Tag: CEH v9

Kelly is a network security officer for a large state-run agency in California. Kelly is asked by the IT manager of another state agency to perform a security audit on their network. This audit she is asked to perform is an external audit. The IT manager thought that Kelly would be a great candidate for this task since she does not work for this other agency and is an accomplished IT auditor. The first task that she is asked to perform is an attempt to crack user passwords. Since Kelly knows that all state agency passwords must abide by the same password policy, she believes she can finish this particular task quickly. What is the best password attack method for Kelly to use in this situation?

Kevin, an IT security consultant, is working on contract for Davidson Avionics to audit the company’s network. He is given permission to perform any necessary tests. Kevin creates a fake company ID badge and uniform and waits by one of the company’s entrance doors. He follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Kevin employed?

Johnny is a member of the hacking group Orpheus1. He is currently working on breaking into the Department of Defense’s front end Exchange Server. He was able to get into the server, located in a DMZ, by using an unused service account that had a very weak password that he was able to guess. Johnny wants to crack the administrator password, but does not have a lot of time to crack it. He wants to use a tool that already has the LM hashes computed for all possible permutations of the administrator password. What tool would be best used to accomplish this?

Which type of scan opens a full TCP connection?

Jason asked his company’s firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network. Why is this request not possible? A. Firewalls cannot inspect traffic coming through port 443. B. Firewalls can only inspect outbound traffic. C. Firewalls cannot […]