A. Linux operating systems
B. Windows operating systems
C. Firewalls
D. Management Information bases (MIBs)
2. What hidden share can be tested for evidence of null session vulnerabilities?
A. ADMIN$
B. NULL$
C. C$
D. IPC$
3. This tool uses the command-line to identify and report the protocol statistics of current TCP/IP connections using NBT (NetBIOS over TCP/IP).
A. DumpSec
B. Net View
C. Nbtstat
D. enum
4. Which of the following is not a counter measure for defending against a null session vulnerabilities?
A. Disable the guest account
B. Disable SMB
C. Restrict anonymous connections
D. Filter ports 139 and 445 on perimeter network devices
5. SNMP uses ____ to define the information that a managed system offers.
A. Management Information Bases (MIBs)
B. Simple Network Management Protocol
C. SNMPUTIL
D. Object identifiers
6. Which of following are recommended SNMP enumeration countermeasures? (Choose all the apply)
A. Remove SNMP agent on systems were it is not needed
B. Change default community strings
C. Encrypt all SNMP traffic
D. Don’t change default community strings
7. Which of the following relative identifiers (RID) listed below identifies the administrator account on a Windows system?
A. 501
B. 512
C. 500
D. 502
8. Which password attack exploits situations where users change their passwords by adding a number to their old password?
A. Syllable
B. Hybrid
C. Brute force
D. Dictionary
9. In this type of password attack the attacker has some information about the password. For example, the attacker knows the password contains a two or three digit number.
A. Hybrid
B. Nontechnical
C. Rule-based
D. Precomputed hashes
10. What are some characteristics that make LM hashes vulnerable to offline attacks? (Choose all that apply)
A. Short length
B. Is converted to lower case
C. Is converted to upper