What are some of the weaknesses that make LAN Manager Hashes much easier to crak by an attacker? (Select all that apply.)
A. The 14 character paasword is split in two
B. The password is converted to Uppercase
C. The hash value is encrypted using MD5
D. The hash value is encrypted with AES
An attacker is sending packets with no flag set.This is also known as doing a NULL scan.Usually,operating system networking stacks will respond with a RST packe,however,some operating systems do not conform to this behavior and respond in appropriately. Such behavior could allow for the identification of the remote OS being used.Which of the following would be one of the Operating systems that responds differently?
A. Solaris
B. Linux
C. Windows
D. HP-UX
What is one way an attacker can use to determine if a database front-end application is vulnerable to SQL injection?
A. By entering a single star (*)in the username field.
B. By entering all outgoing TCP connections after browsing the web application.
C. There is no way to check,they just have to attempt on attack.
D. By entering a single quota ( ) in the password field.
Which of the following commands would capture all packets going to and from IP address 192.168.1.2 using tcpdump?
A. tcpdump host 192.168.1.2
B. tcpdump dest 192.168.1.2
C. tcpdump any 192.168.1.2/32
D. tcpdump all 192.168.1.2/24
Why is passive sniffing much harder to detect,if not impossible,compared to active sniffing?Choose the best answer.
A. Passive sniffing injects fewer packets into the switch
B. Passive sniffing can be done only via software and not hardware
C. A device that only receives packets and never transmits packets is truly undetectable.
D. It is difficult to obtain software that passively sniffs
What sniffer program is capable of reconstructing associated TCP packets into a sessions showing application layer data from the client to the server and vice-versa?Choose the best 2 answers.
A. Packetyzer
B. Etherape
C. Ethereal
D. ARPwatch
A Windows computer that has not been hardened properly might allow NULL connection from a remote host.
Which of the following commands would be used by a remote attacker to attempt connecting using NULL session?
A. net use \\servername\ipc$NULL/u
B. net use \\servername\ipc$u:
C. net share \\servername\ipc$/u:
D. net use \\servername\ipc$/u:NULL
This technique consists of using social to trick someone into revealing information they should not usually release to unathorized users.
What do we call this technique or type of attack?
A. Shoulder Surfing
B. Eavesdropping
C. Social Engineering
D. Social Coining
A null session allows users to connect remotely to other Windows computers on the network.According to the implementation of NULL sessions of Windows platforms,how long would the password be in order to establish a NULL Session?
A. At least 8 Characters
B. A passphrase is used not a password
C. There is no password involved
D. Windows makes use of Digital Signature in such case,not passwords
What technology can be deployed at the network layer to protect against snififng?Choose the best answer.
A. SSL
B. Certificates
C. IPSec
D. DAI
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Mile2 exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your MK0-201 exam preparations and Mile2 certification application, do not hesitate to visit our Vcedump.com to find your solutions here.