Ethical Hacking and Countermeasures
Question No: 261 – (Topic 7)
You are sniffing as unprotected WiFi network located in a JonDonalds Cybercafe with Ethereal to capture hotmail e-mail traffic. You see lots of people using their laptops browsing the web while snipping brewed coffee from JonDonalds. You want to sniff their email message traversing the unprotected WiFi network.
Which of the following ethereal filters will you configure to display only the packets with the hotmail messages?
(http contains “hotmail”) amp;amp; ( http contains “Reply-To”)
(http contains “e-mail” ) amp;amp; (http contains “hotmail”)
(http = “login.passport.com” ) amp;amp; (http contains “SMTP”)
(http = “login.passport.com” ) amp;amp; (http contains “POP3”)
Explanation: Each Hotmail message contains the tag Reply-To:lt;sender addressgt; and “xxxx-xxx-xxx.xxxx.hotmail.com” in the received tag.
Question No: 262 – (Topic 7)
Bob is conducting a password assessment for one of his clients. Bob suspects that password policies are not in place and weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weakness and key loggers. What are the means that Bob can use to get password from his client hosts and servers?
Hardware, Software and Sniffing
Hardware and Software Keyloggers
Software only, they are the most effective
Passwords are always best obtained using Hardware key loggers
Explanation: All loggers will work as long as he has physical access to the computers.
Question No: 263 – (Topic 7)
The follows is an email header. What address is that of the true originator of the message?
Received: from smtp.com (fw.emumail.com [22.214.171.124].
by raq-221-181.ev1.net (8.10.2/8.10.2. with ESMTP id h78NIn404807 for lt;email@example.com;; Sat, 9 Aug 2003 18:18:50 -0500
Received: (qmail 12685 invoked from network.; 8 Aug 2003 23:25:25 -0000
Received: from ([126.96.36.199]. by smtp.com with SMTP
Received: from unknown (HELO CHRISLAPTOP. (188.8.131.52. by localhost with SMTP; 8 Aug 2003 23:25:01 -0000
Subject: We need your help!
Date: Fri, 8 Aug 2003 19:12:28 -0400
boundary=quot;–=_NextPart_000_0052_01C35DE1.03202950quot; X-Priority: 3 (Normal.
X-Mailer: Microsoft Outlook, Build 10.0.2627
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal
Explanation: Spoofing can be easily achieved by manipulating the quot;fromquot; name field, however, it is much more difficult to hide the true source address. The quot;received fromquot; IP address 184.108.40.206 is the true source of the
Question No: 264 – (Topic 7)
How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS#39;s on a network?
Explanation: A covert channel is described as: quot;any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy.quot; Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information.
Question No: 265 – (Topic 7)
A remote user tries to login to a secure network using Telnet, but accidently types in an invalid user name or password. Which responses would NOT be preferred by an experienced Security Manager? (multiple answer)
Login Attempt Failed
Answer: A,B Explanation:
As little information as possible should be given about a failed login attempt. Invalid username or password is not desirable.
Question No: 266 – (Topic 7)
When Jason moves a file via NFS over the company#39;s network, you want to grab a copy of it by sniffing. Which of the following tool accomplishes this?
Explanation: Filesnarf – sniff files from NFS traffic OPTIONS
Specify the interface to listen on.
-v quot;Versusquot; mode. Invert the sense of matching, to select non-matching files.
Specify regular expression for filename matching.
Specify a tcpdump(8) filter expression to select traffic to sniff.
Question No: 267 – (Topic 7)
How do you defend against ARP spoofing?
Place static ARP entries on servers, workstation and routers
True IDS Sensors to look for large amount of ARP traffic on local subnets
Use private VLANS
Use ARPWALL system and block ARP spoofing attacks
Explanation: ARPWALL is a opensource tools will give early warning when arp attack occurs. This tool is still under construction.
Question No: 268 – (Topic 7)
Which of the following is not considered to be a part of active sniffing?
Question No: 269 – (Topic 7)
What does the following command in quot;Ettercapquot; do? ettercap -NCLzs -quiet
This command will provide you the entire list of hosts in the LAN
This command will check if someone is poisoning you and will report its IP
This command will detach ettercap from console and log all the sniffed passwords to a file
This command broadcasts ping to scan the LAN instead of ARP request all the subset IPs
Explanation: -L specifies that logging will be done to a binary file and -s tells us it is running in script mode.
Question No: 270 – (Topic 7)
Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options?
RSA, LSA, POP
SSID, WEP, Kerberos
SMB, SMTP, Smart card
Kerberos, Smart card, Stanford SRP
Explanation: Kerberos, Smart cards and Stanford SRP are techniques where the password never leaves the computer.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|