TestOut Ethical Hacker Pro Domain Review
.pdf
keyboard_arrow_up
School
Sinclair Community College *
*We aren’t endorsed by this school
Course
2650
Subject
Information Systems
Date
Dec 6, 2023
Type
Pages
130
Uploaded by Raedwulf on coursehero.com
TestOut Ethical Hacker Pro
Domain Review
A.2.1 Pro Domain 1: Prepare
QUESTION 1:
Recently, the administrative assistant found a foreign device
connected to the ITAdmin computer while updating some of their
hardware. The device was turned over to you, and you have
determined that it is a keylogger. You need to sift through the
information on the keylogger to find which accounts may be
compromised.
In this lab, your task is to determine which corporate accounts have
been compromised as follows:
•
Plug the keylogger into ITAdmin's USB port.
•
Use the keyboard combination of SBK to toggle the USB
keylogger from keylogger mode to USB flash drive mode.
•
Open the LOG.txt file and inspect the contents.
•
Scan the document for corporate passwords or financial
information.
•
Answer the questions.
Your Performance
Your Score: 3 of 3 (100%)
Pass Status:
Pass
Elapsed Time: 6 minutes 18 seconds
Required Score: 100%
Task Summary
Lab Questions
Plug the keylogger into ITAdmin
Q1
Which of the following accounts were breached?
Q2
What credit card number was captured by the keylogger?
Explanation
In this lab, your task is to determine which corporate accounts have been compromised:
•
Plug the keylogger into ITAdmin's USB port.
•
Use the keyboard combination of SBK to toggle the USB keylogger from keylogger mode
to USB flash drive mode.
•
Open the LOG.txt file and inspect the contents.
•
Scan the document for corporate passwords or financial information.
•
Answer the questions.
Complete this lab as follows:
1.
On the Shelf, expand
Storage Devices
.
2.
From the shelf, drag the
USB Keylogger
to a USB port on ITAdmin.
3.
On the monitor, select
Click to view Windows 10
.
4.
Press
S + B + K
to toggle from the keylogger mode to the flash drive mode.
5.
Select
Tap to choose what happens with removable drives
.
6.
Select
Open folder to view files
.
7.
Double-click
LOG.txt
to open the file.
8.
Maximize the window for easier viewing.
9.
In the top right, select
Answer Questions
.
10.
In the file, find which account passwords were captured.
11.
In the file, find any compromised financial information.
12.
Select
Score Lab
.
Lab Questions:
1.
Which of the following accounts were breached?
a.
Amazon.com
b.
Email.com
2.
What credit card number did the keylogger capture?
a.
4556358591800117
QUESTION 2:
The CEO of CorpNet.xyz has hired your firm to obtain some
passwords for their company. A senior IT network administrator, Oliver
Lennon, is suspected of wrongdoing and suspects he is going to be
fired from the company. The problem is that he changed many of the
standard passwords known to only the top executives, and now he is
the only one that knows them. Your company has completed the legal
documents needed to protect you and the company.
With the help of a CorpNet.xyz executive, you were allowed into the IT
Admin's office after hours. You unplugged the keyboard from the back
of the ITAdmin computer and placed a USB keylogger into the USB,
then plugged the USB keyboard into the keylogger. After a week, the
company executive lets you back into the IT Admin's office after hours
again.
In this lab, your task is to use the keylogger to recover the changed
passwords as follows:
•
Move the keyboard USB connector to a different USB port on
ITAdmin.
•
Remove the keylogger from ITAdmin.
•
Move the consultant laptop from the Shelf to the Workspace.
•
Plug the keylogger into the consultant laptop's USB drive.
•
Use the SBK key combination to toggle the USB keylogger from
keylogger mode to USB flash drive mode.
•
Open the LOG.txt file and inspect the contents.
•
Find the olennon account's password.
•
Find the Administrator account's password.
•
Answer the questions.
Your Performance
Your Score: 4 of 4 (100%)
Pass Status:
Pass
Elapsed Time: 4 minutes 16 seconds
Required Score: 100%
Task Summary
Required Actions & Questions
Plug the keyboard into the Administrator's machine
Plug the keylogger into the consultant's laptop
Q1
What is the olennon user's password?
Q2
What is the Administrator password?
Explanation
In this lab, your task is to use the keylogger to recover the changed passwords as follows:
•
Move the keyboard USB connector to a different USB port on ITAdmin.
•
Remove the keylogger from ITAdmin.
•
Move the consultant laptop from the Shelf to the Workspace.
•
Plug the keylogger into the consultant laptop's USB drive.
•
Use the SBK key combination to toggle the USB keylogger from keylogger mode to USB
flash drive mode.
•
Open the LOG.txt file and inspect the contents.
•
Find the olennon account's password.
•
Find the Administrator account's password.
•
Answer the questions.
Complete this lab as follows:
1.
Above the computer, select
Back
to view the back of the computer.
2.
On the back of the computer, drag the
USB Type A connector
for the keyboard to
another USB port on the computer.
3.
On the Shelf, expand
System Cases
.
4.
Drag the
Laptop
to the Workspace.
5.
Above the laptop, select
Back
to view the back of the laptop.
6.
From the computer, drag the
keylogger
to a
USB port
on the laptop.
7.
Above the laptop, select
Front
to view the front of the laptop.
8.
On the laptop, select
Click to view Windows 10
.
9.
Press
S + B + K
to toggle from the keylogger mode to the flash drive mode.
10.
Select
Tap to choose what happens with removable drives
.
11.
Select
Open folder to view files
.
12.
Double-click
LOG.txt
to open the file.
13.
In the top right, select
Answer Questions
.
14.
Answer the questions.
15.
Select
Score Lab
.
Lab Questions:
1.
What was the olennon user’s password?
a.
P@ssw0rd
2.
What is the Administrator password?
a.
4Lm87Qde
QUESTION 3:
You work for a penetration testing consulting company. Your manager
has asked you to begin gathering information about www.corpnet.xyz.
In this lab, your task is to perform reconnaissance on
www.corpnet.xyz and to find potentially vulnerable ports on the
servers in the CorpNet networks as follows:
•
On Consult-Lap, use the Whois.org site to determine the domain
name servers used by www.corpnet.xyz.
•
On Consult-Lap, use
nslookup
hostname nameserver
to
determine the primary web server address.
•
On Consult-Lap2, use Zenmap to perform an nmap search for
open ports for the 198.28.1.0/24 network.
•
Answer the questions.
Your Performance
Your Score: 6 of 6 (100%)
Pass Status:
Pass
Elapsed Time: 9 minutes 40 seconds
Required Score: 100%
Task Summary
Required Actions & Questions
Used WhoIs.org to discover name servers
Q1
Which of the following Name Servers are being used by CorpNet.xyz?
Used nslookup to discover www.corpnet.xyz IP address
Q2
What is the IP address for CorpNet.xyz?
Used nmap to discover open ports for ftp and telnet
Q3
Which of the following servers use the potentially vulnerable ftp and telnet ports?
Explanation
In this lab, your task is to perform reconnaissance on www.corpnet.xyz and to find potentially
vulnerable ports on the servers in the CorpNet networks as follows:
•
On Consult-Lap, use the Whois.org site to determine the domain name servers used by
www.corpnet.xyz.
•
On Consult-Lap, use
nslookup
to determine the primary web server address.
•
On Consult-Lap2, use Zenmap to perform an nmap search for open ports for the
198.28.1.0/24 network.
•
Answer the questions.
Complete this lab as follows:
1.
Find the name servers used by www.corpnet.xyz as follows:
a.
From the taskbar, open Chrome.
b.
In the URL field, type
whois.org
and press
Enter
.
c.
In the Search for a domain name filed, enter
www.corpnet.xyz
.
d.
Select
Search
.
e.
In the top right, select
Answer Questions
.
f.
Answer question 1.
2.
Find the IP address used by www.corpnet.xyz as follows:
a.
Right-click
Start
and select
Windows PowerShell (Admin)
.
b.
At the prompt, type
nslookup www.corpnet.xyz ns1.nethost.net
and
press
Enter
.
c.
Answer question 2.
d.
Minimize the question dialog.
3.
Use Zenmap to run an nmap command to scan for open ports as follows:
a.
From the navigation tabs, select
Buildings
.
b.
Under Red Cell, select
Consult-Lap2
.
c.
From the Favorites bar, open Zenmap.
d.
Maximize Zenmap for easier viewing.
e.
In the Command field type
nmap -p- 198.28.1.0/24
.
f.
Select
Scan
to scan for open ports on all servers located on this network.
g.
In the top right, select
Answer Questions
.
h.
Answer question 3.
i.
Select
Score Lab
.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help