Test#1Ethical hacking

Midterm Fall 2023 O 0:53:15 remaining Previous Page - Question 3 (1 point) Saved < Listen | » | Page 3 of 24 Attackers use image files to hide some information for malicious purposes. What type of technique did the attacker perform? (") Spyware @) Steganography C b ) Backdoor N () Cryptography Previous Page = Submit Quiz 3 of 24 questions saved Page 3 of 24

The correct option is: "The password file does not contain the passwords themselves." In Linux systems, the " /etc/passwd" file contains basic user account information, such as usernames, user IDs (UIDs), group IDs (GIDs), home directories, and shell information. However, it does not contain the actual passwords in plaintext. User passwords are typically stored in a separate file, such as " /etc/shadow’, and are stored as hashed values, not in plaintext. So, the hacker cannot read the actual passwords from the " /etc/passwd " file because they are not stored there in plaintext. Instead, the hashed password values are stored in the " /etc/shadow" file, which is typically protected and accessible only to the root user or users with specific permissions. Access to the /etc/passwd" file, while potentially revealing user account information, does not provide access to the plaintext passwords. Send a message °@ Free Research Preview. ChatGPT may produce inaccurate information about people, places, or facts. ChatGPT September 25 Version Midterm Fall 2023 X . o 0:46:43 remaining Page 5 of 24 Previous Page Question 5 (1 point) Saved A hacker has managed to gain access to a Linux host and stolen the password file from/etc/passwd. How can he use it? (@) The password file does not contain the passwords O themselves [’/\ The file reveals the passwords to the root user only ”) He cannot read it because it is encrypted He can open it and read the user ids and corresponding passwords Page 5 of 24 Previous Page © R Fofma it

Midterm Fall 2023 X \) 0:41:25 remaining Previous Page Question 8 (1 point) Saved o) Listen >] Which of the following command line switch would you use for OS detection in Nmap? Previous Page

Default (GPT-3.5) ul Clear text authentication Web portal data leak An open port 25 on a server typically indicates the presence of an SMTP (Simple Mail Transfer Protocol) service, which is used for sending and receiving email. The risk posed by an open port 25 is often associated with the potential for email-related vulnerabilities, and the primary risk in this context is "Active mail relay." * Active Mail Relay: An open port 25 could potentially be exploited by attackers to abuse the server as an open mail relay. An open relay allows unauthorized users to send email through the server, which can lead to email spam, phishi attacks, and the unauthorized use of email resources. Send a message © @ o Free Research Preview. ChatGPT may produce inaccurate information about people, places, or ? Midterm Fall 2023 ) 0:32:26 remaining Previous Page Question 11 (1 point) Saved Page An NMAP scan of a server shows port 25 is open. What r could this pose? ) Open printer sharing Active mail relay Clear text authentication (") Web portal data leak Previous Page Submit Quiz 11 of 24 questions saved Page

Midterm Fall 2023 X ) 0:26:53 remaining Previous Page - Page 14 of 24 Question 14 (1 point) Saved < Listen | » | An attacker commissioned by the governments to attack enemies' information systems, license to hack? (") Script Kiddies () Hactivists (@) Nation state actor () Insiders () Brokers Previous Page = Page 14 of 24 Submit Quiz 14 of 24 questions saved

Midterm Fall 2023 X \ 0:19:26 remaining Previous Page Page 17 of 24 Question 17 (1 point) Saved = | o) Listen | p ] What port number is used by LDAP protocol? () 445 0110 () as4 0139 0225 (e ;) 389 Previous Page = Page 17 of 24 Submit Quiz 17 of 24 auestinns saved.

= | If executives are found liable for not properly protecting their company’s assets and information systems, the type of law that would typically apply in this situation is "Civil Law." In the context of cybersecurity and liability for failing to protect assets and information systems, civil law often comes into play. This is because civil law deals with disputes and legal issues between individuals, organizations, or entities. When executives are held liable for breaches of cybersecurity, it's typically through civil actions, such as lawsuits brought by affected parties or regulatory bodies. Criminal law may also be applicable in cases of severe cybercrimes, but civil law is more commonly associated with addressing liability for failing to protect assets and information systems. v end a message (+XC) Free Research Preview. ChatGPT may produce inaccurate information about people, places, or ? The Nmap scan that indicates it does not completely open a TCP 3-way connection is the "Zombie Scan.” The Zombie Scan is a unique Nmap scanning technique that uses an idle host (the "zombie") to send packets to a target host. The zombie host doesn't complete the TCP 3-way handshake; instead, it sends SYN packets to the target and listens for the response. The zombie scan leverages the target's response to determine open, closed, or filtered ports, all without directly establishing a full connection. The other scan types mentioned (Ack Scan, Stealth Scan, Xmas Scan, and TCP Scan) involve various TCP flags and scanning methods, but they often involve establishing at least part of a TCP connection, unlike the Zombie Scan. s m mmmmnma LYY Previous Page Page 20 of 24 Question 20 (1 point) Saved If executives are found liable for not properly protecting their company's assets and information systems, what type of law would apply in this situation? () Jurisdiction g\ () Civil () Criminal N\ 0 O International N\ (_) Common Previous Page Page 20 of 24 © Fred can accomplish this by sending an IP packet with the "SYN" bit and the source address of his computer. In this context, Fred is trying to initiate a TCP connection with the switch by sending a packet with the "SYN" (synchronize) flag set. This is part of the TCP three-way handshake, and it's used to establish a new connection. By spoofing the source address of his computer, the switch might believe that the connection has been initiated by his computer, even though it hasn't. The other options mentioned involve different flags or combinations that don't typically trick a switch into thinking an established session exists. Fred is the network administrator for his company. Fred is testing an internal switch.From an external IP address, Fred wants to try and trick this switch into thinking it already hasestablished a session with his computer. How can Fred accomplish this? (™ Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address ofhis computer (’) Fred can send an IP packet with the ACK bit set to zero and " the source address of the switch (@) He can send an IP packet with the SYN bit and the source ~ address of his computer O Fred can send an IP packet to the switch with the ACK bit and the source address of his machine Previous Page Page 21 of 2 v rananng Previous Page m Page 22 of 24 Question 22 (1 point) Saved Which Nmap scan indicates that it does not completely open a TCP 3 way connection? (@) Zombie Scan (") Ack Scan () Stealth Scan (*) Xmas Scan () TCPSCan Previous Page m Page 22 of 24

The Nmap command “nmap -sX -T4 -F' is performing an Xmas Scan, which is used to probe a target system to determine the state of its ports. In an Xmas Scan, when the port is closed, it will often respond to the scan witha RST (reset) packet. When the port is open, it may not respond to the scan at all. In some cases, it may respond with a RST packet. When the port is filtered, it will not respond to the scan at all. So, the correct answer is: Port is closed or Filtered. °@ nd a message Free Research Preview. ChatGPT may produce inaccurate information about people, places, or An example of two-factor authentication is Fingerprint and Smartcard ID. Two-factor authentication (2FA) is a security process in which a user provid two different authentication factors to verify their identity. These factors can fall into three categories: something you know (like a password or PIN), something you have (like a smartcard or hardware token), and something you are (biometric data like a fingerprint). In this example, the two factors used are something you have (the smartcard) and something you are (the fingerprint). This combination enhances security by requiring two distinct forms of authentication. The other options listed do not represent two-factor authentication: * Digital Certificate and Hardware Token involve two factors but not something you are, so it's not an example of biometric-based 2FA. * PIN Number and Birth Date is a combination of something you know, but it lacks the something you have or something you are factor, so it's not 2FA. * Username and Password is a single-factor authentication, as it involves only °0 something you know. 1d a message Free Research Preview. ChatGPT may produce inaccurate information about people, places, or Previous Page Question 23 (1.5 points) Page 23 ¢ Saved pen-tester# nmap -sX -T4 -F (®) Port is closed or Filtered (D Port is open or Filtered () Port s Filtered () Port is closed Q Port is Open Previous Page Page 23 ¢ Submit Quiz 23 of 24 questions saved 0:00:31 remaining rrevious rage INext rage Fdge 24 O 244 Question 24 (1 point) Saved Which of the following is an example of two factor authentication? Fingerprint and Smartcard ID Digital Certificate and Hardware Token (") PIN Number and Birth Date () Username and Password Previous Page Next Page Page 24 of 24 m 24 of 24 questions saved