Is IT
security your forte?

Is IT security your forte?

Try this quiz
Question 1

Which type of password, among the following, would you encourage in your IT environment?

Next
Question 2

Which version of the NT LAN Manager (NTLM) authentication protocol is being used in your network?

Next
Question 3

Which of the following practices do you employ to secure passwords in your network?

Next
Question 4

Which among the following cannot be subjected to or exploited by offline brute-force attacks?

Next
Question 5

Which of the following attacks can be prevented by Windows Defender Credential Guard?

Next
Question 6

Which Windows program can be exploited by malicious attackers to gain access to password hashes?

Next
Question 7

Which of the following attacks is used for lateral movement?

Next
Question 8

Which of the following is the most effective way to protect your network from malicious IPs?

Next
Question 9

Which of these have you deployed in your network?

Next
Question 10

What do LSASS memory, SAM database, and NTDS.fil have in common?

Next

Just one more step!

  • By clicking 'Submit', you agree to processing of personal data according to the Privacy Policy.
You have got 6 out of 10

that's impressive

You have got 6 out of 10

That's great

You have got 5 out of 10

that's good

Reckatta,

the network whisperer is right behind you!

What does she want?
Answer key
x

Answer Key

1. Which type of password, among the following, would you encourage in your IT environment?

Your Answer:

Explanation: Although a combination of Unicode symbols and characters is hard to crack, it's also hard to remember! Microsoft recommends sentences or phrases that are easy to remember as well as long enough to be strong.

2. Which version of the NT LAN Manager (NTLM) authentication protocol is being used in your network?

Your Answer:

Explanation: NTLMv2 uses HMAC-MD5 hashing which is more difficult to break than MD4 and DES5 used in NTLMv1. So, if legacy systems are a part of the network, then it's better to keep a track of them and ensure they're not a liability.

3. Which of the following practices do you employ to secure passwords in your network?

Your Answer:

Explanation: Both a and b are good practices intended to ensure password security. While password filters in AD can help in not setting breached passwords, LAPS is more about password management.

4. Which among the following cannot be subjected to or exploited by offline brute-force attacks?

Your Answer:

Explanation: A web service cannot be subjected to offline attacks. The emphasis here is on the ntds.dit and lsass memory which can be affected by them.

5. Which of the following attacks can be prevented by Windows Defender Credential Guard?

Your Answer:

Explanation: Windows Credential Guard runs the NTLM hashes and secrets in an environment isolated from the OS. This is an effective measure against credential dumping.

6. Which Windows program can be exploited by malicious attackers to gain access to password hashes?

Your Answer:

Explanation: pwdump is a Windows program that can output the LM and NTLM password hashes.

7. Which of the following attacks is used for lateral movement?

Your Answer:

Explanation: Golden Ticket is obtained using a krbtgt account. With a golden ticket, all the accounts in the domain can be compromised.

8. Which of the following is the most effective way to protect your network from malicious IPs?

Your Answer:

Explanation: Blacklisting or whitelisting, can help deny or allow entry to malicious IPs.

9. Which of these have you deployed in your network?

Your Answer:

Explanation: A combination of both is recommended.

10. What do LSASS memory, SAM database, and NTDS.fil have in common?

Your Answer:

Explanation: All of them store sensitive information like passwords or password hashes. Option a is also technically correct.