PrepAway - Latest Free Exam Questions & Answers

Author: seenagape

What proxy tool has Gerald’s attacker used to cover their tracks?

Leave a comment

Gerald, the Systems Administrator for Hyped Enterprises, has just discovered that his network has
been breached by an outside attacker. After performing routine maintenance on his servers, he
discovers numerous remote tools were installed that no one claims to have knowledge of in his
department. Gerald logs onto the management console for his IDS and discovers an unknown IP
address that scanned his network constantly for a week and was able to access his network
through a high-level port that was not closed. Gerald traces the IP address he found in the IDS log
to a proxy server in Brazil. Gerald calls the company that owns the proxy server and after

searching through their logs, they trace the source to another proxy server in Switzerland. Gerald
calls the company in Switzerland that owns the proxy server and after scanning through the logs
again, they trace the source back to a proxy server in China. What proxy tool has Gerald’s
attacker used to cover their tracks?

What method of attack is best suited to crack these passwords in the shortest amount of time?

Leave a comment

Frederickson Security Consultants is currently conducting a security audit on the networks of
Hawthorn Enterprises, a contractor for the Department of Defense. Since Hawthorn Enterprises
conducts business daily with the federal government, they must abide by very stringent security
policies. Frederickson is testing all of Hawthorn’s physical and logical security measures including
biometrics, passwords, and permissions. The federal government requires that all users must
utilize random, non-dictionary passwords that must take at least 30 days to crack. Frederickson
has confirmed that all Hawthorn employees use a random password generator for their network
passwords. The Frederickson consultants have saved off numerous SAM files from Hawthorn’s
servers using Pwdump6 and are going to try and crack the network passwords. What method of
attack is best suited to crack these passwords in the shortest amount of time?

How would you verify if a website is authentic or not?

Leave a comment

An Attacker creates a zuckerjournals.com website by copying and mirroring
HACKERJOURNALS.COM site to spread the news that Hollywood actor Jason Jenkins died in a
car accident. The attacker then submits his fake site for indexing in major search engines. When
users search for “Jason Jenkins”, attacker’s fake site shows up and dupes victims by the fake news.

This is another great example that some people do not know what URL’s are. Real website:
Fake websitE. http://www.zuckerjournals.com

The website is clearly not WWW.HACKERJOURNALS.COM. It is obvious for many, but
unfortunately some people still do not know what an URL is. It’s the address that you enter into the
address bar at the top your browser and this is clearly not legit site, its www.zuckerjournals.com
How would you verify if a website is authentic or not?

what is the decimal value for XMAS scan?

Leave a comment

In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR. These
flags have decimal numbers assigned to them:
FIN = 1
SYN = 2
RST = 4
PSH = 8
ACK = 16
URG = 32
ECE = 64
CWR =128
ExamplE. To calculate SYN/ACK flag decimal value, add 2 (which is the decimal value of the SYN
flag) to 16 (which is the decimal value of the ACK flag), so the result would be 18.

Based on the above calculation, what is the decimal value for XMAS scan?


Page 284 of 555« First...102030...282283284285286...290300310...Last »