• Choose a category
• All
• Classic-Fiction

Understand the different types of offline password attacks. Dictionary, hybrid, and bruteforce attacks are all offline password attacks.

Know the ways to defend against password guessing. Smart cards and biometrics are two ways to increase security and defend against password guessing.

Understand the differences between the types of nonelectronic attacks. Social engineering, shoulder surfing, and dumpster diving are all types of nonelectronic attacks.

Know how evidence of hacking activity is eliminated by attackers. Clearing event logs and disabling auditing are methods that attackers use to cover their tracks.

Realize that hiding files are means used to sneak out sensitive information. Steganography, NTFS streaming, and the attri b command are all ways hackers can hide and steal files.

Review Questions

1. What is the process of hiding text within an image called?

A. Steganography

B. Encryption

C. Spyware

D. Keystroke logging

2. What is a rootkit?

A. A simple tool to gain access to the root of the Windows system

B. A Trojan that sends information to an SMB relay

C. An invasive program that affects the system files, including the kernel and libraries

D. A tool to perform a buffer overflow

3. Why would hackers want to cover their tracks?

A. To prevent another person from using the programs they have installed on a target system

B. To prevent detection or discovery

C. To prevent hacking attempts

D. To keep other hackers from using their tools

4. What is privilege escalation?

A. Creating a user account with higher privileges

B. Creating a user account with Administrator privileges

C. Creating two user accounts: one with high privileges and one with lower privileges

D. Increasing privileges on a user account

5. What are two methods used to hide files? (Choose all that apply.)

A. NTFS file streaming

B. Attri b command

C. Steganography

D. Encrypted File System

6. What is the recommended password-change interval?

A. 30 days

B. 20 days

C. 1 day

D. 7 days

7. What type of password attack would be most successful against the password T63k#s23A?

A. Dictionary

B. Hybrid

C. Password guessing

D. Brute force

8. Which of the following is a passive online attack?

A. Password guessing

B. Network sniffing

C. Brute-force attack

D. Dictionary attack

9. Why is it necessary to clear the event log after using the audi tpol command to turn off logging?

A. The audi tpol command places an entry in the event log.

B. The audi tpol command doesn't stop logging until the event log has been cleared.

C. audi tpol relies on the event log to determine whether logging is taking place.

D. The event log doesn't need to be cleared after running the audi tpol command.

10. What is necessary in order to install a hardware keylogger on a target system?

A. The IP address of the system

B. The Administrator username and password

C. Physical access to the system

D. Telnet access to the system

Answers to Review Questions

1. A. Steganography is the process of hiding text within an image.

2. C. A rootkit is a program that modifies the core of the operating system: the kernel and libraries.

3. B. Hackers cover their tracks to keep from having their identity or location discovered.

4. D. Privilege escalation is a hacking method to increase privileges on a user account.

5. A, B. NTFS file streaming and the attri b command are two hacking techniques to hide files.

6. A. Passwords should be changed every 30 days for the best balance of security and usability.

7. D. A brute-force attack tries every combination of letters, numbers, and symbols.

8. B. Network sniffing is a passive online attack because it can't be detected.

9. A. The event log must be cleared because the audi tpol command places an entry in the event log indicating that login has been disabled.

10. C. A hardware keylogger is an adapter that connects the keyboard to the PC. A hacker needs physical access to the PC in order to plug in