What type of session attack is Gerald employing here?
Gerald is a certified ethical hacker working for a large financial institution in Oklahoma City. Gerald is currently performing an annual security audit ofthe company’s network. One of the company’s primary concerns is how the corporate data is transferred back and forth from the banks all over the city to the data warehouse at the company’s home office. To see what type of traffic is being passed back and forth and to see how secure that data really is, Gerald uses asession hijacking tool to intercept traffic between a server and a client. Gerald hijacks an HTML session between a client running a web application which connects to a SQL database at the home office. Gerald does not kill the client’s session; he simply monitors the traffic that passes between it and the server. What type of session attack is Gerald employing here?
What measures can Bill take to help prevent future reflective DoS attacks against the ISP’s network?
Bill is an IT security consultant who has been hired on by an ISP that has recently been plagued by numerous DoS attacks. The ISP did not have the internalresources to prevent future attacks, so they hired Bill for his expertise. Bill looks through the company’s firewall logs and can see from the patterns that the attackers were using reflected DoS attacks. What measures can Bill take to help prevent future reflective DoS attacks against the ISP’s network? (Select 2)
What type of attack are yougoing to attempt on the company’s network?
You are an IT security consultant working on a six month contract with a large energy company based in Kansas City. The energy company has asked you to perform DoS attacks against its branch offices to see if their configurations and network hardening can handle the load. To perform this attack, you craft UDP packets that you know are too large for the routers and switches to handle. You also put confusing offset values in the second and later fragments to confuse thenetwork if it tries to break up the large packets. What type of attack are yougoing to attempt on the company’s network?
What aspect of email clients does this exploit take advantage of?
Javier is a network security consultant working on contract for a state agency in Texas. Javier has been asked to test the agency’s network security from every possible aspect. Javier decides to use the Reaper Exploit virus to see ifhe can exploit any weaknesses in the company’s email. He infects a couple of computers with the virus and waits for the users of those machines to use their email client. After a short amount of time, he receives numerous emails that were copied from those clients; this proving that the client computers are susceptible to the Reaper Exploit virus exploiting their email clients. What aspect of email clients does this exploit take advantage of?
What issue is Xavier seeing here on the client computer?
Xavier is a network security specialist working for a federal agency in Washington DC. Xavier is responsible for maintaining agency security policies, teaching security awareness classes, and monitoring the overall health of the network. One of Xavier’s coworkers receives a help desk call from a user who is having issues navigating to certain sites on the Internet. Xavier’s coworker cannotfigure out the issue so he hands it off to Xavier. He logs on to the user’s computer and goes to a couple of websites the user said were having issues. When Xavier types in www.Google.com, it takes him to Boogle.com instead. When Xaviertypes in Yahoo.com, it takes him to Yahooo.com instead. Xavier checks all the IP settings on the computer which are static and they appear to be correct. Xavier checks the local DNS settings as well as the DNS settings on the server and they are correct. Xavier opens a command window and types in: ipconfig /flushdns. When he navigates to the previous sites, he is still directed to the wrong ones. What issue is Xavier seeing here on the client computer?
What type of social engineering attack has Neil employed here?
Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company’s entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?
What is Miles going to accomplish by running this command?
Miles is a network administrator working for the University of Central Oklahoma. Miles’ responsibilities include monitoring all network traffic inside thenetwork and traffic coming into the network. On the university’s IDS, Miles notices some odd traffic originating from some client computers inside the network. Miles decides to use Tcpdump to take a further look.
What is Miles going to accomplish by running this command?
What type of virus has Lyle found on this computer?
Lyle is a systems security analyst for Gusteffson & Sons, a large law firm in Beverly Hills. Lyle’s responsibilities include network vulnerability scans, Antivirus monitoring, and IDS monitoring. Lyle receives a help desk call from a user in the Accounting department. This user reports that his computer is running very slow all day long and it sometimes gives him an error message that the hard drive is almost full. Lyle runs a scan on the computer with the company antivirus software and finds nothing. Lyle downloads another free antivirus application and scans the computer again. This time a virus is found on the computer.The infected files appear to be Microsoft Office files since they are in the same directory as that software. Lyle does some research and finds that this virus disguises itself as a genuine application on a computer to hide from antivirus software. What type of virus has Lyle found on this computer?
Tyler logs onto this client computer and types in the following command:What is Tyler trying to accomplish by
Tyler is the senior security officer for WayUP Enterprises, an online retailcompany based out of Los Angeles. Tyler is currently performing a network security audit for the entire company. After seeing some odd traffic on the firewall going outbound to an IP address found to be in North Korea, Tyler decides to look further. Tyler traces the traffic back to the originating IP inside the network; which he finds to be a client running Windows XP. Tyler logs onto this client computer and types in the following command:
What is Tyler trying to accomplish by using this command?
What is most likely occurring here?
Simon is the network administrator for his company. Simon is also an IT security expert with over 10 security-related certifications. Simon has been askedby the company CIO to perform a comprehensive security audit of the entire network. After auditing the network at the home office without finding any issues,he travels to one of the company’s branch offices in New Orleans. The first task that Simon carries out is to set up traffic mirroring on the internal-facing port of that office’s firewall. On this port, he uses Wireshark to capture traffic. Alarmingly, he finds a huge number of UDP packets going both directions onports 2140 and 3150. What is most likely occurring here?