GAQM Updated CEH-001 Exam Questions and Answers by tom

A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it. With a challenge/response authentication you ensure that captured packets can’t be retransmitted without a new authentication.

-N = NON interactive mode (without ncurses)

-C = collect all users and passwords

-L = if used with -C (collector) it creates a file with all the password sniffed in the session in the form "YYYYMMDD-collected-pass.log"

-z = start in silent mode (no arp storm on start up)

-s = IP BASED sniffing

--quiet = "demonize" ettercap. Useful if you want to log all data in background.

Explanations:

A is not a correct answer as it is never recommended to use a DNS server for any other application. Hardening of the DNS servers makes them less vulnerable to attack. It is recommended to split internal and external DNS servers (called split-horizon operation). Zone transfers should only be accepted from authorized DNS servers.

By having DNS servers on different subnets, you may prevent both from going down, even if one of your networks goes down.

He is actually trying to get the file har.txt but this file contains a copy of the SAM file.