Chat with AIExam 5: Networks and Services
Exam 1: Ethical Hacking and Testing52 Questions
Exam 2: Information Gathering65 Questions
Exam 3: Malicious Code58 Questions
Exam 4: Operating Systems and Applications63 Questions
Exam 5: Networks and Services64 Questions
Select questions type
You notice the following in your log files. What attack is being attempted?
GET /scripts/root.exe?/c+dir
GET /MSADC/root.exe?/c+dir
GET /c/winnt/system32/cmd.exe?/c+dir
GET /d/winnt/system32/cmd.exe?/c+dir
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir
GET/msadc/..%5c../..%5c../..%5c/..\xc1\x1c../..\xc1\x1c../..\xc1\x1c../winnt/system32/cmd.exe?/c+dir GET /scripts/..\xc1\x1c../winnt/system32/cmd.exe?/c+dir GET /scripts/..\xc0/../winnt/system32/cmd.exe?/c+dir
GET /scripts/..\xc0\xaf../winnt/system32/cmd.exe?/c+dir
GET /scripts/..\xc1\x9c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir
Free
(Multiple Choice)
4.7/5 
(36)
(36) Correct Answer:
Verified
VerifiedD
ARP spoofing can be used to perform "Man in the Middle" attacks and should be monitored against. Which of the following techniques can be used to defend against this?
Free
(Multiple Choice)
4.8/5 (50)
(50) Correct Answer:Verified
VerifiedA, C, D
You have a website that is not meant for everyone, only a particular audience. You do not want certain directories to be crawled by a spider. How can you limit (in theory at least) what search engines will index?
Free
(Multiple Choice)
4.8/5 (38)
(38) Correct Answer:Verified
VerifiedB
Which of the following tools are web vulnerability scanners/testers? (choose four)
(Multiple Choice)
4.9/5 (40)
(40) Janet is reading about the "Pass-the-Hash" technique to access a Windows host. She thinks she can use Wireshark to sniff an SMB session between two hosts if she can capture the password hash and user name, and simply send them as credentials anytime she wants in a "Replay Attack".
What are other true statements about this attack? (Choose three)
(Multiple Choice)
4.9/5 (44)
(44) How many possible values can be generated in the sequence number field of a TCP header?
(Multiple Choice)
4.8/5 (38)
(38) Jacob finds the following packet dump in his log file
05/20-17.06.45.061034 192.160.13.4.3465 -> 172.16.1.101:80 TCP TTL.44 TOS.0x10 ID.242
***A**** Seq. 0XA1D954BD Ack. 0x0 Win. 0x400
05/20-17.06.58.685879 192.160.13.4.3466 -> 172.16.1.102:80 TCP TTL.44 TOS.0x10 ID.242
***A**** Seg. 0XB7C5627D Ack. 0x0 Win. 0x400
What is likely happening?
(Multiple Choice)
4.9/5 (32)
(32) Keith is setting up a Wifi network and wants to use highly directional antennas that do not require precision. Which of the following would be best?
(Multiple Choice)
4.8/5 (34)
(34) Baxter has been told he must install a new IDS. State requlations require it to have a "Time Based Induction Machine" in the detection engine. What type of IDS is Baxter going to use?
(Multiple Choice)
4.8/5 (40)
(40) When testing a website you enter the following into a field on the login form:
<script>alert("oops")</script>
When you submit the form an alert box pops up as the next page loads. This is a demonstration of what type of attack?
(Multiple Choice)
4.8/5 (29)
(29) When evaluating possible NIDS, you are concerned that an attacker might detect the present of
Your monitoring agent. Which if the following techniques can be used to hide the NIDS? (Choose two)
(Multiple Choice)
4.8/5 (35)
(35) When logging into an IRC server, what two commands must be passed by the IRC client?
(Multiple Choice)
4.8/5 (34)
(34) During an attack you setup an access point with a stronger signal than those around you. You also set the SSIDs to be the same as the one you are targeting. You capture authentication frames. Which of the following is the best name for this attack?
(Multiple Choice)
4.7/5 (45)
(45) What does the following IPTables commands accomplish?
Iptables -A FORWARD -j ACCEPT -p UDP --dport 53
Iptables -A FORWARD -j ACCEPT -p TCP --dport 80
(Multiple Choice)
4.9/5 (40)
(40) NIDS operate at layer 2. Raw traffic is observed by the hardware and the packets are provided to analysys software. It can be possible to confuse the detection engine of the NIDS by modifying the packets in stream. Which of the following tools accomplishes this?
(Multiple Choice)
4.7/5 (34)
(34) LaDanian is sniffing some traffic and notices a frame that is sent with the source MAC address of:
02:1D:45:68:AF:D4.
This is what he thinks is weird. Why?
(Multiple Choice)
4.8/5 (35)
(35) You have successfully completed a buffer overflow attack against a IIS server. You have a shell. Now what you wonder. First, what permissions do you have at this point?
(Multiple Choice)
4.8/5 (38)
(38) Zachery sees a video on YouTube that describes a wireless hacking technique. He must capture a packet then inject it over and over again into the network stream. The target MAC of this frame will insure it goes to the correct WAP. The idea is to speed up the process of acquiring new initialization vectors for the purposes of cracking a WEP key.
What is this portion of the attack called?
(Multiple Choice)
4.8/5 (38)
(38) Marco is noticing several xmas scans on his network. What can he use to prevent this?
(Multiple Choice)
4.9/5 (29)
(29) During a traceroute, you notice that the last two hops reveal the same IP address. What is a possible explanation?
(Multiple Choice)
4.9/5 (40)
(40) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)