110, what HTTP request could Paulette use to see if that router is vulnerable?
Paulette is the systems administrator for Newton Technologies. Paulette holds certifications in both Microsoft areas as well as security such as the CEH. Paulette is currently performing the yearly security audit for the company’s entire network which includes two branch offices. Paulette travels to one of the branch offices to perform an internal audit at that location. She uses Send ICMP Nasty Garbage (SING) to find all the routers in the network. All network equipment at the home office and branch offices are Cisco equipment. Paulette wants to check for a particular arbitrary administrative access vulnerability known in Cisco equipment when certain HTTP requests are made to those routers. If one of the router’s IP addresses is 172.16.28.110, what HTTP request could Paulette use to see if that router is vulnerable?
Whathas Giles discovered on Tommy’s computer?
Giles is the network administrator for his company, a graphics design company based in Dallas. Most of the network is comprised of Windows servers and workstations, except for some designers that prefer to use MACs. These MAC users are running on the MAC OS X operating system. These MAC users also utilize iChatto talk between each other. Tommy, one of these MAC users, calls Giles and saysthat his computer is running very slow. Giles then gets more calls from the other MAC users saying they are receiving instant messages from Tommy even when hesays he is not on his computer. Giles immediately unplugs Tommy’s computer fromthe network to take a closer look. He opens iChat on Tommy’s computer and it says that it sent a file called latestpics.tgz to all the other MAC users. Tommy says he never sent those files. Giles also sees that many of the computer’s applications appear to be altered. The path where the files should be has an altered file and the original application is stored in the file’s resource fork. Whathas Giles discovered on Tommy’s computer?
What type of web application testing is Zane primarily focusing on?
Zane is a network security specialist working for Fameton Automotive, a custom car manufacturing company in San Francisco. Zane is responsible for ensuringthat the entire network is as secure as possible. Much of the company’s business is performed online by customers buying parts and entire cars through the company website. To streamline online purchases, the programming department has developed a new web application that will keep track of inventory and check items out online for customers. Since this application will be critical to the company, Zane wants to test it thoroughly for any security vulnerabilities. Zane primarily focuses on checking the time validity of session tokens, length of those tokens, and expiration of session tokens while translating from SSL to non-SSL resources. What type of web application testing is Zane primarily focusing on?
What type of initial analysis has Charlie performed to show the company which areas it needs improvements in?
Charlie is an IT security consultant that owns his own business in Denver.Charlie has recently been hired by Fleishman Robotics, a mechanical engineeringcompany also in Denver. After signing service level agreements and other contract papers, Charlie asks to look over the current company security policies. Based on these policies, Charlie compares the policies against what is actually inplace to secure the company’s network. From this information, Charlie is able to produce a report to give to company executives showing which areas the companyis lacking in. This report then becomes the basis for all of Charlie’s remaini ng tests. What type of initial analysis has Charlie performed to show the company which areas it needs improvements in?
Whattype of signature has Justine decided to implement?
Justine is the systems administrator for her company, an international shipping company with offices all over the world. Recent US regulations have forcedthe company to implement stronger and more secure means of communication. Justine and other administrators have been put in charge of securing the company’s digital communication lines. After implementing email encryption, Justine now needs to implement robust digital signatures to ensure data authenticity and reliability. Justine has decided to implement digital signatures which are a variantof DSA and that operate on elliptical curve groups. These signatures are more efficient than DSA and are not vulnerable to a number field sieve attacks. Whattype of signature has Justine decided to implement?
Under what right does this investigator have to ask for the encryption algorithms and keys?
Nathan is the senior network administrator for Undulating Innovations, a software development company in Los Angeles. Nathan’s company typically develops secure email programs for state and local agencies. These programs allow these agencies to send and receive encrypted email using proprietary encryption and signing methods. An employee at one of the state agencies has been arrested on suspicion of leaking sensitive government information to third world countries for profit. When the US federal government steps in, they seize the employee’s computer and attempt to read email he sent but are not able to because of the encryption software he used. Nathan receives a call from an investigator working forthe CIA on this particular case. The investigator tells Nathan that his companyhas to give up the encryption algorithms and keys to the government so they can read the email sent by the accused state employee. Under what right does this investigator have to ask for the encryption algorithms and keys?
What will this code accomplish?
Ursula is a network security analyst as well as a web developer working on contract for a marketing firm in St. Louis. Ursula has been hired on to help streamline the company’s website and ensure it meets accessibility laws for that state. After completing all the work that was asked, the marketing firm terminates Ursula’s service and does not pay the rest of the money that is owed to her.Right before she is asked to leave, Ursula writes a small application with the following code inserted into it.
What will this code accomplish?
What built-in technology used by FirewallInformer actively performs these exploit tests on network equipment?
Neville is a network security analyst working for Fenderson Biomedics, a medical research company based out of London. Neville has been tasked by his supervisor to ensure that the company is as secure as possible. Neville first examines and hardens the OS for all company clients and servers. Neville wants to check the performance and configuration of every firewall and network device to ensure they comply with company security policies. Neville has chosen to use Firewall Informer because it actively and safely tests devices with real-world exploits to determine their security state. What built-in technology used by FirewallInformer actively performs these exploit tests on network equipment?
What utility could Lonnie and his systems administrators implement on the company’s network to accomplish th
Lonnie is the chief information officer for Ganderson Trailways, a railroadshipping company with offices all over the United States. Lonnie had all his systems administrators implement hardware and software firewalls last year to helpensure network security. On top of these, they implemented IDS/IPS systems throughout the network to check for and stop any bad traffic that may attempt to enter the network. Although Lonnie and his administrators believed they were secu re, a hacker group was able to get into the network and modify files hosted on the company’s websites. After searching through firewall and server logs, no onecould find how the hackers were able to get in. Lonnie decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool needs to alert administrators whenever a critical file is changedin any way. What utility could Lonnie and his systems administrators implement on the company’s network to accomplish this?
What will this command accomplish for Sydney?
Sydney is a certified ethical hacker working as the systems administrator for Galt Riderson International. Sydney is an expert in Linux systems and is utilizing IPTables to protect Linux clients as well as servers. After monitoring the firewall log files, Sydney has been fine tuning the firewall on many clients to adjust for the best security. Sydney types in the following command:
iptables -A INPUT -s 0/0 -I eth1 -d 192.168.254.121 -p TCP -j ACCEPT
What will this command accomplish for Sydney?