access

web-server

In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe?

Leave a Comment / CEHv11 / By

In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe? Option 1 : Banner grabbing Option 2 : Brute forcing Option 3 : WHOIS lookup Option 4 : Dictionary attack 1. Banner grabbing Banner grabbing is a technique wont to …

In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe? Read More »

credentials

Sam, a professional hacker, targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legimate employee. Moreover, he sent phishing emails to steal the AWS IAM credentials and further compromise the employee’s account What is the technique used by Sam to compromise the AWS IAM credentials?

Leave a Comment / CEHv11 / By

Sam, a professional hacker, targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legimate employee. Moreover, he sent phishing emails to steal the AWS IAM credentials and further compromise the employee’s account What is the technique used by Sam to compromise the AWS IAM credentials? Option 1: Reverse engineering Option 2: Social engineering Option 3: …

Sam, a professional hacker, targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legimate employee. Moreover, he sent phishing emails to steal the AWS IAM credentials and further compromise the employee’s account What is the technique used by Sam to compromise the AWS IAM credentials? Read More »

wireless network

Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane’s wireless network without a password . However, Jane has a long, complex password on her router. What attack has likely occurred?

Leave a Comment / CEHv11 / By

Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane’s wireless network without a password . However, Jane has a long, complex password on her router. What attack has likely occurred? Option 1 : Wireless sniffing Option 2 : Wardriving Option 3 : Piggybacking Option 4 : Evil twin 1. Wireless sniffing A wireless sniffer may be a sort of packet analyzer. A packet analyzer (also referred to …

Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane’s wireless network without a password . However, Jane has a long, complex password on her router. What attack has likely occurred? Read More »

MSP

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP accounr, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks did Alice perform in the above scenario?

Leave a Comment / CEHv11 / By

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks …

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP accounr, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks did Alice perform in the above scenario? Read More »

There have been concerns in your network that the wireless network components is not sufficiently secure. You perform a vulnerabilities scan of the wireless network and find that it is using an old encryption protocol that was designed to mimic wired encryption. What encryption protocol is being used?

Leave a Comment / CEHv11 / By

There have been concerns in your network that the wireless network components is not sufficiently secure. You perform a vulnerabilities scan of the wireless network and find that it is using an old encryption protocol that was designed to mimic wired encryption. What encryption protocol is being used? Option 1 : WPA Option 2 : WEP Option 3 : RADIUS Option 4 : WPA3 1. WPA Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), …

There have been concerns in your network that the wireless network components is not sufficiently secure. You perform a vulnerabilities scan of the wireless network and find that it is using an old encryption protocol that was designed to mimic wired encryption. What encryption protocol is being used? Read More »

protocols

Which of the following protocols can be used to secure an LDAP service against anonymous queries?

Leave a Comment / CEHv11 / By

Which of the following protocols can be used to secure an LDAP service against anonymous queries? Option 1 : WPA Option 2 : RADIUS Option 3 : NTLM Option 4 : SSO 1. WPA Wi-Fi Protected Access (WPA) could be a security standard for users of computing devices equipped with wireless web connections. WPA was developed by the Wi-Fi Alliance to produce a lot of subtle encoding and higher user authentication than Wired Equivalent Privacy …

Which of the following protocols can be used to secure an LDAP service against anonymous queries? Read More »

Attacker

Attacker Steve targeted an organization’s with the aim of redirecting the company’s web traffic to another malicious website. To achieve this goal, Steve performed DNS cache poisoning by exploiting vulnerabilities in the DNS server software and modified the original IP address of the target website to that of a fake website. What is the technique employed by Steve to gather information for identity theft?

Leave a Comment / CEHv11 / By

Attacker Steve targeted an organization’s with the aim of redirecting the company’s web traffic to another malicious website. To achieve this goal, Steve performed DNS cache poisoning by exploiting vulnerabilities in the DNS server software and modified the original IP address of the target website to that of a fake website. What is the technique employed by Steve to gather information for identity theft? Option 1 : Pretexting Option 2 : Wardriving Option 3 : …

Attacker Steve targeted an organization’s with the aim of redirecting the company’s web traffic to another malicious website. To achieve this goal, Steve performed DNS cache poisoning by exploiting vulnerabilities in the DNS server software and modified the original IP address of the target website to that of a fake website. What is the technique employed by Steve to gather information for identity theft? Read More »

Understand-the-Importance-of-Network-Forensics

Understand the Importance of Network Forensics

Leave a Comment / CHFI / By

Understand the Importance of Network Forensics in this this article Network Forensics is the implementation of sniffing, recording, acquisition, and analysis of network traffic and event logs to investigate a network security incident. Capturing network traffic over a network is simple in theory, but relatively complex in practice due to many inherent reasons such as the large amount of data flow and complex nature of Internet protocols. Recording network traffic involves a lot of resources. …

Understand the Importance of Network Forensics Read More »

Understanding-Examine- file-systems

Understanding Examine File Systems

Leave a Comment / CHFI / By

Understanding Examine file systems is imperative to access to the file system data and to rebuild the file system events. File systems comprise of five sections, namely, file system data, content data, metadata, file name, and file system application data. File system data The file system data gives details about the file system structure, like file system and file system block size, number of allocated blocks etc. 1. Content data This data has most of …

Understanding Examine File Systems Read More »