Which of the following is a preventive control?
Which of the following is a preventive control?
What is the first step that the bank should take before…
A bank stores and processes sensitive privacy information related to home loans. However, auditing has never
been enabled on the system. What is the first step that the bank should take before enabling the audit feature?
Which results will be returned with the following Googl…
Which results will be returned with the following Google search query?
site:target.com -site:Marketing.target.com accounting
What information should an IT system analysis provide t…
What information should an IT system analysis provide to the risk assessor?
What risk could this pose?
An NMAP scan of a server shows port 69 is open. What risk could this pose?
what the engineer performed?
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much
information can be obtained from the firm’s public facing web servers. The engineer decides to start by using
netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag: “b0aac0542e25c31:89d”
Content-Length: 7369
Which of the following is an example of what the engineer performed?
What type of activity has been logged?
The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106:
Time:Mar 13 17:30:15 Port:20 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP
Time:Mar 13 17:30:17 Port:21 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP
Time:Mar 13 17:30:19 Port:22 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP
Time:Mar 13 17:30:21 Port:23 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCPTime:Mar 13 17:30:22 Port:25 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP
Time:Mar 13 17:30:23 Port:80 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP
Time:Mar 13 17:30:30 Port:443 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP
What type of activity has been logged?
What phase of the penetration test is the tester curren…
A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP
ranges owned by the bank, performing lookups on the bank’s DNS servers, reading news articles online about
the bank, watching what times the bank employees come into work and leave from work, searching the bank’s
job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank’s corporate
office. What phase of the penetration test is the tester currently in?
Which system consists of a publicly available set of da…
Which system consists of a publicly available set of databases that contain domain name registration contact
information?
Which of the following techniques will identify if comp…
Which of the following techniques will identify if computer files have been changed?