Which of the following is a patch management utility that scans one or more computers on your network and aler
Which of the following is a patch management utility that scans one or more computers on your network and alerts you if any important Microsoft security patches are missing. It then provides links that enable those missing patches to be downloaded and installed.
You want to retrieve the Cisco configuration from the router. How would you proceed?
The network administrator at Spears Technology, Inc has configured the default gateway Cisco router’s access-list as below:
Current configuration : 1206 bytes
!
version 12.3
!
hostname Victim
!
enable secret 5 $1$h2iz$DHYpcqURF0APD2aDuA.YX0
!
interface Ethernet0/0
p address dhcp
p nat outside
alf-duplex
!
interface Ethernet0/1
p address 192.168.1.1 255.255.255.0
p nat inside
alf-duplex
!
router rip
etwork 192.168.1.0
!
ip nat inside source list 102 interface Ethernet0/0 overload
no ip http server
ip classless
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 102 permit ip any any
!
snmp-server community public RO
snmp-server community private RW 1
snmp-server enable traps tty
!
line con 0
ogging synchronous
ogin
line aux 0
line vty 0 4
assword secret
ogin
!
!
end
You are hired to conduct security testing on their network. You successfully brute-force the SNMP community string using a SNMP crack tool. The access-list configured at the router prevents you from establishing a successful connection.
You want to retrieve the Cisco configuration from the router. How would you proceed?
How was security compromised and how did the firewall respond?
Dave has been assigned to test the network security of Acme Corp. The test was announced to the employees. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a sand clock to mark the progress of the test. Dave successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access. How was security compromised and how did the firewall respond?
_____ ensures that the enforcement of organizational security policy does not rely on voluntary web applicatio
_____ ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.
What are the differences between SSL and S-HTTP?
What are the differences between SSL and S-HTTP?
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use _____
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft’s /GS option use _____ defense against buffer overflow attacks.
What attack will his program expose the web application to?
Kevin has been asked to write a short program to gather user input for a web application. He likes to keep his code neat and simple. His chooses to use printf(str) where he should have ideally used printf(“%s”, str). What attack will his program expose the web application to?
What are your current privileges?
You have successfully run a buffer overflow attack against a default IIS installation running on a Windows 2000 server. The server allows you to spawn a shell. In order to perform the actions you intend to do, you need elevated permissions. You need to know what your privileges are within the shell. What are your current privileges?
Which of the following tools could be used for this purpose?
Barney is looking for a Windows NT/2000/XP command-line tool that can be used to assign, display, or modify ACLs (access control lists) to files or folders and that could also be used within batch files. Which of the following tools could be used for this purpose?
What hacking attack is challenge/response authentication used to prevent?
What hacking attack is challenge/response authentication used to prevent?