What is the BEST alternative if you discover that a rootkit has been installed on one of your
computers?

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

How can you determine if an LM hash you extracted contains a password that is less than 8
characters long?

When discussing passwords, what is considered a brute force attack?

Which of the following are well know password-cracking programs?(Choose all that apply.

Password cracking programs reverse the hashing process to recover passwords.(True/False.

While examining audit logs, you discover that people are able to telnet into the SMTP server on
port 25. You would like to block this, though you do not see any evidence of an attack or other
wrong doing. However, you are concerned about affecting the normal functionality of the email
server. From the following options choose how best you can achieve this objective?

Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known
weaknesses of LM? (Choose three)

You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social
engineering, you come to know that they are enforcing strong passwords. You understand that all
users are required to use passwords that are at least 8 characters in length. All passwords must
also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special
characters.
With your existing knowledge of users, likely user account names and the possibility that they will
choose the easiest passwords possible, what would be the fastest type of password cracking
attack you can run against these hash values and still get results?

An attacker runs netcat tool to transfer a secret file between two hosts.
Machine A: netcat -l -p 1234 < secretfile
Machine B: netcat 192.168.3.4 > 1234
He is worried about information being sniffed on the network. How would the attacker use netcat to
encrypt the information before transmitting onto the wire?