ECHA Test Review 1

An attacker has successfully tapped into a network segment and has configured port spanning for his connection, which allows him to see all traffic passing through the switch. Which of the fo1lowing protocols protects any sensitive data from being seen by this attacker?

Which of the following techniques can be used to gather information from a fully switched network or to disable some of the traffic isolation features of a switch? (Choose two.)

Examine the following Snort rule:

alert tcp !$HOME_NET any-> $HOME_NET 23 (content:

"admin"; msg: "Telnet at tempt .. admin access";)

Which of the following are true regarding the rule? ( Choose all that apply.)

You are performing an ACK scan against a target subnet. You previously verified connectivity to several hosts within the subnet but want to verify all live hosts on the subnet. Your scan, however, is not receiving any replies. Which type of firewall is most likely in use at your location?

Examine the Wireshark filter shown here:

ip.src == 192.168.1.1 && tcp.srcport == 80

Which of the following correctly describes the capture filter?

Which of the following correctly describes brute-force password attacks?

You are attempting to hack a Windows machine and want to gain a copy of the SAM file. Where can you find it? (Choose all that apply.)

While performing online banking using a web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.

What web browser-based security vulnerability was exploited to compromise the user?

This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attach along with some optimizations like Korek attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.

Which of the following tools is being described?

> NMAP -sn 192.168.1l.200-2l5

The NMAP command above performs which of the following?