Which of the following LM hashes represent a password of less than 8 characters? (Select 2)


A.     BA810DBA98995F1817306D272A9441BB

B.     44EFCE164AB921CQAAD3B435B51404EE

C.     0182BD0BD4444BF836077A718CCDF409

D.     CEC52EB9C8E3455DC2265B23734E0DAC

E.      B757BF5C0D87772FAAD3B435B51404EE

F.      E52CAC67419A9A224A3B108F3FA6CB6D


Correct Answer: BE




Which of the following is the primary objective of a rootkit?


A.     It opens a port to provide an unauthorized service.

B.     It creates a buffer overflow.

C.     It replaces legitimate programs.

D.     It provides an undocumented opening in a program.


Correct Answer: C




This kind of password cracking method uses word lists in combination with numbers and special characters:


A.     Hybrid

B.     Linear

C.     Symmetric

D.     Brute Force

< b style="mso-bidi-font-weight: normal"> 

Correct Answer: A




_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.


A.     Trojan

B.     RootKit

C.     DoS tool

D.     Scanner

E.      Backdoor


Correct Answer: B



What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?


A.     Copy the system files from a known good system.

B.     Perform a trap and trace.

C.     Delete the files and try to determine the source.

D.     Reload from a previous backup.

E.      Reload from known good media.


Correct Answer: E




What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?


A.     All are hacking tools developed by the legion of doom.

B.     All are tools that can be used not only by hackers, but also security personnel.

C.     All are DDOS tools.

D.     All are tools that are only effective against Windows.

E.      All are tools that are only effective against Linux.


Correct Answer: C




How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?


A.     There is no way to tell because a hash cannot be reversed.

B.     The right most portion of the hash is always the same.

C.     The hash always starts with AB923D.

D.     The left most portion of the hash is always the same.

E.      A portion of the hash will be all 0’s.


Correct Answer: B




When discussing passwords, what is considered a brute force attack?


A.     You attempt every single possibility until you exhaust all possible combinations or discover the password.

B.     You threaten to use the rubber hose on someone unless they reveal their password.

C.     You load a dictionary of words into your cracking program.

D.     You create hashes of a large number of words and compare it with the encrypted passwords.

E.      You wait until the password expires.


Correct Answer: A




Which of the following are well known password-cracking programs? (Choose all that apply.)


A.     L0phtcrack

B.     NetCat

C.     Jack the Ripper

D.     Netbus

E.      John the Ripper


Correct Answer: AE




Password cracking programs reverse the hashing process to recover passwords. (True/False.)


A.     True

B.     False


Correct Answer: B


Free VCE & PDF File for ECCouncil 31
2-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.