Which of the following can take an arbitrary length of input and produce a message digest output of 160 bit?
Which of the following can take an arbitrary length of input and produce a message digest output
of 160 bit?
What authentication mechanism is being followed here?
Jackson discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds
by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher
that are used by WEP to encrypt subsequent network traffic. What authentication mechanism is
being followed here?
Which cryptography attack is the student attempting?
A computer science student needs to fill some information into a secured Adobe PDF job
application that was received from a prospective employer. Instead of requesting a new document
that allowed the forms to be completed, the student decides to write a script that pulls passwords
from a list of commonly used passwords to try against the secured PDF until the correct password
is found or the list is exhausted.
Which cryptography attack is the student attempting?
Which tool would you recommend from the list below?
Jacob would like your advice on using a wireless hacking tool that can save him time and get him
better results with lesser packets. You would like to recommend a tool that uses KoreK’s
implementation. Which tool would you recommend from the list below?
Which attack could the hacker use to sniff all of the packets in the network?
A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer
program in a switched environment network. Which attack could the hacker use to sniff all of the
packets in the network?
What kind of attack is this?
In order to attack a wireless network, you put up an access point and override the signal of the real
access point. As users send authentication data, you are able to capture it. What kind of attack is
this?
Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CS
Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request
Forgery (CSRF) vulnerable web application?
What is this attack most appropriately called?
Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of
times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP
request packet. The wireless host responds with a stream of responses, all individually encrypted
with different IVs. What is this attack most appropriately called?
Which of the following attacks should be used to obtain the key?
During a wireless penetration test, a tester detects an access point using WPA2 encryption. Which
of the following attacks should be used to obtain the key?
How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?
Derek has stumbled upon a wireless network and wants to assess its security. However, he does
not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to
crack the WEP key and does not know the IP address range or the AP. How can he generate
traffic on the network so that he can capture enough packets to crack the WEP key?