What would be the name of this tool?
John is using a special tool on his Linux platform that has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI/ASPX scripts. Moreover, the database detects DDoS zombies and Trojans as well. What would be the name of this tool?
Which of the following Trojans would be considered ‘Botnet Command Control Center’?
Which of the following Trojans would be considered ‘Botnet Command Control Center’?
Why did the 14 character passwords not take much longer to crack than the 8 character passwords?
Harold works for Jacobson Unlimited in the IT department as the security manager. Harold has created a security policy requiring all employees to use complex 14 character passwords. Unfortunately, the members of management do not want to have to use such long complicated passwords so they tell Harold’s boss this new password policy should not apply to them. To comply with the management’s wishes, the IT department creates another Windows domain and moves all the management users to that domain. This new domain has a password policy only requiring 8 characters.
Harold is concerned about having to accommodate the managers, but cannot do anything about it. Harold is also concerned about using LanManager security on his network instead of NTLM or NTLMv2, but the many legacy applications on the network prevent using the more secure NTLM and NTLMv2. Harold pulls the SAM files from the DC’s on the original domain and the new domain using Pwdump6.
Harold uses the password cracking software John the Ripper to crack users’ passwords to make sure they are strong enough. Harold expects that the users’ passwords in the original domain will take much longer to crack than the management’s passwords in the new domain. After running the software, Harold discovers that the 14 character passwords only took a short time longer to crack than the 8 character passwords.
Why did the 14 character passwords not take much longer to crack than the 8 character passwords?
What Google search will accomplish this?
Leesa is the senior security analyst for a publicly traded company. The IT department recently rolled out an intranet for company use only with information ranging from training, to holiday schedules, to human resources data. Leesa wants to make sure the site is not accessible from outside and she also wants to ensure the site is Sarbanes-Oxley (SOX) compliant. Leesa goes to a public library as she wants to do some Google searching to verify whether the company’s intranet is accessible from outside and has been indexed by Google. Leesa wants to search for a website title of "intranet" with part of the URL containing the word "intranet" and the words "human resources" somewhere in the webpage.
What Google search will accomplish this?
What techniques would you use to evade IDS during a Port Scan?
What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)
which of the following bit set?
TCP packets transmitted in either direction after the initial three-way handshake will have which of the following bit set?
How can this help you in foot printing the organization?
You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?
What is it called?
This method is used to determine the Operating system and version running on a remote target system. What is it called?
What is Lee seeing here?
Lee is using Wireshark to log traffic on his network. He notices a number of packets being directed to an internal IP from an outside IP where the packets are ICMP and their size is around 65,536 bytes. What is Lee seeing here?
Which of the following is NOT part of CEH Scanning Methodology?
Which of the following is NOT part of CEH Scanning Methodology?