MK0-201 Online Practice Questions and Answers

Which tools are capable of capturing Kerberos domain authentication credentials and then running either dictionary or brute force offline password cracking?Choose two.

A. LC5

B. Cain and Abel

C. Ettercap

D. Kerbsniff and kerbcrack

While exploiting remote targets using exploits,there are a few stages that have to take place. Which of the following stages is the payload which is executed after exploitation?

A. Shellcode

B. Injection Vector

C. Request Builder

D. Handler routine

Having just downloaded a new version of Cain and Abel,you wish to monitor your network for clear text passwords being sent.

Knowing you are currently connected to a switch you will attempt to perform an ARP poisoning attack that will let you look at all the packets and not only packets sent to your own machine.

What would you call this type of sniffing?

A. Passing Sniffing

B. Active Sniffing

C. ARP Sniffing

D. All stations sniffing

How does a system administrator prevent Idp.exe and user2sid.exe tools from retrieving domain usernames,SIDs,and other information from a Windows 2000 Domain Controller if no username and password are supplied?Choose two.

A. Add the Everyone group to the Pre-Windows 2000 Compatible Access group

B. Remove the Everyone group from the Pre-Windows 2000 Compatible Access group

C. Set RestrictAnonymous registry key to two

D. Set RestrictAnonymous registry key to zero

Wayne,who has a twisted mind,has been watching security mailing lists very closely.Today he has seen a new vulnerability announcement that affects multiple mail servers.Jack wishes to scan the internet for servers that are running one of those vulnerable mail servers.His intent is to do this passively at first by doing DNS queries using the nslookup command.

What type of resource record is Wayne looking for within the DNS query results?

A. Only A resource record

B. Only PTR records

C. Only MX records

D. Only CNAME records

When doing an ACK flag scanning the target host is sent TCP packets with the ACK flag set and the reply is then analyzed.

Which of the following items within the response packets would be used to determine if the port was open on the remote host?(Choose two)

A. The Time To Live field

B. The source port

C. The destination port

D. The Window field

A Denial of Service (DoS) attack can have severe effect on a company network or systems.What is the main purpose of a DoS attack?Choose the best response.

A. To compromise a remote system

B. To disallow access from legitimate users

C. To disallow access from illegitimate users

D. To create a lot of log entries

The process of flooding a local segment with thousands of random MAC addresses can result in some switches behaving like a hub.The goal of the hacker is to accomplish what?Choose the best answer.

A. Denial of service

B. ARP cache poisoning

C. Sniffing in a switched network

D. SYN flood

Keen administrators (the enemy of penetration testers)will take great steps in order to collect logs on different servers.By having a detailed log of activities they may be able to detect abnormal activities.

A skilled intruder will attempt to modify the logging policy in order to prevent the administrator from having access to his detailed log.What command line tool could an attacker use to disable auditing on a Windows server?

A. Syslog

B. Eventlog

C. Auditpol

D. Auditlog

A system administrator deploys a Windows-based server in a publicly-accessible DMZ.The sole purpose of this machine is to run IIS and allow anonymous access.After a few days the security log is full of failed login against the Administrator account.What is the best strategy to totally prevent future password guessing attempts? Choose the best answer.

A. Enable account lockout

B. Change the Administrator password to be even longer

C. Remove File and Print Sharing for Microsoft Networks on the network adapter

D. Configure the security policy to shut down the system when the event log is full