Review 8

Question 1

What term describes the method of embedding data into legitimate files like graphics, banner ads, or plain text messages to hide it and then extracting the data once it reaches its destination?

Question options:

Obfuscation

Steganography

Cryptography

Alternate data streams

Answer 1

Steganography

Question 2

Which rootkit detection method works by running a tool to scan a clean system to create a database, and then compares the current scan to the clean database?

Question options:

Signature-based detection

Integrity-based detection

Heuristic or behavior-based detection

Cross view-based detection

Answer 2

Integrity-based detection

Question 3

Which of the following tools clears the temporary files, history, and cookies from each of the six major search engines?

Question options:

Tracker

Clear My History

Ccleaner

Dump Event Log

Answer 3

Ccleaner

Question 4

According to the text, what is one of the easiest ways that a hacker gains access to a system?

Question options:

Passwords

Poor physical security

Social engineering

Unsecured networks

Answer 4

Passwords

Question 5

Which technical password attack can be done through either hardware devices or software programs on an individual computer or on a whole network?

Question options:

Brute Force

Sniffing

Pass the hash

Keylogger

Answer 5

Keylogger

Question 6

Which protocol allows authentication over a non-secure network by using tickets or service principal names (SPNs)?

Question options:

Kerberos

LDAP

cPassword

LSASS

Answer 6

Kerberos

Question 7

Which of the following allows you to hide a Linux, UNIX, or OS X file?

Question options:

Incorporating the file in the Alternate Data Streams (ADS)

Choosing the hidden option in the file attributes menu

Placing a period at the beginning of the file name

Placing a period at the end of the file name

Answer 7

Placing a period at the beginning of the file name

Question 8

Which of the following is a database that stores user passwords in Windows as an LM hash or an NTLM hash?

Question options:

LSASS

Kerberos

LDAP

SAM

Answer 8

SAM

Question 9

Which of the following tools allows you to modify the timestamp of a file?

Question options:

timestamp

alter

modtime

touch

Answer 9

touch

Question 10

According to the instructor’s presentation, ideally how often should you change your password?

Question options:

30 days

90 days

45 days

60 days

Answer 10

30 days

Question 11

Which type of technique to maintain access to a system often utilizes rootkits, Trojan horses, and Remote Access Trojans (RATs)?

Question options:

Writeable Services

Crackers

Spyware

Backdoors

Answer 11

Backdoors

Question 12

_____________ occurs when an attacker accesses the network as a non-administrator level user and gains access to administrative-level privileges.

Question options:

LDAP escalation

Privilege escalation

Admin escalation

Privilege hijacking

Answer 12

Privilege escalation

Question 13

What term describes a strategy used to make cracking passwords more difficult by adding random bits of data to a password before it is stored as a hash?

Question options:

Password Hashing

Bit Manipulation

Password Salting

Password Encryption

Answer 13

Password Salting

Question 14

Which of the following privilege escalation tools allows users access to the command prompt to perform basic system maintenance tasks during the boot process?

Question options:

Trinity Rescue Kit

Ultimate Boot CD

ERD Commander

OPH Crack

Answer 14

ERD Commander

Question 15

Which technical password attack often runs in the background, making it undetectable to the victim?

Question options:

Brute Force

Sniffing

Pass the hash

Rainbow

Answer 15

Sniffing