Which of the following NIST incident category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit?
Jason works as a System Administrator for www.company.com Inc. The company has a Windows
based network. Sam, an employee of the company, accidentally changes some of the applications and
system settings. He complains to Jason that his system is not working properly. To troubleshoot the
problem, Jason diagnoses the internals of his computer and observes that some changes have been
made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the
following utilities can Jason use to accomplish the task? Each correct answer represents a complete
solution. Choose all that apply.
To restore the registry on a Windows-based network, a system administrator can utilize several utilities.TheReg.exeutility is a command-line tool that allows for manipulation of the Windows registry from the command prompt, including the ability to restore it1Regedit.exeis another utility that provides a graphical interface for users to view and modify the registry2. Both these tools are capable of restoring the registry to a previous state if changes have been made that affect system performance or stability.
Cindy is the network security administrator for her company. She just got back from a security
conference in Las Vegas where they talked about all kinds of old and new security threats; many of
which she did not know of. She is worried about the current security state of her company's network so
she decides to start scanning the network from an external IP address. To see how some of the hosts on
her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK
response. Before the connection is established, she sends RST packets to those hosts to stop the session.
She has done this to see how her intrusion detection system will log the traffic. What type of scan is
Cindy attempting here?
An attacker has access to password hashes of a Windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?
Xenon is a leading real estate firm located in Australi
a. Recently, the company had decided a bid
amount for a prestigious construction project and was sure of being awarded the project. Unfortunately,
the company lost the tender to one of its competitors. A few days later, while performing a network
scan, the network admin identified that somebody had captured the confidential e-mails conversions
related to the tender. Upon further investigation, the admin discovered that one of the switch ports was
left open and an employee had plugged into the network using an Ethernet cable.
Which attack did the employee perform in the above situation?