Ethical Hacking and Countermeasures
Question No: 131 – (Topic 4)
A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it?
Select the best answers.
Use port security on his switches.
Use a tool like ARPwatch to monitor for strange ARP activity.
Use a firewall between all LAN segments.
If you have a small network, use static ARP entries.
Use only static IP addresses on all PC#39;s.
Answer: A,B,D Explanation: Explanations:
By using port security on his switches, the switches will only allow the first MAC address that is connected to the switch to use that port, thus preventing ARP spoofing. ARPWatch is a tool that monitors for strange ARP activity. This may help identify ARP spoofing when it happens. Using firewalls between all LAN segments is possible and may help, but is usually pretty unrealistic. On a very small network, static ARP entries are a possibility.
However, on a large network, this is not an realistic option. ARP spoofing doesn#39;t have anything to do with static or dynamic IP addresses. Thus, this option won#39;t help you.
Question No: 132 – (Topic 4)
Let#39;s imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e- mails from company B. How do you prevent DNS spoofing? (Select the Best Answer.)
Install DNS logger and track vulnerable packets
Disable DNS timeouts
Install DNS Anti-spoofing
Disable DNS Zone Transfer
Explanation: Explantion: Implement DNS Anit-Spoofing measures to prevent DNS Cache Pollution to occur.
Question No: 133 – (Topic 4)
John is a keen administrator, and has followed all of the best practices as he could find on securing his Windows Server. He has renamed the Administrator account to a new name that he is sure cannot be easily guessed. However, there are people who already attempt to compromise his newly renamed administrator account.
How is it possible for a remote attacker to decipher the name of the administrator account if it has been renamed?
The attacker used the user2sid program.
The attacker used the sid2user program.
The attacker used nmap with the -V switch.
The attacker guessed the new name.
Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection.
Question No: 134 – (Topic 4)
Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enumeration he is looking for?
Select the best answers.
Solarwinds IP Network Browser
Answer: A,B,D Explanation: Explanations:
SNMPUtil is a SNMP enumeration utility that is a part of the Windows 2000 resource kit. With SNMPUtil, you can retrieve all sort of valuable information through SNMP. SNScan is a SNMP network scanner by Foundstone. It does SNMP scanning to find open SNMP ports. Solarwinds IP Network Browser is a SNMP
enumeration tool with a graphical tree-view of the remote machine#39;s SNMP data.
Question No: 135 – (Topic 4)
MX record priority increases as the number increases.(True/False.
Explanation: The highest priority MX record has the lowest number.
Question No: 136 DRAG DROP – (Topic 4)
Drag the application to match with its correct description.
Question No: 137 – (Topic 4)
You have the SOA presented below in your Zone. Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?
collegae.edu.SOA,cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)
Explanation: The numbers represents the following values: 200302028; se = serial number
3600; ref = refresh = 1h 3600; ret = update retry = 1h 604800; ex = expiry = 1w
3600; min = minimum TTL = 1h
Question No: 138 – (Topic 4)
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two.
What would you call this attack?
Explanation: A man-in-the-middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised.
Question No: 139 – (Topic 4)
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all that apply.
Explanation: NetBIOS traffic can quickly be used to enumerate and attack Windows computers. Ports 135, 139, and 445 should be blocked.
Question No: 140 – (Topic 4)
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.
For /f quot;tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:quot;Administratorquot;
What is Eve trying to do?
Eve is trying to connect as an user with Administrator privileges
Eve is trying to enumerate all users with Administrative privileges
Eve is trying to carry out a password crack for user Administrator
Eve is trying to escalate privilege of the null user to that of Administrator
Explanation: Eve tries to get a successful login using the username Administrator and passwords from the file hackfile.txt.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|