Ethical Hacking Exam 2024 Correctly Answered

Ethical Hacking Exam 2024 Correctly Answered What two scripts in the WEPCrack toolset are used to imitate IVs and encrypted output seen from an access point, and then to crack the WEP key used by the access point? - Answer -WeakIVG WEPC A client was recently compromised even though their IDS detected an attack. The compromise occurred because there was no one actively monitoring the IDS. What can be done to ensure that the IDS grabs the attention of a system administrator when attacks occur? - Answer -A sound file can be played when an attack is detected, to generate an audible alarm that the administrator must respond to The IDS can send an SNMP trap to the e-mail address of the administrator, or to a management system What part of a cell phone jammer transmits the radio signals used to block cell traffic? - Answer -voltagecontrolled oscillator What does the "++" line in a user's .rhosts file do? - Answer -It allows anyone to log into the system using that user's ID without a password A client has approached you with what they believe is a compromised Mac OS X machine. Upon investigating the machine's filesystem, you uncover several odd files in the /tmp directory. Specifically, you find /tmp/ and /tmp/pic. What infection does the OS X computer have? - Answer - OSX/Leap-A worm Public-key cryptography is an example of what type of encryption? - Answer -asymmetric encryption You are attempting to penetrate a client's network by gaining physical access to their server room. Upon finding the room, you discover a door that doesn't appear to have a corresponding strike plate on the door knob side, and it doesn't appear to be using a tumbler lock, despite having a keyed entry. Through the thick security glass next to the door, a visible rack system with a glass panel shows a reflection of the other side of the door. The top of the door appears to have an electric junction box just above the frame portion of the door. What type of lock is most likely being used? - Answer -An electromagnetic lock that requires a key to interrupt current to the magnet at the top of the door What statement accurately describes the Blowfish secret-key cryptographic method? - Answer -It uses a variable key length of 32 to 448 bits and utilizes a block cipher that organizes data into chunks of 64-bits before encrypting themA client has asked that you evaluate the security mechanisms utilized on their wireless network. A network administrator has informed you that the wireless networks utilize shared key authentication. What can you determine from this statement? - Answer -The network is utilizing WEP encryption What type of attack against RSA depends upon the weakness in implementations of the RSA protocol? - Answer -esoteric RSA attack You are utilizing a Mac OS X computer and you need to utilize industry-standard encryption to protect confidential client data. What utility can you use for this purpose? - Answer -FileGuard What statement accurately describes the iNdependence jailbreaking tool? - Answer -It provides an interface for jailbreaking, SIM unlocking, SSH installation, and app insallation on an iPhone You are attempting to access a secured file on a client's Linux system as part of an audit. Currently, the permissions on the file are set to "-rwx-rw-r--", and you are not the file owner, nor are you in the group that has been assigned to the file. What permissions do you have? - Answer -read Where can the keys to access BlackBerry devices remotely be found? - Answer -The keys can be found in the user's secure mailbox A client was recently contacted by their ISP after the ISP detected their cable modem was operating at uncapped speeds. The client has given you full access to their network to determine how the compromise of their modem occurred. What software tool may have been used due to the fact that all the uncapping steps are integrated into a single program? - Answer -OneStep: ZUP What tool can be used by a Linux administrator to monitor for port scan attempts? - Answer -Klaxon You are auditing a client's network and have gained physical access to a workstation. To prevent any security software from detecting your intrustion, you would like to use a LiveCD that can crack Windows passwords. What should you use? - Answer -OrphCrack LiveCD Your client has asked you to secure the NNTP protocol services on a Linux server. What could you use to encrypt these connections even though NNTP is not SSL aware? - Answer -Stunnel After recovering a WEP key from a wireless network, your workstation still fails to connect to the network. Other stations are seen in Kismet, so the network is clearly working.