CST4530 Lab Test 1 - Lab test solutions PDF

Preview

Summary

Lab test solutions...

Description

Name:

Student Number: CST4530 Lab Test on Windows Security

True/False Question: If you think the statement is not right, explain and give the right statement 1. Windows architecture has two basic modes: user and system. True or False ? 2. Window systems use two identifiers, RID and SID, to keep track of user’s security rights. True or False ? 3. The RID code for the Administrator account is 500. True or False ? 4. You need to establish a Null session to use tools such as SID2USER,USER2SID, and DumpSec. True or False ? 5. Windows stores user information and passwords in the SAM database for both local and domain accounts. True or False ?

6. Active Directory keeps password information and privileges for domain users and groups. True or False ? 7. The best defense against SNMP enumeration is to block port 161 and disable SNMP if not used. True or False ? 8. The primary goal of system hacking is to authenticate to the remote host with the highest level of access. True or False ? Multiple Choice 1. What is the RID for the Guest account? a. 500 b. 501 c. 1000 d. 1001 2. What does the following command do? Net use \\target\ipc$ “ “ /u: ” “

a. b. c. d.

Displays information about the target Sets up a Null session Displays user account information Displays domain accounts

1

Name:

Student Number:

3. Which of the following tools can an attacker use to obtain a SID if he knows the account name? a. USER2SID b. SID2USER c. DumpSec d. Net view 4. Which of the following tools can an attacker use to obtain the account name if he knows the SID? a. USER2SID b. SID2USER c. DumpSec d. Net view 5. Which of the following commands provides the IP address of a specific system? a. net view /domain b. net view \\system_name c. ping computer_name d. ping –A IP address 6. Which of the following commands provides a list of domain groups? a. net view /domain b. net view \\system_name c. ping computer_name d. ping –A IP address 7. Which of the following commands provides the NetBIOS name of the computer? a. net view /domain b. net view \\system_name c. ping computer_name d. ping –A IP address Matching A. A data structure of variable length that identifies user, group, and computer accounts B. A part of the security identifier that identifies a user or group in relation to the authority of that user C. A database that stores information about objects in the domain D. A database that contains local users and groups information and their passwords E. A user mode process responsible for the local system security policy F. A tool that could be used to display account information and the SID by entering an IP address or NetBIOS name G. A built-in Windows command-line tool designed to troubleshoot NetBIOS name resolution problems ( ) Lsass ( ) GetAcct ( ) SID ( ) SAM ( ) RID ( ) Nbtstat ( ) Active Directory 2...