Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
An attacker has successfully engaged in an ARP Poisoning attack on a network. He now wants to begin collecting passwords without collecting arbitrary data. What tools can be used to gather ONLY PASSWORDS transmitted over the network?
dsniff
Kismet
Wireshark
Cain and Abel
Burpsuite
TCPdump
All but Burpsuite and Kismet are used for the purpose of sniffing passwords during Man-in-the-Middle attacks. Burpsuite is a web-application pentesting suite for fuzzing, session hi-jacking and other attacks. Kismet is a network auditing tool. Wireshark and TCPdump will sniff and gather ALL traffic, including passwords, but it will also produce a lot of arbitrary data. Only "Cain and Abel" and "dsniff" are used exclusively for the purpose of sniffing out passwords and encrypted hashes to be cracked. Note: Cain and Abel are exclusively Windows compatible, and also comes with a built-in hash-cracking feature.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.