Professional Documents
Culture Documents
htm
KRUNAL BARUWALA
AFCEH EXAM KIT
How can you perform DNS poisoning?
DNS Zone transfer
Why do you think the Trace route tool was originally developed
To pinpoint the the exact position in the network where there was a problem
What does a data packet with the RST flag turned ON represent?
Want to reset connection
IF you create a data packet with an infinite TTL value and send it to your friend’s
computer. What will happen to the packet?
The data packet will reach the target computer
Imagine the scenario where you send a Fin data packet to a particular port on the
target system. If the target system sends back an error message, what does it
mean?
Which error message does the ICMP data packet with type = 3 and code = 8
represent?
Source host isolated
If you ping a particular IP address on thr internet multiple times, will the TTL
values displayed in the output always remain the same
No
http://www.hpsupport.in/afceh.htm 1/22
10/21/2010 www.hpsupport.in/afceh.htm
On google search you type the search string “Failure”. Ten you press the button
“I’m feeling lucky” you land on the page of the “Biography of president George W.
bush” what does it mean?
The search string has placed the page on the top of the search list
You have Norton antivirus installed on your system. You scanned a trojan file and
after altering the signature found that it is not being detected by Norton Now you
send it to the victim where where it was caught by the antivirus what could be the
possible explaination
The victim is using the some other antivirus
http://www.hpsupport.in/afceh.htm 2/22
10/21/2010 www.hpsupport.in/afceh.htm
How many ports are open on the website www.hacking mobiles.com between port
1 and 200?
3-5 ports
Usually when you port scan your home computer, oyu will find that some part are
open ? why?
The application running on your system are using there open ports
While trying to change the signature of a Trojan you ended increasing few bytes in
the hex file. What will be the result?
The Trojan file will crash altogether
If you create a data packet with a TTL value of 1 and send it to your friend’s
computer what will happen to the data packet
There will be an error message and the data packet will be discarded
What Is the advantage of using ping sweeping as compared to the regular ping
utility?
Ping sweeping is faster and can be used to a large number of systems
http://www.hpsupport.in/afceh.htm 3/22
10/21/2010 www.hpsupport.in/afceh.htm
In what step or command of email forging do you need to include any file
attachments?
DATA
What is the exact street address (physical address) of the system 203.94.11.12? you
should use web based tools to answer this question
Cant say
Using Information Gathering techniques determine the wed hosting company of the
DBS Bank of Singapore website(www.dbs.com.sg)
Pacific Net
http://www.hpsupport.in/afceh.htm 4/22
10/21/2010 www.hpsupport.in/afceh.htm
Why do you think array bound checking on input is an important aspect of secure
programming?
Protects against integer overflows
If the intial sequence number of a system is 1000, what will it become after 10 FIN
Packets, 10 SYN Packets, 10 SYN/ACK Packets, 10FIN/ACK Packets, 10 Second
and 1234 ack Packets?
129040
What do you need to do to ensure that an Antivirus tool does not detectect the
presence of a trojan on the victim’s computer
Modify the signature of the Trojan to avoid detection
Imagine that all Instant messenger traffic has been blocked on your office or
college network. How can you access your Instant messanger and chat with your
colleagues?
www.meebos.com
which operating system has a TTL value of 128, DF set to YES, TOS = 0 and a
window size of 7000?
http://www.hpsupport.in/afceh.htm 5/22
10/21/2010 www.hpsupport.in/afceh.htm
Windows NT
Which social enginnering thecique is most likely to work against a senior male
executive working in a bank?
Smooth talking
Data is alwys broken down into smaller fragments at the sender’s end. What will
happen if you send the first fragment and third fragment o the some data target
system without sending the second fragment
ICMP fragment reassembly time exxeced error message
The tcp connect port scan is often reffered to as the most reliable technique of port
scanning why?
It cannot be blocked without affecting normal traffic
http://www.hpsupport.in/afceh.htm 6/22
10/21/2010 www.hpsupport.in/afceh.htm
What are the steps followed by a system A when it wants to establish a new
connection with a remote computer B?
A sends SYS packet to B. B sends back SYN/ACK. A replies with ack
Can you name a major vulnerability that exist on the website http://www.iscr.org?
SQL injection
http://www.hpsupport.in/afceh.htm 7/22
10/21/2010 www.hpsupport.in/afceh.htm
What would recommend to somebody who want to protect their identity on the
internet ?
User a proxy server
Try to use a Russian proxy server
Try to perform proxy bouncing
Try to keep changing the proxy server oyou using
If oyu port scan oyour own computer and detect port 456 as open, what does it
mean?
Any modified Trojan could be installed on oyur computer
Why are dial up net connection usually consider to be more secure then broad
nband net connection
Most dial up connection provide a dynamic ip address
3‐the name of the cource participant who hold the input rank is display as output
4‐program exits.
http://www.hpsupport.in/afceh.htm 8/22
10/21/2010 www.hpsupport.in/afceh.htm
=yes
=pretend to be in trouble
=port 21
which os has a TTL value of 128, DF set to yes, tos=0 and a windows size of 20000?
=win NT
the initial sequence no. of a sys is 12345689. what will it become after 127 secound 1000 connection
and 1 reboot?
=12345689
http://www.hpsupport.in/afceh.htm 9/22
10/21/2010 www.hpsupport.in/afceh.htm
=1‐it is a new attack technique and does not have any countermasure.
2‐it use a very large nu of attacker and generat a hifh amount of traffic.
When you try to use a web based proxy server like www.anonymizer.com to log into your hotmail email accont
then how come you are able to log in?
=SQL injection
in the os fingerprinting technique of using ping and tracerout, what is the mathametical calculation that
one needs to perform?
=b85991f378b78df6b 1eoff82da56f572
=finger
what is the differnce between a shadowed password meance file and an unshadowed password file?
Assume that sys X sends a NACK data packet to system Y.what does the packet meanc?
=TFTP
http://www.hpsupport.in/afceh.htm 11/22
10/21/2010 www.hpsupport.in/afceh.htm
=SGVsbG8gQW5raXQ
imagine u want t connect to port 25 of the target computer. However,there is a firwall which blockes u
connection request port 25 & allow u to connect to only port80,port21. what will u do? How can u acces
port 25 of the target computer?
1. Assume that there are three systems Attacker,target and spoof imagine that the Attacker is performing ip
spoofing on the system target by spoofing his ip address to spoof. What would happen if the system spoof
is not Dos attacked?
spoof will send back a NACK or error message and prevent the successful execution o ip spoofing.
*it allow the application to store the return address of the program contoler flow.
3. you discover that your system has a modife version of the prosiak Trojan installed on it. Which is the first
countermesure you will take?
http://www.hpsupport.in/afceh.htm 12/22
10/21/2010 www.hpsupport.in/afceh.htm
3.usually when u port scan ur home pc ,u will find that some port are open why?
4.imagine u r a terrorist. U wish to secure and securely trancfer a file frome ur system in India to ur colleague
system in Indonesia. Describe sn innovative secure transmission technique that u will use. U may combine
more than one single technique as well.
steganography
the user
6. which operating system has a ttl value of 128, df set to yes, tos = 0 and a window size of 7000?
windows NT
steganografy.
8. tf the dimain name of a system is www.domain.hu then what do you know about its location ? where is it
located?
cant say
9.if you want creat avirus that spreads by infecting user that visit your website, which programming language
should you use.
http://www.hpsupport.in/afceh.htm 13/22
10/21/2010 www.hpsupport.in/afceh.htm
scripting languages.
10. describe the best technic to bypass the windows screensaver password BFFORF the screensaver has been
loded displayed on the screen.
DES
3. Which of the following attacks will pass through a network layer intrusion detection system
undetected?
A test‐cgi‐attack
Implementation
5. What is the art of using mathematics or logical algorithms to carry out encryption and decryption of data
called?
Cryptography
http://www.hpsupport.in/afceh.htm 14/22
10/21/2010 www.hpsupport.in/afceh.htm
8. if you want to track changes to files on Linux based file server, which one of the following should be
used?
9. The external gateway interface of an IDS system is receiving a large number of ICMP Echo Reply packets
which are not responses from the internal host’s requests. What could be the most likely cause?
10. which of these operates can be used to locate files of a specifies type using Google?
A and C
11. which is the fastest and easiest technique to bring down a network?
dDOS attacks
Message digests
Key Scamblers
14. Where does the shadowed group password information get stored on Linux system?
/etc/gshadow file
15. What will be the decrypted password if the encrypted screen saver password is 09 2f 35 22 53?
AFCEH
http://www.hpsupport.in/afceh.htm 15/22
10/21/2010 www.hpsupport.in/afceh.htm
One
Y3J5cHRvenp5==
18. Which technique allows you to decipher encrypted data without knowing the keys?
Cryptanalaysis
19. Name a tool that is commonly used to implement the AES algorithm.
SHA‐1
option 1,2and 3
Name a tool that automatically encrypts or decrypts data (without any user intervetion)
True crypt
In which of the following ways, can google be used to provide anonymity while surfing?
a)using google’s cached pages
http://www.hpsupport.in/afceh.htm 16/22
10/21/2010 www.hpsupport.in/afceh.htm
what does the ‘inanchor:’ operator search for when used in a google search?
Search for text in link anchors
Which query would allow you to search for files of types PDF that have gov in the URL
Filetype:pdf Inurl:gov
With the help of google carry out of the following calculation and select the correct answer(or the one
closest in value in cae of doubts)
http://www.hpsupport.in/afceh.htm 17/22
10/21/2010 www.hpsupport.in/afceh.htm
1 If port 110 of the target computer is open, what do you know about the type of daemon running on it.
it is SMTP daemon.
kill president
3. which is the first technique that you would try when you wish to find out the victim’s email accoount
password?
Password Guessing
4.if port 79 of the target computer is open, does it always mean that it has a Fingar daemon Running?
NO
port Scanner
proxy server
8. why is all communication carried out using MSN Messengar not Safe?
Namp
Bomb parliament
door123
13.why Should you carefully destroy your Monthly mobile phone bill or telephone bill?
identity Theft
14. which out the following is most likely to be vulnerable to SQL Injection Attacks?
A shopping Cart.
15. which tool would you use to trace the sender of an email?
visual route.
16.if port 25 of the target computer is open, What do you know about the type of daemon running on it?
can’t say.
17.if port 79 of the target computer is open, What do you know about the type of daemon running on it?
cant’s say.
19. which of the following places are likely to have any avidence against the attacker?
20.tf port 8o the target computer is open, what do you know about the type of daemon running on it?
cant’s say
Hello World
22. which tool would you use to diagnose a network error?
ping
http://www.hpsupport.in/afceh.htm 19/22
10/21/2010 www.hpsupport.in/afceh.htm
3446666666
24. what would permanently solve the problem of distribute Dos attacks?
27. The TCPDUMP tool is a great of a tool that allows you to do what ?
Sniffing of data
28. Why is it advisable to never use a public to bank or shop online?
Sniffing
29. The NEOTRACE tool is a great example of a tool that allows you to do what?
30. The SUB7 tool is great example of a tool that allows you to do what?
Trojan Attacks.
Dhoom
32. Why does Microsoft windows crash whenever you try to create a “con” file?
33. Which tool would you use to port scan the target computer?
Nmap
http://www.hpsupport.in/afceh.htm 20/22
10/21/2010 www.hpsupport.in/afceh.htm
34. What is black ICE an example of ?
Firewall
35. which port would you connect to in order to download your emails manually?
port110
36. What is preventing you from being able to successfully send forged emails from smtp-roam.stanford.edu?
37. Why should your password be a combination of alphabets, numbers and special characters?
38. Which of the following places are NOT likely to have any evidence against the attacker?
Solitaire
39. Why should you not give your bank account password eveeive a phone call from a bank employee?
Social Engineering
40. What is the correct sequence of commands when you are sending a forged email?
yes
DoOR123
43. The SNOW tool is a great example of a tool that allows you to do what?
Embedding
44. What kind of data hiding or encryption or embedding technique has been used in the following text:
Text steganography
45. Why do most banks ask customers to not reveal their bank account passwords to even employees from the
http://www.hpsupport.in/afceh.htm 21/22
10/21/2010 www.hpsupport.in/afceh.htm
bank?
46. While performing computer forensics, what would happen if you took a backup of a hard disk instead of
making an image copy?
Doesn’t Matter
48. If Port 21 of the target computer is open, does it always mean that it has a FTP daemon running?
NO.
http://www.hpsupport.in/afceh.htm 22/22