100%(2)2 out of 2 people found this document helpful
This preview shows page 55 - 58 out of 293 pages.
QUESTION 132How would you describe a simple yet very effective mechanism for sending and receiving unauthorizedinformation or data between machines without alerting any firewalls and IDS's on a network?A.Covert ChannelB.Crafted ChannelC.Bounce ChannelD.Deceptive ChannelCorrect Answer: ASection: SniffersExplanationExplanation/Reference:A covert channel is described as: "any communication channel that can be exploited by a process totransfer information in a manner that violates the systems security policy." Essentially, it is a method ofcommunication that is not part of an actual computer system design, but can be used to transferinformation to users or system processes that normally would not be allowed access to the information.QUESTION 133Exhibit:
You have captured some packets in Ethereal. You want to view only packets sent from 10.0.0.22. Whatfilter will you apply?A.ip = 10.0.0.22B.ip.src == 10.0.0.22C.ip.equals 10.0.0.22D.ip.address = 10.0.0.22Correct Answer: BSection: SniffersExplanationExplanation/Reference:Explanation: ip.src tells the filter to only show packets with 10.0.0.22 as the source.QUESTION 134Real 161ECCouncil 312-50 ExamYou are sniffing as unprotected WiFi network located in a JonDonalds Cybercafe with Ethereal to capturehotmail e-mail traffic. You see lots of people using their laptops browsing the web while snipping brewedcoffee from JonDonalds. You want to sniff their email message traversing the unprotected WiFi network.Which of the following ethereal filters will you configure to display only the packets with the hotmailmessages?A.(http contains "hotmail") && ( http contains "Reply-To")B.(http contains "e-mail" ) && (http contains "hotmail")C.(http = "login.passport.com" ) && (http contains "SMTP")D.(http = "login.passport.com" ) && (http contains "POP3")Correct Answer: A
Section: SniffersExplanationExplanation/Reference:Explanation: Each Hotmail message contains the tag Reply-To:<sender address> and "xxxx-xxx-xxx.xxxx.hotmail.com" in the received tag.QUESTION 135Daryl is a network administrator working for Dayton Technologies. Since Daryl's background is in webapplication development, many of the programs and applications his company uses are web-based. Darylsets up a simple forms-based logon screen for all the applications he creates so they are secure.The problem Daryl is having is that his users are forgetting their passwords quite often and sometimes hedoes not have the time to get into his applications and change the passwords for them. Daryl wants a toolor program that can monitor web-based passwords and notify him when a password has been changed sohe can use that tool whenever a user calls him and he can give them their password right then.What tool would work best for Daryl's needs?A.Password snifferB. L0phtcrackC.John the RipperD. WinHttrackCorrect Answer: ASection: SniffersExplanationExplanation/Reference:L0phtCrack is a password auditing and recovery application (now called LC5), originally produced byMudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lostMicrosoft Windows passwords.