Data

LDAP

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services?

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services? Option 1 : Zabasearch Option 2 : EarthExplorer Option 3 : Jxplorer Option 4 : ike-scan …

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the LDAP service for sensitive information such as username, addresses, departmental details, and server names to launch further attacks on the target organization. What is tool employed by John to gather information from the LDAP services? Read More »

scan

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network to identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the user who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization?

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network to identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the user who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization? Option 1 : Credential assessment Option 2 : Internal assessment Option 3 : External assessment Option 4 : …

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network to identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the user who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization? Read More »

tools

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario?

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario? Option 1 :  VoIP footprinting Option 2 : Dark web footprinting Option 3 : Website footprinting Option …

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario? Read More »

wireless network

Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane’s wireless network without a password . However, Jane has a long, complex password on her router. What attack has likely occurred?

Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane’s wireless network without a password . However, Jane has a long, complex password on her router. What attack has likely occurred? Option 1 : Wireless sniffing Option 2 : Wardriving Option 3 : Piggybacking Option 4 : Evil twin 1. Wireless sniffing A wireless sniffer may be a sort of packet analyzer. A packet analyzer (also referred to …

Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane’s wireless network without a password . However, Jane has a long, complex password on her router. What attack has likely occurred? Read More »

MSP

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP accounr, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks did Alice perform in the above scenario?

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks …

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phising emails and distributed custom-made malware to compromise user account and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP accounr, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attack on the target organization. Which of the following cloud attacks did Alice perform in the above scenario? Read More »

DNS protocol

John, a professional hacker, decided to use DNS to perform data exfilteration on a target network. In this process, he embedded malicious data into the DNS protocol packets that even DNSSEC cannot detect. Using this technique, John successfully injected malware to bypass a firewall and maintained communication with the victim machine and C&C server. What is the technique employed by John to bypass the firewall?

John, a professional hacker, decided to use DNS to perform data exfilteration on a target network. In this process, he embedded malicious data into the DNS protocol packets that even DNSSEC cannot detect. Using this technique, John successfully injected malware to bypass a firewall and maintained communication with the victim machine and C&C server. What is the technique employed by John to bypass the firewall? Option 1 : DNS tunneling method Option 2 : DNS …

John, a professional hacker, decided to use DNS to perform data exfilteration on a target network. In this process, he embedded malicious data into the DNS protocol packets that even DNSSEC cannot detect. Using this technique, John successfully injected malware to bypass a firewall and maintained communication with the victim machine and C&C server. What is the technique employed by John to bypass the firewall? Read More »

John is investing web-application firewall logs and observers that someone is attempting to inject the following : char buff[10]; buff[10] = ‘a’; What type of attack is this ?

John is investing web-application firewall logs and observers that someone is attempting to inject the following : char buff[10]; buff[10] = ‘a’; What type of attack is this ? Option 1 : Buffer overflow Option 2 : CSRF Option 3 : SQL injection Option 4 : XSS 1. Buffer overflow Buffer overflow this attack is an anomaly that happens when software writing data to a buffer overflows the buffer’s capacity, leading to adjacent memory locations …

John is investing web-application firewall logs and observers that someone is attempting to inject the following : char buff[10]; buff[10] = ‘a’; What type of attack is this ? Read More »

Android

What is the file that determines the basis configuration (specifically activities, services, broadcast receivers, etc.) in an Android application?

What is the file that determines the basis configuration (specifically activities, services, broadcast receivers, etc.) in an Android application? Option 1 : APK.info Option 2 : classes.dex Option 3 : AndroidManifest.xml Option 4 : resources.asrc 1. APK.info Android Package (APK) is that the package file format employed by the Androids OS , and variety of other Android-based operating systems for distribution and installation of mobile apps, mobile games and middleware. APK is analogous to other …

What is the file that determines the basis configuration (specifically activities, services, broadcast receivers, etc.) in an Android application? Read More »

law

Widespread fraud at Enron, Worldcom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This is known by what acronym?

Widespread fraud at Enron, Worldcom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This is known by what acronym? Option 1 : HIPPA Option 2 : SOX Option 3 : PCIDSS Option 4 : FedRAMP 1. HIPPA The Standards for Privacy of …

Widespread fraud at Enron, Worldcom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This is known by what acronym? Read More »

Attacker

Attacker Steve targeted an organization’s with the aim of redirecting the company’s web traffic to another malicious website. To achieve this goal, Steve performed DNS cache poisoning by exploiting vulnerabilities in the DNS server software and modified the original IP address of the target website to that of a fake website. What is the technique employed by Steve to gather information for identity theft?

Attacker Steve targeted an organization’s with the aim of redirecting the company’s web traffic to another malicious website. To achieve this goal, Steve performed DNS cache poisoning by exploiting vulnerabilities in the DNS server software and modified the original IP address of the target website to that of a fake website. What is the technique employed by Steve to gather information for identity theft? Option 1 : Pretexting Option 2 : Wardriving Option 3 : …

Attacker Steve targeted an organization’s with the aim of redirecting the company’s web traffic to another malicious website. To achieve this goal, Steve performed DNS cache poisoning by exploiting vulnerabilities in the DNS server software and modified the original IP address of the target website to that of a fake website. What is the technique employed by Steve to gather information for identity theft? Read More »