Multiple Choice
During a pentest, you retrieve a USB key from a box of discarded hardware that was just sitting by a number of other items. You check the key for files and it turns out to have a number of .pdf documents that could have sensitive information. If this information were to get leaked it would be a great risk to your client. In your report you point this out but the customer doesn't see the problem as all of the documents were password protected.
Why isn't this enough to prevent the information leakage?
A) Without knowing the original user of the file the information could be inaccurate or not relevant, however, if something thinks it is they would still try to use it during a social engineering attack.
B) Many tools that are easy to obtain can brute force the passwords. It is also common for documents of this nature to use easy to remember dictionary words that are also often the same for many files.
C) Since the password must always be stored in the file itself, it is fairly easy to use a common hex editor to analyze the file and extract the credentials
D) The passwords are usually stored using a very strong encryption, but notepad will usually open the files in clear text anyway
Correct Answer:
Verified
Correct Answer:
Verified
Q9: Neil is conducting security research on a
Q10: Sean is having a conversation with a
Q11: Which of the following represents the greatest
Q12: When he is finished footprinting the network
Q13: "Port scanning" is considered what form of
Q15: Hayley decides to circumvent the copy protection
Q16: Which of the following are ways to
Q17: When attackers have gained and then maintained
Q18: The sales manager for your company nicknamed
Q19: Another way to describe risk is:<br>A) A