SEC401 Workbook, SANS 401 GSEC Exam SET
QUESTIONS AND REVISED ANSWERS >> ALREADY
PASSED
What tcpdump flag displays hex, ASCII, and the Ethernet header? - correct answer --XX
What tcpdump flag allows us to turn off hostname and port resolution? - correct answer --nn
What TCP flag is the only one set when initiating a connection? - correct answer -SYN
Which tool from the aircrack-ng suite captures wireless frames? - correct answer -airodump-ng
To crack WPA, you must capture a valid WPA handshake? - correct answer -True
What is the keyspace associated with WEP IVs? - correct answer -2^
What user account is part of Windows Resource Protection? - correct answer -TrustedInstaller
What is the file system location where DLL files are stored? - correct answer -System32
What command is used to launch the graphical PowerShell ISE editor? - correct answer -
powershell_ise.exe
What keyboard do we look for in secedit.exe log files to find mismatches? - correct answer -Mismatch
,SEC401 Workbook, SANS 401 GSEC Exam SET
QUESTIONS AND REVISED ANSWERS >> ALREADY
PASSED
What command is used to open a text file in the PowerShell ISE editor? - correct answer -ise
What PowerShell commands show processes and services - correct answer -Get-Process and Get-
Service
What PowerShell command can export objects to a CSV text file? - correct answer -Export-Csv
What PowerShell command strips away properties we don't care about? - correct answer -Select-Object
What is the file used by John the Ripper to store cracked passwords? - correct answer -john.pot
What password cracking method uses GECOS information? - correct answer -Single
True or False: John the Ripper can crack any password within 2 days? - correct answer -False
What Cisco password type were we easily able to decode with Cain? - correct answer -Type-7
What is the name of the password database on Windows? - correct answer -SAM Database
What Windows hash type did we crack with Cain and Abel? - correct answer -NT or NTLM
What Nmap option enables you to write results in XML format? - correct answer --oX
Which Nmap scan type performs a Stealth Scan? - correct answer --sS
In what language are NSE scripts written? - correct answer -Lua
, SEC401 Workbook, SANS 401 GSEC Exam SET
QUESTIONS AND REVISED ANSWERS >> ALREADY
PASSED
What is the name of the tool we used to display text from the program? - correct answer -strings
What message did we get during the buffer overflow? - correct answer -Segmentation fault
What do we prepend to a program to ensure it runs from the current folder? - correct answer -./
What is the name of the function enabling this command injection bug? - correct answer -system
True or False? You need to use the | symbol to append on an additional command? - correct answer -
False
What command did you use to go to the restricted shell? - correct answer -rbash
Which hping3 option performs IP source address spoofing? - correct answer --a
True or False? hping3 can transfer files covertly? - correct answer -True
Using the "-t" flag with hping3, what can we set the value for? - correct answer -TTL
Using the Pre-Scale option increases the host size by how many times? - correct answer -4
What is the name of the GUI you can use to manage GPG? - correct answer -GNU Privacy Assistant
What encrypts the hash used in a digital signature? - correct answer -Sender's private key
True or False? Snort can read existing tcpdump PCAP files? - correct answer -True
QUESTIONS AND REVISED ANSWERS >> ALREADY
PASSED
What tcpdump flag displays hex, ASCII, and the Ethernet header? - correct answer --XX
What tcpdump flag allows us to turn off hostname and port resolution? - correct answer --nn
What TCP flag is the only one set when initiating a connection? - correct answer -SYN
Which tool from the aircrack-ng suite captures wireless frames? - correct answer -airodump-ng
To crack WPA, you must capture a valid WPA handshake? - correct answer -True
What is the keyspace associated with WEP IVs? - correct answer -2^
What user account is part of Windows Resource Protection? - correct answer -TrustedInstaller
What is the file system location where DLL files are stored? - correct answer -System32
What command is used to launch the graphical PowerShell ISE editor? - correct answer -
powershell_ise.exe
What keyboard do we look for in secedit.exe log files to find mismatches? - correct answer -Mismatch
,SEC401 Workbook, SANS 401 GSEC Exam SET
QUESTIONS AND REVISED ANSWERS >> ALREADY
PASSED
What command is used to open a text file in the PowerShell ISE editor? - correct answer -ise
What PowerShell commands show processes and services - correct answer -Get-Process and Get-
Service
What PowerShell command can export objects to a CSV text file? - correct answer -Export-Csv
What PowerShell command strips away properties we don't care about? - correct answer -Select-Object
What is the file used by John the Ripper to store cracked passwords? - correct answer -john.pot
What password cracking method uses GECOS information? - correct answer -Single
True or False: John the Ripper can crack any password within 2 days? - correct answer -False
What Cisco password type were we easily able to decode with Cain? - correct answer -Type-7
What is the name of the password database on Windows? - correct answer -SAM Database
What Windows hash type did we crack with Cain and Abel? - correct answer -NT or NTLM
What Nmap option enables you to write results in XML format? - correct answer --oX
Which Nmap scan type performs a Stealth Scan? - correct answer --sS
In what language are NSE scripts written? - correct answer -Lua
, SEC401 Workbook, SANS 401 GSEC Exam SET
QUESTIONS AND REVISED ANSWERS >> ALREADY
PASSED
What is the name of the tool we used to display text from the program? - correct answer -strings
What message did we get during the buffer overflow? - correct answer -Segmentation fault
What do we prepend to a program to ensure it runs from the current folder? - correct answer -./
What is the name of the function enabling this command injection bug? - correct answer -system
True or False? You need to use the | symbol to append on an additional command? - correct answer -
False
What command did you use to go to the restricted shell? - correct answer -rbash
Which hping3 option performs IP source address spoofing? - correct answer --a
True or False? hping3 can transfer files covertly? - correct answer -True
Using the "-t" flag with hping3, what can we set the value for? - correct answer -TTL
Using the Pre-Scale option increases the host size by how many times? - correct answer -4
What is the name of the GUI you can use to manage GPG? - correct answer -GNU Privacy Assistant
What encrypts the hash used in a digital signature? - correct answer -Sender's private key
True or False? Snort can read existing tcpdump PCAP files? - correct answer -True
