Which four methods are used by hackers? (Choose four.)
A. footprint analysis attack
B. privilege escalation attack
C. buffer Unicode attack
D. front door attacks
E. social engineering attack
F. Trojan horse attack
Explanation/Reference:
Explanation:
https://learningnetwork.cisco.com/servlet/JiveServlet/download/15823-1- 57665/CCNA%20Security%20(640-554)%20Portable%20Command%20Guide_ch01.pdf Thinking Like a Hacker
The following seven steps may be taken to compromise targets and applications:
Step 1 Perform footprint analysis
Get Latest & Actual 640-554 Exam’s Question and Answers from Passleader.
http://www.passleader.com
Hackers generally try to build a complete profile of a target company’s security posture using a broad range of easily available tools and techniques.
They can discover organizational domain names, network blocks, IP addresses of systems, ports, services that are used, and more.
Step 2 Enumerate applications and operating systems
Special readily available tools are used to discover additional target information. Ping sweeps use Internet Control Message Protocol (ICMP) to discover devices on a network. Port scans discover TCP/UDP port status.
Other tools include Netcat, Microsoft EPDump and Remote Procedure Call (RPC) Dump, GetMAC, and software development kits (SDKs).
Step 3 Manipulate users to gain access
Social engineering techniques may be used to manipulate target employees to acquire passwords. They may call or email them and try to convince them to reveal passwords without raising any concern or suspicion.
Step 4 Escalate privileges
To escalate their privileges, a hacker may attempt to use Trojan horse programs and get target users to unknowingly copy malicious code to their corporate system.
Step 5 Gather additional passwords and secrets
With escalated privileges, hackers may use tools such as the pwdump and LSADump applications to gather passwords from machines running Windows.
Step 6 Install back doors
Hacker may attempt to enter through the “front door,” or they may use “back doors” into the system. The backdoor method means bypassing normal authentication while attempting to remain undetected. A common backdoor point is a listening port that provides remote access to the system.
Step 7 Leverage the compromised system
After hackers gain administrative access, they attempt to hack other systems.