet Explorer? - Answer-It
prevents pop-ups or standard windows from hiding the address bar, ensuring a user can
always see the current URL of a web page
What are valid countermeasures against password crackers that help ensure password
security is maintained? - Answer-Provide training on how to select secure passwords
An account should be locked if an incorrect password is entered several times in a row
What is the role of the BITS server extension in IIS? - Answer-It is used by applications
such as Windows Updates and Automatic Updates for background file transfers
What extension of NTLM authentications provides Kerberos based authentication over
HTTP? - Answer-negotiate authentication
Your client has come to you requesting that you assist with the implementation of
session hijacking countermeasures. What approaches are valid for this request? -
Answer-Minimize remote access, and require strong authentication and encryption use
for all VPNs
Allow limited incoming connections and only from known trusted IP addresses
What Internet Explorer setting can be enabled to prevent scripts on web pages from
interacting with content from other domains or windows? - Answer-Cross-domain
barriers
What utility allows its user to monitor an entire network and assists in taking over
sessions, while also saving an exact copy of the user's session? - Answer-IP Watcher
You are securing a web application and have been tasked with securing user cookies
from misuse. What steps can you take to ensure stolen cookies and changed values in
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Perfectscorer. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €12,55. Je zit daarna nergens aan vast.