Which of the following attacks is specially used for cracking a password?
A. PING attack
B. Dictionary attack
C. Vulnerability attack D. DoS attack
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?
A. Hunt
B. IPChains
C. Ethercap
D. Tripwire
A workstation with an IP address of 10.10.20.115/24 is suspected of being compromised. Which of the following is supported by the information in the process table?

A. A possibly compromised system at 10.10.10.200 is attempting to access shared files over the network
B. The behavior of the minesweeper.exe process indicates a likely trojan horse infection
C. The behavior of the smss.exe process indicates a likely rootkit infection
D. A possibly compromised system at 195.129.50.50 is attempting to start a web server on the host
What is a DNS zone transfer?
A. Bulk transfer of DNS records for a domain from your DNS server to another host upon request
B. Changing the registered region in which your DNS server is allowed to operate
C. Switching zone preferences between two DNS servers
D. Turning a DNS server from an internal server to an external server, or the other way around
What is the value of salting password hashes?
A. Full encryption in the SAM database
B. Strong encryption algorithms are enforced
C. Rainbow Tables cannot be used to crack the password
D. Dictionary password guessing attacks can't be used
Which of the following is a common method for hosts to be infected with bot software?
A. HTTP Proxies
B. Open Relays
C. Rootkits
D. Worms
Which servers should be allowed to perform zone transfers from your primary DNS server?
A. All Internet clients who wish to surf to your site
B. Your secondary DNS servers
C. Only internal clients
D. Any DNS server
Which of the following BEST represents a true virtual machine escape?
A. An attacker who has compromised a virtual machine using VMcat to run code on the physical host
B. An attacker who has compromised a virtual machine mapping a network drive on the physical host using SMB
C. An attacker who has compromised a virtual machine sniffing network traffic to and from the physical host
D. An attacker who has compromised a virtual machine, able to directly execute code on the physical host
An analyst discovers an undocumented host showing up in some IDS alerts with IP address 10.0.1.123. A port scan indicates listening services on the host. What step can the analyst take next to attempt OS detection and the version of the unknown services?
A. sc query
B. net view
C. netstat -nap
D. nmap -A
What information is commonly found in both the header and the possession log of a Chain of Custody?
A. Date and time the evidence was requested by the court
B. Date and time the evidence was checked into evidence locker
C. Date and time the evidence was initially collected
D. Date and time the evidence is classified as reliable