What is this document called?
Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company’s systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company’s computer systems until they have signed the policy in acceptance of its terms. What is this document called?
What category of virus is this?
You receive an e-mail with the following text message.
"Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there’s a file called hidserv.exe on your computer, you have been infected and your computer is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible."
You launch your antivirus software and scan the suspicious looking file hidserv.exe located in
c:windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file "Human Interface Device Service".
What category of virus is this?
How do you deal with these threats?
Most cases of insider abuse can be traced to individuals who are introverted, incapable of dealing with stress or conflict, and frustrated with their job, office politics, and lack of respect or promotion. Disgruntled employees may pass company secrets and intellectual property to competitors for monitory benefits.
Here are some of the symptoms of a disgruntled employee:
+ Frequently leaves work early, arrive late or call in sick
+ Spends time surfing the Internet or on the phone
+ Responds in a confrontational, angry, or overly aggressive way to simple requests or comments
+Always negative; finds fault with everything
These disgruntled employees are the biggest threat to enterprise security.
How do you deal with these threats? (Select 2 answers)
This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging per
This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company’s Web site, but the URLs in the e-mail actually point to a false Web site.
What type of session hijacking attack is shown in the exhibit?
What type of session hijacking attack is shown in the exhibit?
This status of client B is called…?
TCP SYN Flood attack uses the three-way handshake mechanism.
1. An attacker at system A sends a SYN packet to victim at system B.
2. System B sends a SYN/ACK packet to victim A.
3. As a normal three-way handshake mechanism system A should send an ACK packet to system B, however, system A does not send an ACK packet to system B. In this case client B is waiting for an ACK packet from client A.
This status of client B is called _________________
Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the tr
SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?
How would you describe an attack where an attacker attempts to deliver the payload over multiple packets ?
How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets.
What could be the reason?
An attacker is attempting to telnet into a corporation’s system in the DMZ. The attacker doesn’t want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. What could be the reason?
What will the following command produce on a website’s login page if executed successfully?
What will the following command produce on a website’s login page if executed successfully? SELECT email, passwd, login_id, full_name FROM members WHERE email = ‘someone@somewhere.com’; DROP TABLE members; –‘