How can you achieve this?
You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discovering the internal structure of publicly accessible areas of the network. How can you achieve this?
A distributed port scan operates by:
A distributed port scan operates by:
What kind of attack is this?
In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this?
What tool did the auditors use?
You are the security administrator for a large online auction company based out of Los Angeles.After getting your ENSA CERTIFICATION last year, you have steadily been fortifying your network’s security including training, OS hardening, and network security.One of the last things you just changed for security reasons was to modify all the built-in administrator accounts on the local computers of PCs and in Active Directory.After thorough testing, you found that no services or programs were affected by the name changes.
Your company undergoes an outside security audit by a consulting company, and they said that even though all the administrator account names were changed, the accounts could still be used by a clever hacker to gain unauthorized access.You argue with the auditors and say that is not possible, so they use a tool and show you how easy it is to utilize the administrator account even though its name was changed.
What tool did the auditors use?
Where is the password file kept in Linux?
You are trying to compromise a Linux machine and steal the password hashes for cracking with password brute forcing program. Where is the password file kept in Linux?
Why are SSID not considered to be a good security mechanism to protect a wireless network?
On wireless networks, a SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless network?
what is the hacker really trying to steal?
Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?
c:> cmd /c type c:winntrepairsam > c:har.txt
Volume in drive C has no label.
Volume Serial Number is 8403-6A0E
Directory of C:
11/26/00 12:34p 0 AUTOEXEC.BAT
11/26/00 06:57p 322 boot.ini
11/26/00 12:34p CONFIG.SYS
12/26/00 07:36p exploits
02/04/01 07:07a 5,327 har.txt
12/07/00 03:30p InetPub
12/07/00 03:12p Multimedia Files
12/26/00 07:10p New Folder
01/26/01 02:10p 78,643,200 pagefile.sys
12/21/00 08:59p Program Files
02/04/01 06:49a 69 README.NOW.Hax0r
12/21/00 08:59p TEMP
02/04/01 07:05a WINNT
12/26/00 07:09p wiretrip
02/04/01 06:43a 0 mine.txt
15 File(s) 78,648,918 bytes
1,689,455,616 bytes free
c:> type har.txt
c:> copy har.txt c:inetpubwwwroot
c:> GET har.txt HTTP/1.1
Server: Microsoft-IIS/4.0
Date: Sun, 04 Feb 2001 13:11:28 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Sun, 04 Feb 2001 13:07:33 GMT
ETag: “5063fd6fab8ec01:b85”
Content-Length: 5327
What does this symbol mean?
What does this symbol mean?
Which of the following tool achieves this?
Ethernet switches can be adversely affected by rapidly bombarding them with spoofed ARP responses. he port to MAC address table (CAM TABLE) overflows on the switch, and rather than failing completely, moves into broadcast mode, then the hacker can sniff all of the packets on the network.
Which of the following tool achieves this?
Which of the following built-in C/C++ functions you should avoid to prevent your program from buffer overflow
Which of the following built-in C/C++ functions you should avoid to prevent your program from buffer overflow attacks?