312-50v12 Practice Test

web-Stat

Explanation: Increase your web site’s performance and grow! Add Web-Stat to your site
(it’s free!) and watch individuals act together with your pages in real time.
Learn how individuals realize your web site. Get details concerning every visitor’s path
through your web site and track pages that flip browsers into consumers.
One-click install. observe locations, in operation systems, browsers and screen sizes and
obtain alerts for new guests and conversions

L0phtcrack

John the Ripper

arp ping scan

Explanation:
One of the most common Nmap usage scenarios is scanning an Ethernet LAN. Most LANs,
especially those that use the private address range granted by RFC 1918, do not always
use the overwhelming majority of IP addresses. When Nmap attempts to send a raw IP
packet, such as an ICMP echo request, the OS must determine a destination hardware
(ARP) address, such as the target IP, so that the Ethernet frame can be properly
addressed. .. This is required to issue a series of ARP requests. This is best illustrated by
an example where a ping scan is attempted against an Area Ethernet host. The –send-ip
option tells Nmap to send IP-level packets (rather than raw Ethernet), even on area
networks. The Wireshark output of the three ARP requests and their timing have been
pasted into the session.
Raw IP ping scan example for offline targetsThis example took quite a couple of seconds to
finish because the (Linux) OS sent three ARP requests at 1 second intervals before
abandoning the host. Waiting for a few seconds is excessive, as long as the ARP response
usually arrives within a few milliseconds. Reducing this timeout period is not a priority for
OS vendors, as the overwhelming majority of packets are sent to the host that actually
exists. Nmap, on the other hand, needs to send packets to 16 million IP s given a target
like 10.0.0.0/8. Many targets are pinged in parallel, but waiting 2 seconds each is very
delayed.
There is another problem with raw IP ping scans on the LAN. If the destination host turns
out to be unresponsive, as in the previous example, the source host usually adds an
incomplete entry for that destination IP to the kernel ARP table. ARP tablespaces are finite
and some operating systems become unresponsive when full. If Nmap is used in rawIP
mode (–send-ip), Nmap may have to wait a few minutes for the ARP cache entry to expire
before continuing host discovery.
ARP scans solve both problems by giving Nmap the highest priority. Nmap issues raw ARP
requests and handles retransmissions and timeout periods in its sole discretion. The
system ARP cache is bypassed. The example shows the difference. This ARP scan takes
just over a tenth of the time it takes for an equivalent IP.
In example b, neither the -PR option nor the -send-eth option has any effect. This is often
because ARP has a default scan type on the Area Ethernet network when scanning
Ethernet hosts that Nmap discovers. This includes traditional wired Ethernet as 802.11
wireless networks. As mentioned above, ARP scanning is not only more efficient, but also
more accurate. Hosts frequently block IP-based ping packets, but usually cannot block
ARP requests or responses and communicate over the network.Nmap uses ARP instead of
all targets on equivalent targets, even if different ping types (such as -PE and -PS) are
specified. LAN.. If you do not need to attempt an ARP scan at all, specify –send-ip as
shown in Example a “Raw IP Ping Scan for Offline Targets”.
If you give Nmap control to send raw Ethernet frames, Nmap can also adjust the source
MAC address. If you have the only PowerBook in your security conference room and a
large ARP scan is initiated from an Apple-registered MAC address, your head may turn to
you. Use the –spoof-mac option to spoof the MAC address as described in the MAC
Address Spoofing section.

False

Weaponization

Explanation: Weaponization
The adversary analyzes the data collected in the previous stage to identify the
vulnerabilities and techniques that can exploit and gain unauthorized access to the
target organization. Based on the vulnerabilities identified during analysis, the
adversary
selects or creates a tailored deliverable malicious payload (remote-access malware
weapon) using an exploit and a backdoor to send it to the victim. An adversary may
target specific network devices, operating systems, endpoint devices, or even
individuals within the organization to carry out their attack. For example, the
adversary
may send a phishing email to an employee of the target organization, which may
include a malicious attachment such as a virus or worm that, when downloaded,
installs a backdoor on the system that allows remote access to the adversary. The
following are the activities of the adversary: o Identifying appropriate malware
payload based on the analysis o Creating a new malware payload or selecting,
reusing, modifying the available malware payloads based on the identified
vulnerability
o Creating a phishing email campaign o Leveraging exploit kits and botnets
https://en.wikipedia.org/wiki/Kill_chain
The Cyber Kill Chain consists of 7 steps: Reconnaissance, weaponization, delivery,
exploitation, installation, command and control, and finally, actions on objectives. Below
you can find detailed information on each.
1. Reconnaissance: In this step, the attacker/intruder chooses their target. Then they
conduct in-depth research on this target to identify its vulnerabilities that can be exploited.
2. Weaponization: In this step, the intruder creates a malware weapon like a virus, worm,
or such to exploit the target's vulnerabilities. Depending on the target and the purpose of
the attacker, this malware can exploit new, undetected vulnerabilities (also known as the
zero-day exploits) or focus on a combination of different vulnerabilities.
3. Delivery: This step involves transmitting the weapon to the target. The intruder/attacker
can employ different USB drives, e-mail attachments, and websites for this purpose.
4. Exploitation: In this step, the malware starts the action. The program code of the
malware is triggered to exploit the target’s vulnerability/vulnerabilities.
5. Installation: In this step, the malware installs an access point for the intruder/attacker.
This access point is also known as the backdoor.
6. Command and Control: The malware gives the intruder/attacker access to the
network/system.
7. Actions on Objective: Once the attacker/intruder gains persistent access, they finally
take action to fulfill their purposes, such as encryption for ransom, data exfiltration, or even
data destruction.