- (Topic 1)
A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

1. A. The computer is not using a private IP address.
2. B. The gateway is not routing to a public IP address.
3. C. The gateway and the computer are not on the same network.
4. D. The computer is using an invalid IP address.

Correct Answer: B
https://en.wikipedia.org/wiki/Private_network
In IP networking, a private network is a computer network that uses private IP address space. Both the IPv4 and the IPv6 specifications define private IP address ranges. These addresses are commonly used for local area networks (LANs) in residential, office, and enterprise environments.
Private network addresses are not allocated to any specific organization. Anyone may use these addresses without approval from regional or local Internet registries. Private IP address spaces were originally defined to assist in delaying IPv4 address exhaustion. IP packets originating from or addressed to a private IP address cannot be routed through the public Internet.
The Internet Engineering Task Force (IETF) has directed the Internet Assigned Numbers Authority (IANA) to reserve the following IPv4 address ranges for private networks:
· 10.0.0.0 – 10.255.255.255
· 172.16.0.0 – 172.31.255.255
· 192.168.0.0 – 192.168.255.255
Backbone routers do not allow packets from or to internal IP addresses. That is, intranet machines, if no measures are taken, are isolated from the Internet. However, several technologies allow such machines to connect to the Internet.
· Mediation servers like IRC, Usenet, SMTP and Proxy server
· Network address translation (NAT)
· Tunneling protocol
NOTE: So, the problem is just one of these technologies.

- (Topic 2)
infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?

1. A. Reconnaissance
2. B. Maintaining access
3. C. Scanning
4. D. Gaining access

Correct Answer: D
This phase having the hacker uses different techniques and tools to realize maximum data from the system. they??re –• Password cracking – Methods like Bruteforce, dictionary attack, rule-based attack, rainbow table are used. Bruteforce is trying all combinations of the password. Dictionary attack is trying an inventory of meaningful words until the password matches. Rainbow table takes the hash value of the password and compares with pre-computed hash values until a match is discovered.• Password attacks
– Passive attacks like wire sniffing, replay attack. Active online attack like Trojans, keyloggers, hash injection, phishing. Offline attacks like pre-computed hash, distributed network and rainbow. Non electronic attack like shoulder surfing, social engineering and dumpster diving.

- (Topic 2)
Which of the following DoS tools is used to attack target web applications by starvation of available sessions on the web server?
The tool keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.

1. A. My Doom
2. B. Astacheldraht
3. C. R-U-Dead-Yet?(RUDY)
4. D. LOIC

Correct Answer: C

- (Topic 3)
Dorian Is sending a digitally signed email to Polly, with which key is Dorian signing this message and how is Poly validating It?

1. A. Dorian is signing the message with his public ke
2. B. and Poly will verify that the message came from Dorian by using Dorian's private key.
3. C. Dorian Is signing the message with Polys public ke
4. D. and Poly will verify that the message came from Dorian by using Dorian's public key.
5. E. Dorian is signing the message with his private ke
6. F. and Poly will verify that the message came from Dorian by using Dorian's public key.
7. G. Dorian is signing the message with Polys private ke
8. H. and Poly will verify mat the message came from Dorian by using Dorian's public key.

Correct Answer: C
https://blog.mailfence.com/how-do-digital-signatures-work/
https://en.wikipedia.org/wiki/Digital_signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document. It's the digital equivalent of a handwritten signature or stamped seal, but it offers far more inherent security. A digital
signature is intended to solve the problem of tampering and impersonation in digital communications.
Digital signatures can provide evidence of origin, identity, and status of electronic documents, transactions, or digital messages. Signers can also use them to acknowledge informed consent.
Digital signatures are based on public-key cryptography, also known as asymmetric cryptography. Two keys are generated using a public key algorithm, such as RSA (Rivest- Shamir-Adleman), creating a mathematically linked pair of keys, one private and one public.
Digital signatures work through public-key cryptography's two mutually authenticating cryptographic keys. The individual who creates the digital signature uses a private key to encrypt signature-related data, while the only way to decrypt that data is with the signer's public key.

- (Topic 3)
Morris, an attacker, wanted to check whether the target AP is in a locked state. He attempted using different utilities to identify WPS-enabled APs in the target wireless network. Ultimately, he succeeded with one special command-line utility. Which of the following command-line utilities allowed Morris to discover the WPS-enabled APs?

1. A. wash
2. B. ntptrace
3. C. macof
4. D. net View

Correct Answer: A