TestOut Ethical Hacker Pro Domain Review

.pdf

School

Sinclair Community College *

*We aren’t endorsed by this school

Course

2650

Subject

Information Systems

Date

Dec 6, 2023

Type

pdf

Pages

130

Uploaded by Raedwulf on coursehero.com

TestOut Ethical Hacker Pro Domain Review A.2.1 Pro Domain 1: Prepare QUESTION 1: Recently, the administrative assistant found a foreign device connected to the ITAdmin computer while updating some of their hardware. The device was turned over to you, and you have determined that it is a keylogger. You need to sift through the information on the keylogger to find which accounts may be compromised. In this lab, your task is to determine which corporate accounts have been compromised as follows: • Plug the keylogger into ITAdmin's USB port. • Use the keyboard combination of SBK to toggle the USB keylogger from keylogger mode to USB flash drive mode. • Open the LOG.txt file and inspect the contents. • Scan the document for corporate passwords or financial information. • Answer the questions. Your Performance Your Score: 3 of 3 (100%) Pass Status:

Pass Elapsed Time: 6 minutes 18 seconds Required Score: 100% Task Summary Lab Questions Plug the keylogger into ITAdmin Q1 Which of the following accounts were breached? Q2 What credit card number was captured by the keylogger? Explanation In this lab, your task is to determine which corporate accounts have been compromised: • Plug the keylogger into ITAdmin's USB port. • Use the keyboard combination of SBK to toggle the USB keylogger from keylogger mode to USB flash drive mode. • Open the LOG.txt file and inspect the contents. • Scan the document for corporate passwords or financial information. • Answer the questions. Complete this lab as follows: 1. On the Shelf, expand Storage Devices . 2. From the shelf, drag the USB Keylogger to a USB port on ITAdmin. 3. On the monitor, select Click to view Windows 10 . 4. Press S + B + K to toggle from the keylogger mode to the flash drive mode. 5. Select Tap to choose what happens with removable drives . 6. Select Open folder to view files . 7. Double-click LOG.txt to open the file. 8. Maximize the window for easier viewing. 9. In the top right, select Answer Questions . 10. In the file, find which account passwords were captured. 11. In the file, find any compromised financial information. 12. Select Score Lab . Lab Questions: 1. Which of the following accounts were breached? a. Amazon.com b. Email.com 2. What credit card number did the keylogger capture? a. 4556358591800117

QUESTION 2: The CEO of CorpNet.xyz has hired your firm to obtain some passwords for their company. A senior IT network administrator, Oliver Lennon, is suspected of wrongdoing and suspects he is going to be fired from the company. The problem is that he changed many of the standard passwords known to only the top executives, and now he is the only one that knows them. Your company has completed the legal documents needed to protect you and the company. With the help of a CorpNet.xyz executive, you were allowed into the IT Admin's office after hours. You unplugged the keyboard from the back of the ITAdmin computer and placed a USB keylogger into the USB, then plugged the USB keyboard into the keylogger. After a week, the company executive lets you back into the IT Admin's office after hours again. In this lab, your task is to use the keylogger to recover the changed passwords as follows: • Move the keyboard USB connector to a different USB port on ITAdmin. • Remove the keylogger from ITAdmin. • Move the consultant laptop from the Shelf to the Workspace. • Plug the keylogger into the consultant laptop's USB drive. • Use the SBK key combination to toggle the USB keylogger from keylogger mode to USB flash drive mode. • Open the LOG.txt file and inspect the contents. • Find the olennon account's password. • Find the Administrator account's password. • Answer the questions. Your Performance Your Score: 4 of 4 (100%)

Pass Status: Pass Elapsed Time: 4 minutes 16 seconds Required Score: 100% Task Summary Required Actions & Questions Plug the keyboard into the Administrator's machine Plug the keylogger into the consultant's laptop Q1 What is the olennon user's password? Q2 What is the Administrator password? Explanation In this lab, your task is to use the keylogger to recover the changed passwords as follows: • Move the keyboard USB connector to a different USB port on ITAdmin. • Remove the keylogger from ITAdmin. • Move the consultant laptop from the Shelf to the Workspace. • Plug the keylogger into the consultant laptop's USB drive. • Use the SBK key combination to toggle the USB keylogger from keylogger mode to USB flash drive mode. • Open the LOG.txt file and inspect the contents. • Find the olennon account's password. • Find the Administrator account's password. • Answer the questions. Complete this lab as follows: 1. Above the computer, select Back to view the back of the computer. 2. On the back of the computer, drag the USB Type A connector for the keyboard to another USB port on the computer. 3. On the Shelf, expand System Cases . 4. Drag the Laptop to the Workspace. 5. Above the laptop, select Back to view the back of the laptop. 6. From the computer, drag the keylogger to a USB port on the laptop. 7. Above the laptop, select Front to view the front of the laptop. 8. On the laptop, select Click to view Windows 10 . 9. Press S + B + K to toggle from the keylogger mode to the flash drive mode. 10. Select Tap to choose what happens with removable drives . 11. Select Open folder to view files . 12. Double-click LOG.txt to open the file. 13. In the top right, select Answer Questions . 14. Answer the questions. 15. Select Score Lab .

Lab Questions: 1. What was the olennon user’s password? a. P@ssw0rd 2. What is the Administrator password? a. 4Lm87Qde QUESTION 3: You work for a penetration testing consulting company. Your manager has asked you to begin gathering information about www.corpnet.xyz. In this lab, your task is to perform reconnaissance on www.corpnet.xyz and to find potentially vulnerable ports on the servers in the CorpNet networks as follows: • On Consult-Lap, use the Whois.org site to determine the domain name servers used by www.corpnet.xyz. • On Consult-Lap, use nslookup hostname nameserver to determine the primary web server address. • On Consult-Lap2, use Zenmap to perform an nmap search for open ports for the 198.28.1.0/24 network. • Answer the questions. Your Performance Your Score: 6 of 6 (100%) Pass Status: Pass Elapsed Time: 9 minutes 40 seconds Required Score: 100%

Task Summary Required Actions & Questions Used WhoIs.org to discover name servers Q1 Which of the following Name Servers are being used by CorpNet.xyz? Used nslookup to discover www.corpnet.xyz IP address Q2 What is the IP address for CorpNet.xyz? Used nmap to discover open ports for ftp and telnet Q3 Which of the following servers use the potentially vulnerable ftp and telnet ports? Explanation In this lab, your task is to perform reconnaissance on www.corpnet.xyz and to find potentially vulnerable ports on the servers in the CorpNet networks as follows: • On Consult-Lap, use the Whois.org site to determine the domain name servers used by www.corpnet.xyz. • On Consult-Lap, use nslookup to determine the primary web server address. • On Consult-Lap2, use Zenmap to perform an nmap search for open ports for the 198.28.1.0/24 network. • Answer the questions. Complete this lab as follows: 1. Find the name servers used by www.corpnet.xyz as follows: a. From the taskbar, open Chrome. b. In the URL field, type whois.org and press Enter . c. In the Search for a domain name filed, enter www.corpnet.xyz . d. Select Search . e. In the top right, select Answer Questions . f. Answer question 1. 2. Find the IP address used by www.corpnet.xyz as follows: a. Right-click Start and select Windows PowerShell (Admin) . b. At the prompt, type nslookup www.corpnet.xyz ns1.nethost.net and press Enter . c. Answer question 2. d. Minimize the question dialog. 3. Use Zenmap to run an nmap command to scan for open ports as follows: a. From the navigation tabs, select Buildings . b. Under Red Cell, select Consult-Lap2 . c. From the Favorites bar, open Zenmap. d. Maximize Zenmap for easier viewing. e. In the Command field type nmap -p- 198.28.1.0/24 . f. Select Scan to scan for open ports on all servers located on this network. g. In the top right, select Answer Questions . h. Answer question 3. i. Select Score Lab .

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help