Search Results for: information

LDAP

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services?

Leave a Comment / CEHv11 / By

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services? Option 1 : Zabasearch Option 2 : EarthExplorer Option 3 : Jxplorer Option 4 : ike-scan …

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services? Read More »

SSLv2

Samuel a security administrator, is accessing the configuration of a web server. He noticed that the server permits SSLv2 connections, and the same private key certificate is used on a different server that allows SSLv2 connections. This vulnerability makes the web server vulnerable to attack as the SSLv2 server can leak key information. Which of the following attack can be performed by exploiting the above vulnerability?

1 Comment / CEHv11 / By

Samuel a security administrator, is accessing the configuration of a web server. He noticed that the server permits SSLv2 connections, and the same private key certificate is used on a different server that allows SSLv2 connections. This vulnerability makes the web server vulnerable to attack as the SSLv2 server can leak key information. Which of the following attack can be performed by exploiting the above vulnerability? Option 1 : Padding oracle attack Option 2 : …

Samuel a security administrator, is accessing the configuration of a web server. He noticed that the server permits SSLv2 connections, and the same private key certificate is used on a different server that allows SSLv2 connections. This vulnerability makes the web server vulnerable to attack as the SSLv2 server can leak key information. Which of the following attack can be performed by exploiting the above vulnerability? Read More »

tools

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario?

Leave a Comment / CEHv11 / By

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario? Option 1 :  VoIP footprinting Option 2 : Dark web footprinting Option 3 : Website footprinting Option …

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario? Read More »

running

During the enumeration phase, Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445. Which of the following services is enumerated by Lawrence in this scenario?

Leave a Comment / CEHv11 / By

During the enumeration phase, Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445. Which of the following services is enumerated by Lawrence in this scenario? Option 1 : Telnet Option 2 : Network File System (NFS) Option 3 : Server Message Block (SMB) Option 4 : Remote procedure call (RPC) 1. Telnet Telnet is an organization convention …

During the enumeration phase, Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445. Which of the following services is enumerated by Lawrence in this scenario? Read More »

MIB

Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB, which contain formal descriptions of all network objects managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and Lseries.mib or by entering the DNS library name and Lseries.mib. He is currently retrieving information from an MIB that contains object types for workstations and server services. Which of the following types of MIB is accessed by Garry in the above scenario?

Leave a Comment / CEHv11 / By

Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB, which contain formal descriptions of all network objects managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and Lseries.mib or by entering the DNS library name and Lseries.mib. He is currently retrieving information from an MIB …

Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB, which contain formal descriptions of all network objects managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and Lseries.mib or by entering the DNS library name and Lseries.mib. He is currently retrieving information from an MIB that contains object types for workstations and server services. Which of the following types of MIB is accessed by Garry in the above scenario? Read More »

social media

Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this, James, a professional hacker, targets Emily and acquaintances, conducts a location search to detect their geolocation by using an automated tool, and gathers information to perform other sophisticated attacks. What is tool employed by James in the above scenario?

Leave a Comment / CEHv11 / By

Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and  location tags of recently visited places. Realizing this, James, a professional hacker,  targets Emily and acquaintances, conducts a location search to detect their geolocation by using an automated tool, and gathers information to perform other sophisticated attacks. What is tool employed by James in the above scenario? Option 1 : Ophcrack Option 2 : HootSuite Option 3 : HULK …

Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this, James, a professional hacker, targets Emily and acquaintances, conducts a location search to detect their geolocation by using an automated tool, and gathers information to perform other sophisticated attacks. What is tool employed by James in the above scenario? Read More »

connected

Richard, an attacker, aimed to hack IoT devices connected to a target network. In this process, Richard recorded the frequency required to share information between connected devices. After obtaining frequency, he captured the original data when commands were initiated by the connected devices. Once the original data were collected, he used free tools such as URH to segregate the commands sequence. Subsequently, he started injecting the segregated command sequence on the same frequency into the IoT network, which repeats the captured signals of the devices. What is the type of attack performed by Richard in the above Scenario?

Leave a Comment / CEHv11 / By

Richard, an attacker, aimed to hack IoT devices connected to a target network. In this process, Richard recorded the frequency required to share information between connected devices. After obtaining frequency, he captured the original data when commands were initiated by the connected devices. Once the original data were collected, he used free tools such as URH to segregate the commands sequence. Subsequently, he started injecting the segregated command sequence on the same frequency into the …

Richard, an attacker, aimed to hack IoT devices connected to a target network. In this process, Richard recorded the frequency required to share information between connected devices. After obtaining frequency, he captured the original data when commands were initiated by the connected devices. Once the original data were collected, he used free tools such as URH to segregate the commands sequence. Subsequently, he started injecting the segregated command sequence on the same frequency into the IoT network, which repeats the captured signals of the devices. What is the type of attack performed by Richard in the above Scenario? Read More »

web server

What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?

Leave a Comment / CEHv11 / By

What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages? Option 1 : idq.dll Option 2 : administration.config Option 3 : httpd.conf Option 4 : php.ini 1. idq.dll idq.dll may be a library employed by ISAPI for indexing. idq.dll may be a system process that’s needed for your PC to figure properly. It shouldn’t be removed. The idq.dll is an executable …

What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages? Read More »

MSP

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP accounr, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks did Alice perform in the above scenario?

Leave a Comment / CEHv11 / By

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks …

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP accounr, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks did Alice perform in the above scenario? Read More »