Scribd
Upload
113 views2 pages

Module Anxnsn

The document describes a series of tasks involving analyzing files and network traffic to identify protocols, credentials, packet details, and other information as part of security assessments and investigations.

Uploaded by

Google Tech
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
113 views2 pages

Module Anxnsn

The document describes a series of tasks involving analyzing files and network traffic to identify protocols, credentials, packet details, and other information as part of security assessments and investigations.

Uploaded by

Google Tech
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

You are assigned a task to crack the NTLM password hashes captured by the internal security team.

The
password hash has been stored in the Documents folder of the Parrot Security console machine. What is the
password of user James?

qwerty-(Correct Attempt)

You are assigned a task to crack the NTLM password hashes captured by the internal security team. The
password hash has been stored in the Documents folder of the Parrot Security console machine. What is the
password of user Jones?

12345678-(Correct Attempt)

CEHORG has assigned you with analysing the snapshot of the operating system registry and perform the
further steps as part of dynamic analysis and find out the whether the driver packages registry is changed.
Give your response as Yes/No.

Yes-(Correct Attempt)

CEHORG suspects a possible sniffing attack on a machine in its network. The organization has retained the
network traffic data for the session and stored it in the Documents folder in EH Workstation – 2 (Windows 11)
machine as sniffsession.pcap. You have been assigned a task to analyze and find out the protocol used for
sniffing on its network.

ARP-(Correct Attempt)

As an ethical hacker, you are tasked to analyze the traffic capture file webtraffic.pcapng. Find out the packet's
id that uses ICMP protocol to communicate. Note: The webtraffic.pcapng file is located at C:\Users\
Administrator\Documents\ in the Documents folder on EH Workstation – 2 (Windows 11) machine.

0xfc83-(Correct Attempt)

CEHORG has found that one of its web application movies.cehorg.com running on its network is leaking
credentials in plain text. You have been assigned a task of analysing the movies.pcap file and find out the
leaked credentials. Note: The movies.pcapng file is located at C:\Users\Administrator\Documents\ in the
Documents folder on EH Workstation – 2 (Windows 11) machine. Make a note of the credentials obtained in
this flag, it will be used in the Part 4 of CEH Skill Check.

Jason/welcome-(Correct Attempt)

An attacker has created a custom UDP packet and sent it to one of the machines in the CEHORG. You have
been given a task to study the ""CustomUDP.pcapng"" file and find the data size of the UDP packet (in
bytes). Note: The CustomUDP.pcapng file is located at C:\Users\Administrator\Documents\ in the Documents
folder on EH Workstation – 2 (Windows 11) machine

.600-(Correct Attempt)

A denial-of-service attack has been launched on a target machine in the CEHORG network. A network
session file "DoS.pcapng" has been captured and stored in the Documents folder of the EH Workstation - 2
machine. Find the IP address of the attacker's machine.

192.168.0.51-(Correct Attempt)

CEHORG hosts a datacenter for its bussiness clients. While analyzing the network traffic it was observed that
there was a huge surge of incoming traffic from multiple sources. You are given a task to analyze and study
the DDoS.pcap file. The captured network session (DDoS.pcapng) is stored in the Documents folder of the
EH Workstation -2 machine. Determine the number of machines that were used to initiate the attack.

3-(Correct Attempt)

Analyze an ELF executable (Sample-ELF) file placed at C:\Users\Admin\Documents in the EH Workstation –


2 machines to determine the CPU Architecture it was built for.

AARCH64-(Correct Attempt)

An employee in your organization is suspected of sending important information to an accomplice outside the
organization. The incident response team has intercepted some files from the employee's system that they
believe have hidden information. You are asked to investigate a file named Confidential.txt and extract
hidden information. Find out the information hidden in the file. Note: The Confidential.txt file is located at C:\
Users\Admin\Documents in EH Workstation – 2 machine.

James/Hopkins13456-(Correct Attempt)

The incident response team has intercepted an image file from a communication that is supposed to have
just text. You are asked to investigate the file and check if it contains any hidden information. Find out the
information hidden in the file. Note: The vacation.bmp file is located at C:\Users\Admin\Documents in EH
Workstation – 2 machine.

USD1234567-(Correct Attempt)

6 incorrect

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy