Homework Sourse Homework Sourse

Question 1 5 points This tool can help detect arp spoofing Q

Question 1 (5 points)

This tool can help detect arp spoofing:

Question 1 options:

inverse arp

xarp

smac

rarp

Save

Question 2 (5 points)

A spoofing attack includes (choose all that apply):

Question 2 options:

pretends to be another user

relies on the legitimate user

uses stolen credentials

takes over of an HTTP session

Save

Question 3 (5 points)

When conducting a Sniffing Pen Testing we follow a certain order. Select the correct order from the list below.

Question 3 options:

Rogue Server, DHCP Starvation, Mac Spoofing, ARP Poisoning

MAC Spoofing, Rogue Server, ARP Poisoning, DHCP Starvation

DHCP Starvation, Rogue Server, ARP Poisoning, MAC Spoofing

DHCP Starvation, Rogue Server, MAC Spoofing, ARP Poisoning

Save

Question 4 (5 points)

This will help prevent DNS spoofing attacks (choose all that apply):

Question 4 options:

SSL

primary zones

SSH

secondary zones

Save

Question 5 (5 points)

The characteristics of these Trojans include the ability to open and close the CD-ROM tray (check all that apply):

Question 5 options:

Dark Comet

NetBus

Poison Ivy

SubSeven

Save

Question 6 (5 points)

How should you enable DHCP to enable DHCP snooping? (choose all that apply)

Question 6 options:

on a per protocol basis

per vlan

locally

globally

Save

Question 7 (5 points)

Your Supervisor is concerned about the use of port 139 in your environment. What measure do you recommend?

Question 7 options:

Use TCP Wrappers

Turn on the Windows Firewall

Block ICMP so the host cannot be detected

Disable File and Print Sharing

Save

Question 8 (5 points)

You can filter for an IP Address in Wireshark by typing:

Question 8 options:

IP.ADDR ==

IP ==

IP =

IP.Address ==

Save

Question 9 (5 points)

There are many purposes of malware, including which of the following? (choose all that apply)

Question 9 options:

Remove the Default LAN Route

Making a Computer Useless

Obtaining Passwords

Disable Networking Functions

Save

Question 10 (5 points)

Pick the types of Session Hijacking:

Question 10 options:

Passive

Kernel

Working

Active

Save

Question 11 (5 points)

With a session fixation attack, the attacker uses a:

Question 11 options:

valid SID

corrupt packet

cookie

legitmate packet

Save

Question 12 (5 points)

When going through the 3-way handshake put the following in sequence:

Question 12 options:

Syn seq, SYN+ACK, ACK

AYN+ACK, SYN Seq, ACO

ACK, SYN+ACK, ACK

SYN SEQ, ACK, FIN

Save

Question 13 (5 points)

What were the two dominant attack strategies identified in Symantec\'s Threat Report?

Question 13 options:

Distributed Denial of Service

Advanced Persistent Threats

Broader Strokes

Focused Attack

Save

Question 14 (5 points)

Which of the following are countermeasures that can be used for Trojans?

Question 14 options:

Install patches and security updates

Monitor all internal network traffic

Block unnecessary ports

Educate users to install applications from sites

Save

Question 15 (5 points)

In which type of session hijacking does a hacker sit back and watch traffic?

Question 15 options:

passive

stateless

active

stateful

Save

Question 16 (5 points)

This tool will allow you to spoof a MAC address:

Question 16 options:

inverse arp

rarp

xarp

smac

Save

Question 17 (5 points)

An attacker sees that Sara is on the internet every day. The attacker is able to infect Sara’s machine with a Trojan and change her DNS IP address. This is DNS spoofing.

Question 17 options:

Save

Question 18 (5 points)

This is an example of a Trojan that can be utilized for Website Defacement:

Question 18 options:

HTTrack

Restorator

WGET

CrimePack

Save

Question 19 (5 points)

Computers are able to be infected by viruses select how a computer is able to get an virus. Select all that apply.

Question 19 options:

Open infected e-mail attachments

Sends location of victims address

Not running the latest anti-virus application

Installing pirated software

Save

Question 20 (5 points)

A hijacking attack includes (choose all that apply):

Question 20 options:

relies on the legitimate user

pretends to be another user

takes over of an HTTP session

uses stolen credentials

inverse arp

xarp

smac

rarp

Solution

1 ) This tool can help detect arp spoofing:

answer is xarp.

in arp spoofing, the attacker sends false messages to users connected through the same LAN network. Hence, the attacker is now linked to your IP, and can now receive any data which you shall receive. Xarp is a firewall tool that can detect arp spoofing. It can detect hackers inside your network using active and passive modules.

______________________

2) A spoofing attack includes (choose all that apply)

answer - relies on the legimate user, uses stolen credentials, takes over an HTTP session.

As mentioned above that spoofing is about accessing someone\'s data through IP (taking over aHTTP session), using users connected on a LAN ( relieing on legitimate users ) using the actual users credentials.

-------------------------

When conducting a Sniffing Pen Testing we follow a certain order. Select the correct order from the list below.

answer - in the order -->> MAC Spoofing, Rogue Server, ARP Poisoning, DHCP Starvation

-------------------------------

This will help prevent DNS spoofing attacks (choose all that apply):

ansswer - SSL, secondary zone

DNS spoofing is the act of injecting false data into the cache of a DNS server causing it to serve this false data to its clients. Websites use valid SSL servers for this so tht hackers cannot clone the website and extract the data.

Stopping dynamic updates to all parties and instead giving it only to seleceted center DNS server can not be secured with primary zones.

------------------------

The characteristics of these Trojans include the ability to open and close the CD-ROM tray

answer :

subseven - with this trojan an attacker can turn the Caps Lock, Num Lock, and Scroll Lock off and on; disable the Ctl+Alt+Del key combination; log off the user; open and close the CD-ROM drive; turn the monitor off and on; invert the display; and shut down or reboot the computer. This uses ICQ, Internet Relay Chat (IRC), email, and even Common Gateway Interface (CGI) scripting to contact the originating intruder.

dark comet - this can hide the desktop, lock, task icons, sys tray icons, taskbar, start button, task manager, and open/close the CD tray.

netbus - can also open and close the cd rom tray.

--------------------------------------

How should you enable DHCP to enable DHCP snooping?

answer- DHCP snooping is enabled on a per-vlan basis. by default , however, it is not enabled on vlans and one must enable it manually. Also, one must enable DHCP snooping globally before we can use snooping in a vlan.

-------------------------------------

i have answered the first six, similarly try and solve the remaining.

thank you

Question 1 (5 points) This tool can help detect arp spoofing: Question 1 options: inverse arp xarp smac rarp Save Question 2 (5 points) A spoofing attack includ
Question 1 (5 points) This tool can help detect arp spoofing: Question 1 options: inverse arp xarp smac rarp Save Question 2 (5 points) A spoofing attack includ
Question 1 (5 points) This tool can help detect arp spoofing: Question 1 options: inverse arp xarp smac rarp Save Question 2 (5 points) A spoofing attack includ
Question 1 (5 points) This tool can help detect arp spoofing: Question 1 options: inverse arp xarp smac rarp Save Question 2 (5 points) A spoofing attack includ
Question 1 (5 points) This tool can help detect arp spoofing: Question 1 options: inverse arp xarp smac rarp Save Question 2 (5 points) A spoofing attack includ
Question 1 (5 points) This tool can help detect arp spoofing: Question 1 options: inverse arp xarp smac rarp Save Question 2 (5 points) A spoofing attack includ

Get Help Now

Submit a Take Down Notice
Tutor
Tutor: Dr Jack
Most rated tutor on our site