8.2.9 Practice Questions

Question 1

Roger, a security analyst, wants to tighten up privileges to make sure each user has only the privileges they need to do their work. Which of the following additional countermeasure could he take to help protect privelige?

answer

Instigate multi-factor authentication and authorization.

Allow unrestricted interactive logon privileges.

Create plain text storage for passwords.

Restrict the interactive logon privileges.

Answer 1

Instigate multi-factor authentication and authorization.

Question 2

Listen to exam instructions
Which of the following is used to remove files and clear the internet browsing history?

answer

cPassword

CCleaner

User Account Control

Steganography

Answer 2

CCleaner

Question 3

Listen to exam instructions
Which of the following extracts service account credentials from Active Directory using a brute force for offline cracking over a non-secure network by using tickets or service principal names (SPNs)?

answer

Credentials in LSASS

Kerberoasting

DLL hijacking

Unattended installation

Answer 3

Kerberoasting

Question 4

Which of the following best describes the Security Account Manager (SAM)?

answer

A protocol that allows authentication over an unsecure network through tickets or service principal names.

A database that stores user passwords in Windows as an LM hash or a NTLM hash.

A file in the directory that performs the system’s security protocol.

The attribute that stores passwords in a Group Policy preference item in Windows.

Answer 4

A database that stores user passwords in Windows as an LM hash or a NTLM hash.

Question 5

An attacker installed a malicious file in the application directory. When the victim starts installing the application, Windows searches in the application directory and selects the malicious file instead of the correct file. The malicious file gives the attacker remote access to the system. Which of the following escalation methods best describes this scenario?

answer

Kerberoasting

Unattended installation

Clear text credentials in LDAP

DLL hijacking

Answer 5

DLL hijacking

Question 6

Listen to exam instructions
Which of the following is the name of the attribute that stores passwords in a Group Policy preference item in Windows?

answer

SAM

LSASS

cPasswords

SPNs

Answer 6

cPasswords

Question 7

Listen to exam instructions
Which of the following privilege escalation risks happens when a program is being installed without the constant supervision of the IT employee and fails to clean up after?

answer

Kerberoasting

DLL hijacking

Gaining credentials in LSASS

Unattended installation

Answer 7

Unattended installation

Question 8

A hacker has gained physical access to a system and has changed an administrator’s account password. Which of the following tools did the hacker most likely use to accomplish this?

answer

Ultimate Boot CD

CCleaner

Timestomp

StegoStick

Answer 8

Ultimate Boot CD

Question 9

Which of the following is a tool for cracking Windows login passwords using rainbow tables?

answer

Trinity Rescue Kit

GreyFish

Ophcrack

ERD Commander

Answer 9

Ophcrack