Question 11 ) A pen tester is using rainbow tables to find the clear text passwo

Question

Question 11 ) A pen tester is using rainbow tables to find the clear text password that matches an NT hash dumped from a Windows system. Given the partial rainbow table information below, what does it mean if one of the NT hashes matches the following lookup chain?

Chain XI

Password Hash

r@nd0M 7ddf32e17a6ac5ce04a8ecbf782ca509

account's password will be found by reversing the chain's end hash value.

The account's password will be found by running reduction functions on the matching chain. The chain match indicates the account's NT hash must be 7ddf32e17a6ac5ce04a8ecbf782ca509.

The reduction function indicates the account's password must be r@nd0M.

( Question 12 ) You are examining the results of a web browsing session. What can you derive from the following?

GET /sample_directory/sample_file.html HTTP/1.1 Authorization: Basic em9tYmllOmJyYWlucw==

The username is "Basic" and the password hash is "em9tYmllOmJyYWlucw=="

There is no username or password being sent

The username and password are encoded using an MD5 hash

The username and password are encoded using base64 encoding

( Question 13 ) Examine the screen shot below.

server did not accept screen shot- will post later

What is the effect of deploying the GPO "Event Log Size"?

The Authenticated Users group must approve the GPO template prior to it being enabled.

The policy will be enabled but can be blocked by the OU administrator.

The workstations are not required to participate in the deployed group policy unless it is enforced.

The policy must be authenticated by the domain administrator prior to being enabled on the local workstation.

( Question 14 ) Hash functions are used primarily to ensure which of the following?

Message integrity

Secret key exchange

Confidentiality

Adequate key length

(Question 15 ) You discover that your border router is receiving packets with a source address subnet of 172.20.18.0/24.

What action should be taken?

The packets should pass through untouched.

The packets should be dropped at the router.

The packets should be logged.

The packets should be routed to the internal network.

( Question 16 ) Your company has deployed whole-disk encryption as a way to protect confidential information. In which of the following scenarios is the data specifically protected by this action?

When it is written to a page file

When it is copied to a flash drive

When it is in transit on the network

When it is in working memory

( Question 17 ) Which of the following is used when a recipient verifies the digital signature of a PGP message?

Sender's Private Key

SHA-1024

MD5

Sender's public key

( Question 18 ) What are two architectural approaches to Defense-in-Depth?

Top down and waterfall

Information centric and protected enclaves

Threat vector analysis and business impact analysis

De-centralized and clustered

( Question 19 ) You have been asked to scan your company's computers for operating system vulnerabilities. Which of the following tools would you use?

Nessus

Netcat

HPing3

Legion

( Question 20 ) How do you differentiate between the network and the host components of an IP address?

Using the IP Protocol field

Using the IP ID field

Using the gateway address

Using the netmask

Explanation / Answer

Ans:

Q.19)

option A

Nessus

Explanation:

Nessus is a vulnerability scanner for operating systems. It works on various operating systems like Windows, linux etc. It is developed by Tenable network security. It can check various kinds of vulnerabilities like which allow hacker to gain control to our system and can attack by sending malware into our network using loophole found in the operating system. Nessus does an interesting thing that it attacks on the passwords of our system using various known methods like dictionary attack etc and if it can be able to detect the password it will prompt user to change the password since it found the vulnerability.  

Q.20) option D

netmask

Explanation:

To extract network id and host id form the given ip address we can use netmask(subnet mask) .

step 1: Find IP address and subnet mask of the network device

step 2: Perform Logical AND operation between ip address and subnet mask, the resultant is Network address

step 3:perform Logical AND between ip address and 255.255.255.255, the resultant is broadcast address

step 4:The difference between network address and broadcast address comes under host addresses

Example: Given ip address 167.21.120.127

(AND) subnet mask 255.255.255.248

----------------------------------

167.21.120.120 <-------- Network id

------------------------------------

167.21.120.127

(AND) 255.255.255.248

------------------------

167.21.120.127 <---------- Broadcast address

Therefore the host address rang from 167.21.120.121 to 167.21.120.126

Please like my answer if u are satisfied with it. Thanks!

Related Questions

Navigate

• Browse (All)
• Browse Q
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.