SSH B HTTP - 157 Sy0 101 Comptia Security+ [ PUNISHER ] pdf

C. SFTP D. IMAP4

Answer: B

Actualtests.com - The Power of Knowing Incorrect Answers:

A: The SSH protocol is used to establish a secure Telnet session over TCP/IP. C: SFTP transmit data securely between tan FTP client and an FTP server.

D: IMAP4 transmit e-mail between the e-mail client and the e-mail server. It does not transmit data between a web browser and a web server.

References:

David Groth and Toby Skandier, Network+ Study Guide (4th Edition), Sybex, Alameda CA, 2005, pp. 117, 297.

QUESTION 89:

Which of the following is a secure alternative to Telnet?

A. SSH B. HTTP C. SFTP D. IMAP4

Answer: A

Telnet is a terminal emulation protocol that provides a remote logon to another host over the network. The SSH protocol is used to establish a secure Telnet session over TCP/IP. It can thus be sued instead of Telnet.

Incorrect Answers:

B: HTTP is the protocol that is used by a web browser to communicate with web severs. This is not a function of Telnet.

C: SFTP transmit data securely between tan FTP client and an FTP server. This is not a function of Telnet.

D: IMAP4 transmit e-mail between the e-mail client and the e-mail server. This is not a function of Telnet.

References:

David Groth and Toby Skandier, Network+ Study Guide (4th Edition), Sybex, Alameda CA, 2005, pp. 117, 297.

QUESTION 90:

Which of the following provides remote logon over the Internet?

A. Telnet B. SSH C. PPP D. IMAP4

Answer: C

The PPP protocol is used to establish a connection over point-to-point links such as dial-up and dedicated leased lines that are used to connect to the Internet.

Actualtests.com - The Power of Knowing

A, B: Telnet is a terminal emulation protocol that provides a remote logon to another host over the network, not over the Internet. The SSH protocol is used to establish a secure Telnet session over TCP/IP. It can thus be sued instead of Telnet.

D: IMAP4 transmit e-mail between the e-mail client and the e-mail server. This is not a function of Telnet.

References:

David Groth and Toby Skandier, Network+ Study Guide (4th Edition), Sybex, Alameda CA, 2005, pp. 117, 297.

QUESTION 91:

Which of the following CANNOT be used for remote connections?

A. Telnet B. SSH C. PPP D. IMAP4

Answer: D

IMAP4 transmit e-mail between the e-mail client and the e-mail server. This does not allow remote connections.

Incorrect Answers:

C: The PPP protocol is used to establish a remote connection over point-to-point links such as dial-up and dedicated leased lines that are used to connect to the Internet. References:

David Groth and Toby Skandier, Network+ Study Guide (4th Edition), Sybex, Alameda CA, 2005, pp. 117, 297.

QUESTION 92:

Which of the following attacks are being referred to if packets are not connection-oriented and do not require the synchronization process?

A. TCP/IP Hijacking B. UDP Attack C. ICMP Attacks D. Smurf Attacks Answer: B Explanation:

UDP attack attacks either a maintenance protocol or a UDP service in order to overload services and initiate a DoS situation. UDP attacks can also exploit UDP protocols. UDP

Actualtests.com - The Power of Knowing packets are not connection-oriented and do not require the synchronization process described in the previous section. UDP packets, however, are susceptible to interception, and UDP can be attacked

Incorrect answers:

A: TCP/IP hijacking, also called active sniffing, involves the attacker gaining access to a host in the network and logically disconnecting it from the network. The attacker then inserts another machine with the same IP address. This happens quickly and gives the attacker access to the session and to all of the information on the original system. The server will not know this has occurred and will respond as if the client is trusted. C: ICMP attacks occur by triggering a response from the ICMP protocol when it

responds to a seemingly legitimate maintenance request. ICMP supports maintenance and reporting in a TCP/IP network. ICMP is part of the IP level of the protocol suite. Several programs, including PING, use the ICMP protocol. Until fairly recently, ICMP was regarded as a benign protocol that was incapable of very much damage.

D: Smurf attacks are becoming common and can create pure havoc in a network. A smurf attack uses IP spoofing and broadcasting to send a PING to a group of hosts in a network. When a host is pinged, it sends back ICMP message traffic information indicating status to the originator. If a broadcast is sent to a network, all of the hosts will answer back to the ping. The result of this is an overload of the network and the target system

References:

Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Sybex, Alameda, 2004, p 72-73.

QUESTION 93:

Which of the following attacks are being referred to if it was regarded as a benign protocol that was incapable of very much damage?

A. TCP/IP Hijacking B. UDP Attack C. ICMP Attacks D. Smurf Attacks Answer: C Explanation:

ICMP attacks occur by triggering a response from the ICMP protocol when it responds to a seemingly legitimate maintenance request. ICMP supports maintenance and reporting in a TCP/IP network. ICMP is part of the IP level of the protocol suite. Several programs, including PING, use the ICMP protocol. Until fairly recently, ICMP was regarded as a benign protocol that was incapable of very much damage.

Incorrect answers:

Actualtests.com - The Power of Knowing server will not know this has occurred and will respond as if the client is trusted. B: UDP attack attacks either a maintenance protocol or a UDP service in order to overload services and initiate a DoS situation. UDP attacks can also exploit UDP protocols. UDP packets are not connection-oriented and do not require the

synchronization process described in the previous section. UDP packets, however, are susceptible to interception, and UDP can be attacked

References:

Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Sybex, Alameda, 2004, p 72-73.

QUESTION 94:

Which of the following attacks uses IP spoofing and broadcasting to send a PING to a group of hosts in a network?

A. TCP/IP Hijacking B. UDP Attack C. ICMP Attacks D. Smurf Attacks Answer: D Explanation:

Smurf attacks are becoming common and can create pure havoc in a network. A smurf attack uses IP spoofing and broadcasting to send a PING to a group of hosts in a network. When a host is pinged, it sends back ICMP message traffic information indicating status to the originator. If a broadcast is sent to a network, all of the hosts will answer back to the ping. The result of this is an overload of the network and the target system

Incorrect answers:

A: TCP/IP hijacking, also called active sniffing, involves the attacker gaining access to a host in the network and logically disconnecting it from the network. The attacker then inserts another machine with the same IP address. This happens quickly and gives the attacker access to the session and to all of the information on the original system. The server will not know this has occurred and will respond as if the client is trusted. B: UDP attack attacks either a maintenance protocol or a UDP service in order to overload services and initiate a DoS situation. UDP attacks can also exploit UDP protocols. UDP packets are not connection-oriented and do not require the

synchronization process described in the previous section. UDP packets, however, are susceptible to interception, and UDP can be attacked

C: ICMP attacks occur by triggering a response from the ICMP protocol when it

Actualtests.com - The Power of Knowing

reporting in a TCP/IP network. ICMP is part of the IP level of the protocol suite. Several programs, including PING, use the ICMP protocol. Until fairly recently, ICMP was regarded as a benign protocol that was incapable of very much damage.

References:

Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Sybex, Alameda, 2004, p 72-73.

QUESTION 95:

One of the below is a description for a password cracker, which one is it?

A. A program that can locate and read a password file.

B. A program that provides software registration passwords or keys. C. A program that performs comparative analysis.

D. A program that obtains privileged access to the system.

Answer: C

Explanation:

In a dictionary crack, L0phtCrack encrypts (i.e., hashes) all the passwords in a dictionary file you specify and compares every result with the password hash. If L0phtCrack finds any matches, it knows the password is the dictionary word. L0phtCrack comes with a default dictionary file, words-english. You can download additional files from the Internet or create a custom file. In the Tools Options dialog box, you can choose to run the dictionary attack against the LANMAN password hash, the NT LAN Manager (NTLM) password hash, or both (which is the default).

In a hybrid crack, L0phtCrack extends the dictionary crack by appending numbers or symbols to each word in the dictionary file. For example, in addition to trying "Galileo," L0phtCrack also tries "Galileo24," "13Galileo," "?Galileo," "Galileo!," and so on. The default number of characters L0phtCrack tries is two, and you can change this number in the Tools Options dialog box.

In a brute-force crack, L0phtCrack tries every possible combination of characters in a character set. L0phtCrack offers four character sets, ranging from alpha only to all alphanumeric plus all symbol characters. You can choose a character set from the

Character Set drop-down box in the Tools Options dialog box or type a custom character set in the Character Set drop-down box. L0phtCrack saves custom sets in files with an .lc extension. You can also specify a character set in the password file, as the example in Figure 2 shows.

QUESTION 96:

One of the below attacks focus on the cracking of passwords, which one is it?

A. SMURF

In document 157 Sy0 101 Comptia Security+ [ PUNISHER ] pdf (Page 53-58)