-
Saat ini Anda mengakses IndoForum sebagai tamu, sehingga Anda tidak memiliki akses penuh untuk melihat artikel dan diskusi yang hanya tersedia bagi anggota. Dengan bergabung, Anda akan mendapatkan akses penuh untuk bertanya, mengirim pesan pribadi, mengikuti polling, dan menggunakan fitur-fitur lainnya. Proses pendaftaran sangat cepat, mudah, dan gratis.
Silakan daftar dan validasi email Anda untuk mendapatkan akses penuh sebagai anggota. Harap masukkan alamat email yang valid dan periksa kotak masuk Anda setelah mendaftar untuk proses validasi.
|
LOUNGE |
TANYA JAWAB |
KESEHATAN |
MUSIC |
MOVIES |
OLAHRAGA |
KULINER |
ANIME |
JOKES
GAMES |
COMPUTER |
OTOMOTIF |
PETS |
PONSEL |
DEBATE |
GALLERY |
YOUTH |
BERITA & POLITIK
CURHAT |
RELIGI |
MISTERI |
GAYA HIDUP |
EDUKASI |
SARAN |
TEST
|
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
DVD PAKET TUTORIAL HACKING - + TOOLS & OS - Career Academy & Certified Ethical Hacker
- Pembuat thread awal. chinonk
- Tanggal Mulai
QUESTION 131:
Exhibit:
ettercap -NCLzs --quiet
What does the command in the exhibit do in "Ettercap"?
A. This command will provide you the entire list of hosts in the LAN
B. This command will check if someone is poisoning you and will report its IP.
C. This command will detach from console and log all the collected passwords from the
network to a file.
D. This command broadcasts ping to scan the LAN instead of ARP request of all the
subnet IPs.
Answer: C
Exhibit:
ettercap -NCLzs --quiet
What does the command in the exhibit do in "Ettercap"?
A. This command will provide you the entire list of hosts in the LAN
B. This command will check if someone is poisoning you and will report its IP.
C. This command will detach from console and log all the collected passwords from the
network to a file.
D. This command broadcasts ping to scan the LAN instead of ARP request of all the
subnet IPs.
Answer: C
QUESTION 132:
A remote user tries to login to a secure network using Telnet, but accidently types in an
invalid user name or password. Which responses would NOT be preferred by an
experienced Security Manager? (multiple answer)
A. Invalid Username
B. Invalid Password
C. Authentication Failure
D. Login Attempt Failed
E. Access Denied
Answer: A, B
A remote user tries to login to a secure network using Telnet, but accidently types in an
invalid user name or password. Which responses would NOT be preferred by an
experienced Security Manager? (multiple answer)
A. Invalid Username
B. Invalid Password
C. Authentication Failure
D. Login Attempt Failed
E. Access Denied
Answer: A, B
QUESTION 134:
Samantha was hired to perform an internal security test of Certkiller . She quickly
realized that all networks are making use of switches instead of traditional hubs.
This greatly limits her ability to gather information through network sniffing.
Which of the following techniques can she use to gather information from the
switched network or to disable some of the traffic isolation features of the switch?
(Choose two)
A. Ethernet Zapping
B. MAC Flooding
C. Sniffing in promiscuous mode
D. ARP Spoofing
Answer: B, D
Samantha was hired to perform an internal security test of Certkiller . She quickly
realized that all networks are making use of switches instead of traditional hubs.
This greatly limits her ability to gather information through network sniffing.
Which of the following techniques can she use to gather information from the
switched network or to disable some of the traffic isolation features of the switch?
(Choose two)
A. Ethernet Zapping
B. MAC Flooding
C. Sniffing in promiscuous mode
D. ARP Spoofing
Answer: B, D
QUESTION 137:
Certkiller, the evil hacker, is purposely sending fragmented ICMP packets to a
remote target. The total size of this ICMP packet once reconstructed is over 65,536
bytes. From the information given, what type of attack is Certkiller attempting to
perform?
A. Syn flood
B. Smurf
C. Ping of death
D. Fraggle
Answer: C
Certkiller, the evil hacker, is purposely sending fragmented ICMP packets to a
remote target. The total size of this ICMP packet once reconstructed is over 65,536
bytes. From the information given, what type of attack is Certkiller attempting to
perform?
A. Syn flood
B. Smurf
C. Ping of death
D. Fraggle
Answer: C
QUESTION 138:
Which one of the following instigates a SYN flood attack?
A. Generating excessive broadcast packets.
B. Creating a high number of half-open connections.
C. Inserting repetitive Internet Relay Chat (IRC) messages.
D. A large number of Internet Control Message Protocol (ICMP) traces.
Answer: B
Which one of the following instigates a SYN flood attack?
A. Generating excessive broadcast packets.
B. Creating a high number of half-open connections.
C. Inserting repetitive Internet Relay Chat (IRC) messages.
D. A large number of Internet Control Message Protocol (ICMP) traces.
Answer: B
QUESTION 139:
Global deployment of RFC 2827 would help mitigate what classification of attack?
A. Sniffing attack
B. Denial of service attack
C. Spoofing attack
D. Reconnaissance attack
E. Prot Scan attack
Answer: C
Global deployment of RFC 2827 would help mitigate what classification of attack?
A. Sniffing attack
B. Denial of service attack
C. Spoofing attack
D. Reconnaissance attack
E. Prot Scan attack
Answer: C
QUESTION 141:
Which one of the following network attacks takes advantages of weaknesses in the
fragment reassembly functionality of the TCP/IP protocol stack?
A. Teardrop
B. Smurf
C. Ping of Death
D. SYN flood
E. SNMP Attack
Answer: A
Which one of the following network attacks takes advantages of weaknesses in the
fragment reassembly functionality of the TCP/IP protocol stack?
A. Teardrop
B. Smurf
C. Ping of Death
D. SYN flood
E. SNMP Attack
Answer: A
QUESTION 140:
What happens when one experiences a ping of death?
A. This is when an IP datagram is received with the "protocol" field in the IP header set
to 1 (ICMP) and the "type" field in the ICMP header is set to 18 (Address Mask Reply).
B. This is when an IP datagram is received with the "protocol" field in the IP header set
to 1 (ICMP), the Last Fragment bit is set, and (IP offset ' 8) + (IP data length) >65535.
In other words, the IP offset (which represents the starting position of this fragment in the
original packet, and which is in 8-byte units) plus the rest of the packet is greater than the
maximum size for an IP packet.
C. This is when an IP datagram is received with the "protocol" field in the IP header set
to 1 (ICMP) and the source equal to destination address.
D. This is when an the IP header is set to 1 (ICMP) and the "type" field in the ICMP
header is set to 5 (Redirect).
Answer: B
What happens when one experiences a ping of death?
A. This is when an IP datagram is received with the "protocol" field in the IP header set
to 1 (ICMP) and the "type" field in the ICMP header is set to 18 (Address Mask Reply).
B. This is when an IP datagram is received with the "protocol" field in the IP header set
to 1 (ICMP), the Last Fragment bit is set, and (IP offset ' 8) + (IP data length) >65535.
In other words, the IP offset (which represents the starting position of this fragment in the
original packet, and which is in 8-byte units) plus the rest of the packet is greater than the
maximum size for an IP packet.
C. This is when an IP datagram is received with the "protocol" field in the IP header set
to 1 (ICMP) and the source equal to destination address.
D. This is when an the IP header is set to 1 (ICMP) and the "type" field in the ICMP
header is set to 5 (Redirect).
Answer: B
QUESTION 141:
Which one of the following network attacks takes advantages of weaknesses in the
fragment reassembly functionality of the TCP/IP protocol stack?
A. Teardrop
B. Smurf
C. Ping of Death
D. SYN flood
E. SNMP Attack
Answer: A
Which one of the following network attacks takes advantages of weaknesses in the
fragment reassembly functionality of the TCP/IP protocol stack?
A. Teardrop
B. Smurf
C. Ping of Death
D. SYN flood
E. SNMP Attack
Answer: A
QUESTION 145:
What is the goal of a Denial of Service Attack?
A. Capture files from a remote computer.
B. Render a network or computer incapable of providing normal service.
C. Exploit a weakness in the TCP stack.
D. Execute service at PS 1009.
Answer: B
What is the goal of a Denial of Service Attack?
A. Capture files from a remote computer.
B. Render a network or computer incapable of providing normal service.
C. Exploit a weakness in the TCP stack.
D. Execute service at PS 1009.
Answer: B
QUESTION 146:
What do you call a system where users need to remember only one username and
password, and be authenticated for multiple services?
A. Simple Sign-on
B. Unique Sign-on
C. Single Sign-on
D. Digital Certificate
Answer: C
What do you call a system where users need to remember only one username and
password, and be authenticated for multiple services?
A. Simple Sign-on
B. Unique Sign-on
C. Single Sign-on
D. Digital Certificate
Answer: C
QUESTION 147:
Clive has been monitoring his IDS and sees that there are a huge number of ICMP
Echo Reply packets that are being received on the external gateway interface.
Further inspection reveals that they are not responses from the internal hosts'
requests but simply responses coming from the Internet.
What could be the most likely cause?
A. Someone has spoofed Clive's IP address while doing a smurf attack.
B. Someone has spoofed Clive's IP address while doing a land attack.
C. Someone has spoofed Clive's IP address while doing a fraggle attack.
D. Someone has spoofed Clive's IP address while doing a DoS attack.
Answer: A
Clive has been monitoring his IDS and sees that there are a huge number of ICMP
Echo Reply packets that are being received on the external gateway interface.
Further inspection reveals that they are not responses from the internal hosts'
requests but simply responses coming from the Internet.
What could be the most likely cause?
A. Someone has spoofed Clive's IP address while doing a smurf attack.
B. Someone has spoofed Clive's IP address while doing a land attack.
C. Someone has spoofed Clive's IP address while doing a fraggle attack.
D. Someone has spoofed Clive's IP address while doing a DoS attack.
Answer: A
QUESTION 148:
What would best be defined as a security test on services against a known
vulnerability database using an automated tool?
A. A penetration test
B. A privacy review
C. A server audit
D. A vulnerability assessment
Answer: D
What would best be defined as a security test on services against a known
vulnerability database using an automated tool?
A. A penetration test
B. A privacy review
C. A server audit
D. A vulnerability assessment
Answer: D
QUESTION 149:
A Buffer Overflow attack involves:
A. Using a trojan program to direct data traffic to the target host's memory stack
B. Flooding the target network buffers with data traffic to reduce the bandwidth available
to legitimate users
C. Using a dictionary to crack password buffers by guessing user names and passwords
D. Poorly written software that allows an attacker to execute arbitrary code on a target
system
Answer: D
A Buffer Overflow attack involves:
A. Using a trojan program to direct data traffic to the target host's memory stack
B. Flooding the target network buffers with data traffic to reduce the bandwidth available
to legitimate users
C. Using a dictionary to crack password buffers by guessing user names and passwords
D. Poorly written software that allows an attacker to execute arbitrary code on a target
system
Answer: D
QUESTION 150:
How does a denial-of-service attack work?
A. A hacker tries to decipher a password by using a system, which subsequently crashes
the network
B. A hacker attempts to imitate a legitimate user by confusing a computer or even
another person
C. A hacker prevents a legitimate user (or group of users) from accessing a service
D. A hacker uses every character, word, or letter he or she can think of to defeat
authentication
Answer: C
How does a denial-of-service attack work?
A. A hacker tries to decipher a password by using a system, which subsequently crashes
the network
B. A hacker attempts to imitate a legitimate user by confusing a computer or even
another person
C. A hacker prevents a legitimate user (or group of users) from accessing a service
D. A hacker uses every character, word, or letter he or she can think of to defeat
authentication
Answer: C
QUESTION 154:
Your boss at Certkiller .com asks you what are the three stages of Reverse Social
Engineering.
A. Sabotage, advertising, Assisting
B. Sabotage, Advertising, Covering
C. Sabotage, Assisting, Billing
D. Sabotage, Advertising, Covering
Answer: A
Your boss at Certkiller .com asks you what are the three stages of Reverse Social
Engineering.
A. Sabotage, advertising, Assisting
B. Sabotage, Advertising, Covering
C. Sabotage, Assisting, Billing
D. Sabotage, Advertising, Covering
Answer: A
QUESTION 155:
Why is Social Engineering considered attractive by hackers and also adopted by
experts in the field?
A. It is done by well known hackers and in movies as well.
B. It does not require a computer in order to commit a crime.
C. It is easy and extremely effective to gain information.
D. It is not considered illegal.
Answer: C
Why is Social Engineering considered attractive by hackers and also adopted by
experts in the field?
A. It is done by well known hackers and in movies as well.
B. It does not require a computer in order to commit a crime.
C. It is easy and extremely effective to gain information.
D. It is not considered illegal.
Answer: C