ECCouncil Related Exams
212-82 Exam
The SOC department in a multinational organization has collected logs of a security event as
"Windows.events.evtx". Study the Audit Failure logs in the event log file located in the Documents folder of the
-Attacker Maehine-1" and determine the IP address of the attacker. (Note: The event ID of Audit failure logs is
4625.)
(Practical Question)
Matias, a network security administrator at an organization, was tasked with the implementation of secure wireless network encryption for their network. For this purpose, Matias employed a security solution that uses 256-bit Galois/Counter Mode Protocol (GCMP-256) to maintain the authenticity and confidentiality of data.
Identify the type of wireless encryption used by the security solution employed by Matias in the above scenario.
RAT has been setup in one of the machines connected to the network to steal the important Sensitive corporate docs located on Desktop of the server, further investigation revealed the IP address of the server 20.20.10.26. Initiate a remote connection using thief client and determine the number of files present in the folder.
Hint: Thief folder is located at: Z:\CCT-Tools\CCT Module 01 Information Security Threats and Vulnerabilities\Remote Access Trojans (RAT)\Thief of Attacker Machine-1.