Attackers send an ACK probe packet with random sequence number, no response means port is
filtered (Stateful firewall is present) and RST response means the port is not filtered. What type of
Port Scanning is this?

What is the command used to create a binary log file using tcpdump?

Which port, when configured on a switch receives a copy of every packet that passes through it?

What is the IV key size used in WPA2?

What type of session hijacking attack is shown in the exhibit?

What is the default Password Hash Algorithm used by NTLMv2?

Gerald, the Systems Administrator for Hyped Enterprises, has just discovered that his network has
been breached by an outside attacker. After performing routine maintenance on his servers, he
discovers numerous remote tools were installed that no one claims to have knowledge of in his
department. Gerald logs onto the management console for his IDS and discovers an unknown IP
address that scanned his network constantly for a week and was able to access his network
through a high-level port that was not closed. Gerald traces the IP address he found in the IDS log
to a proxy server in Brazil. Gerald calls the company that owns the proxy server and after

searching through their logs, they trace the source to another proxy server in Switzerland. Gerald
calls the company in Switzerland that owns the proxy server and after scanning through the logs
again, they trace the source back to a proxy server in China. What proxy tool has Gerald’s
attacker used to cover their tracks?

Frederickson Security Consultants is currently conducting a security audit on the networks of
Hawthorn Enterprises, a contractor for the Department of Defense. Since Hawthorn Enterprises
conducts business daily with the federal government, they must abide by very stringent security
policies. Frederickson is testing all of Hawthorn’s physical and logical security measures including
biometrics, passwords, and permissions. The federal government requires that all users must
utilize random, non-dictionary passwords that must take at least 30 days to crack. Frederickson
has confirmed that all Hawthorn employees use a random password generator for their network
passwords. The Frederickson consultants have saved off numerous SAM files from Hawthorn’s
servers using Pwdump6 and are going to try and crack the network passwords. What method of
attack is best suited to crack these passwords in the shortest amount of time?

You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don’t
get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any
information. What should you do next?

An Attacker creates a zuckerjournals.com website by copying and mirroring
HACKERJOURNALS.COM site to spread the news that Hollywood actor Jason Jenkins died in a
car accident. The attacker then submits his fake site for indexing in major search engines. When
users search for “Jason Jenkins”, attacker’s fake site shows up and dupes victims by the fake news.

This is another great example that some people do not know what URL’s are. Real website:
Fake websitE. http://www.zuckerjournals.com

The website is clearly not WWW.HACKERJOURNALS.COM. It is obvious for many, but
unfortunately some people still do not know what an URL is. It’s the address that you enter into the
address bar at the top your browser and this is clearly not legit site, its www.zuckerjournals.com
How would you verify if a website is authentic or not?