To create a botnet, the attacker can use several technique to scan vulnerable machines. The attacker first collects information about a large number of vulnerable machines to create a list. Subsequently, they infect the machines. The list is divided by assigning half of the list to the newly compromised machines. The scanning process runs simultaneously. This technique ensure the spreading and installation of malicious code in little time. Which technique is discussed here ? Option
Robin, a professional hacker, targeted an organization’s network to sniff all the traffic. During this process, Robin plugged in a rough switch to an unused port in the LAN with a priority lower than any other switch in the network so that he could make it a root bridge that will later allow him to sniff all the traffic in the network. What is the attack performed by Robin in above scenario? Option 1 :
Ethical hacker Jane Doe is attempting to crack the password of the head of the IT department of ABC company. She is utilizing a rainbow table and notices upon entering a password that extra characters are added to the password after submitting. What countermeasure is the company using to protect against rainbow tables? Option 1: Password key hashing Option 2: Account lockout Option 3: Password salting Option 4 : Password hashing 1. Password key hashing
Annie, a cloud security engineer, uses the Docker architecture to employ a client/server model in the application she is working on. She utilizes a component that can process API requests and handle various Docker objects, such as containers, volumes, images, and networks. What is the component of the Docker architecture used by Annie in the above scenario? Option 1 : Docker daemon Option 2 : Docker client Option 3 : Docker objects Option 4 :
Steve, an attacker, created a fake profile on a social media website and sent a request to Stella. Stella was enthralled by Steve ‘s profile picture and the description given for his profile, and she conversation with him soon after accepting the request. After a few days, Steve started asking about her company details and eventually gathered all the essential information regarding her company. What is the social engineering technique Steve employed in the above
Samuel, a professional hacker, monitored and intercepted already established traffic between Bob and host machine to predict Bob ‘s ISN. Using this ISN, Samuel sent spoofed packets with Bob ‘s IP address to the host machine. The host machine responded with a packet having an incremented ISN. Consequently, Bob ‘s connection got hung, and Samuel was able to communicate with the host machine on behalf of Bob. What is the type of attack performed by
Taylor, a security professional, uses a tool to monitor her company’s website, analyze the website’s traffic, and track the geographical location of the users visiting the company’s website. Which of the following tools did Taylor employ in the above scenario? Option 1 : WAFW00F Option 2 : Webroot Option 3 : Web-Stat Option 4 : Website-Watcher 1. WAFW00F WAFW00F identifies and fingerprints web Application Firewall (WAF) products. how will it work? To do its magic,
John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services? Option 1 : Zabasearch Option 2 : EarthExplorer Option 3 : Jxplorer Option 4 : ike-scan
A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin? Option 1
You are a penetration tester and are about to perform a scan on a specific server. The agreement that you signed with the client contains the following specific condition for the scan: “The attacker must scan every port on the server several times using a set of spoofed sources IP addresses. ” Suppose that you are using Nmap to perform this scan. What flag will you use to satisfy this requirement? Option 1 : The