PrepAway - Latest Free Exam Questions & Answers

Author: admin

What defensive measures will you take to protect your network from these attacks?

One comment

Finding tools to run dictionary and brute forcing attacks against FTP and Web servers is an easy task for hackers. They use tools such as arhontus or brutus to break into remote servers.
CEH# ./rpa
Remote Password Assassin V 1.0
Roses Labs / w00w00
Usage: ./rpa (options)
Options:
-l : Login file to use.
-s : Use the same login.
-c : Password file to use.
-r : Attack FlowPoint Router.
-t : Attack Telnet Port.
-f : Attack FTP Port.
-p : Attack POP Port.
CEH# ./rpa 10.0.0.34 -t -f -c passwords.txt -s linksys
A command such as this, will attack a given 10.0.0.34 FTP and Telnet servers simultaneously with a list of passwords and a single login name: linksys. Many FTP-specific password-guessing tools are also available from major security sites.
What defensive measures will you take to protect your network from these attacks?

What is the hexadecimal value of NOP instruction?

2 comments

You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c
char shellcode[] =
“x31xc0xb0x46x31xdbx31xc9xcdx80xebx16x5bx31xc0”
“x88x43x07x89x5bx08x89x43x0cxb0x0bx8dx4bx08x8d”
“x53x0cxcdx80xe8xe5xffxffxffx2fx62x69x6ex2fx73”
“x68”;
What is the hexadecimal value of NOP instruction?

Given the following extract from the snort log on a honeypot, what do you infer from the attack?

One comment

Given the following extract from the snort log on a honeypot, what do you infer from the attack?

If the canary word has been altered when the function returns, and the program responds by emitting an intrude

One comment

A simple compiler technique used by programmers is to add a terminator ‘canary word’ containing four letters NULL (0x00), CR (0x0d), LF (0x0a) and EOF (0xff) so that most string operations are terminated. If the canary word has been altered when the function returns, and the program responds by emitting an intruder alert into syslog, and then halts what does it indicate?

How would you protect from these attacks?

3 comments

Take a look at the following attack on a Web Server using obstructed URL:
http://www.example.com/script.ext?template=%2e%2e%2f%2e%2e%2f%2e%2e%2f%65%74%63 %2f%70%61%73%73%77%64
This request is made up of:
.%2e%2e%2f%2e%2e%2f%2e%2e%2f = ../../../
.%65%74%63 = etc
.%2f = /
.%70%61%73%73%77%64 = passwd
How would you protect from these attacks?

How can a remote attacker decipher the name of the administrator account if it has been renamed?

One comment

Jonathan being a keen administrator has followed all of the best practices he could find on securing his Windows Server. He renamed the Administrator account to a new name that cannot be easily guessed but there remain people who attempt to compromise his newly renamed administrator account. How can a remote attacker decipher the name of the administrator account if it has been renamed?

What is the command used to create a binary log file using tcpdump?

2 comments

What is the command used to create a binary log file using tcpdump?

How would you protect from this type of attack?

One comment

The GET method should never be used when sensitive data such as credit card is being sent to a CGI program. This is because any GET command will appear in the URL, and will be logged by any servers. For example, let’s say that you’ve entered your credit card information into a form that uses the GET method. The URL may appear like this:
https://www.xsecurity-bank.com/creditcard.asp?cardnumber=453453433532234
The GET method appends the credit card number to the URL. This means that anyone with access to a server log will be able to obtain this information.
How would you protect from this type of attack?


Page 150 of 231« First...102030...148149150151152...160170180...Last »