Which of the following describe the benefits to a pass-the-hash attack over traditional password cracking?

• A.No triggering of IDS signatures from the attack, no account lockout and use ofnative windows file and print sharing tools on the compromised system.
• B.No account lockout, use of native file and print sharing tools on the compromisedsystem and no corruption of the LSASS process.
• C.No triggering of IDS signatures from the attack privileges at the level of theacquired password hash and no corruption of the LSASS process.
• D.No account lockout, privileges at the level of the acquired password hash and useof native windows file and print Sharif tools on the compromised system.

Comment: *

Name: *

Email: *

Verification: *

How does OWASP ZAP function when used for performing web application assessments?

• A.It is a non-transparent proxy that sits between your web browser and the targetapplication.
• B.It is a non-transparent proxy that passively sniffs network traffic for HTTPvulnerabilities.
• C.It is a transparent policy proxy that sits between Java servers and |SP web pages.
• D.It is a transparent proxy that sits between a target application and the backenddatabase.

Comment: *

Name: *

Email: *

Verification: *

Which of the following tasks can be performed by using netcat utility?
Each correct answer represents a complete solution. Choose all that apply.

• A.Port scanning and service identification
• B.Creating a Backdoor
• C.Checking file integrity
• D.Firewall testing

Comment: *

Name: *

Email: *

Verification: *

CORRECT TEXT
Fill in the blank with the appropriate tool name.
__________is a wireless network cracking tool that exploits the vulnerabilities in the RC4 Algorithm, which comprises the WEP security parameters.

Comment: *

Name: *

Email: *

Verification: *

Which of the following methods can be used to detect session hijacking attack?

• A.sniffer
• B.ntop
• C.nmap
• D.Brutus

Comment: *

Name: *

Email: *

Verification: *