Certified Incident Handler (ECIH) — Question 37

An FTP server has been hosted in one of the machines in the network. Using Cain and Abel the attacker was able to poison the machine and fetch the FTP credentials used by the admin. You're given a task to validate the credentials that were stolen using Cain and Abel and read the file flag.txt

Answer options

• A. white@hat
• B. red@hat
• C. hat@red
• D. blue@hat

Correct answer: C

Explanation

The correct answer is C, hat@red, which matches the format of valid FTP credentials typically used in this context. Options A, B, and D do not correspond to the expected credential structure or may not be valid in this scenario.