ARP poisoning is achieved in _____ steps

What is the command used to create a binary log file using tcpdump?

Which of the following is not considered to be a part of active sniffing?

What port number is used by Kerberos protocol?

When Jason moves a file via NFS over the company’s network, you want to grab a copy of it by sniffing. Which of the following tool accomplishes this?

John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame?

Which of the following display filters will you enable in Ethereal to view the three-way handshake for a connection from host 192.168.0.1?

Which tool/utility can help you extract the application layer data from each TCP connection from a log file into separate files?

Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options?

The follows is an email header. What address is that of the true originator of the message?

Return-Path: <bgates@microsoft.com>

Received: from smtp.com (fw.emumail.com [215.52.220.122].

by raq-221-181.ev1.net (8.10.2/8.10.2. with ESMTP id h78NIn404807

for <mikeg@thesolutionfirm.com>; Sat, 9 Aug 2003 18:18:50 -0500

Received: (qmail 12685 invoked from network.; 8 Aug 2003 23:25:25 -0000

Received: from ([19.25.19.10].

by smtp.com with SMTP

Received: from unknown (HELO CHRISLAPTOP. (168.150.84.123.

by localhost with SMTP; 8 Aug 2003 23:25:01 -0000

From: "Bill Gates" <bgates@microsoft.com>

To: "mikeg" <mikeg@thesolutionfirm.com>

Subject: We need your help!

Date: Fri, 8 Aug 2003 19:12:28 -0400

Message-ID: <51.32.123.21@CHRISLAPTOP>

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="—-=_NextPart_000_0052_01C35DE1.03202950"

X-Priority: 3 (Normal.

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook, Build 10.0.2627

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165

Importance: Normal