Where should Harold navigate on the computer to find the file?
Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM file on
a computer. Where should Harold navigate on the computer to find the file?
What is kept in the following directory?
What is kept in the following directory? HKLM\SECURITY\Policy\Secrets
How would you answer?
You just passed your ECSA exam and are about to start your first consulting job running security
audits for a financial institution in Los Angeles. The IT manager of the company you will be
working for tries to see if you remember your ECSA class. He asks about the methodology you will
be using to test the company’s network. How would you answer?
What will the following URL produce in an unpatched IIS Web Server? http://www.thetargetsite.com/scripts/..%co
What will the following URL produce in an unpatched IIS Web Server?
http://www.thetargetsite.com/scripts/..%co%af../..%co%af../windows/system32/cmd.exe?/c+dir+c:\
What ports should you open for SNMP to work through Firewalls (Select 2)
You setup SNMP in multiple offices of your company. Your SNMP software manager is not
receiving data from other offices like it is for your main office. You suspect that firewall changes
are to blame. What ports should you open for SNMP to work through Firewalls (Select 2)
What will the following command produce on a website login page?
What will the following command produce on a website login page?
SELECT email, passwd, login_id, full_name
FROM members
WHERE email = ‘someone@somehwere.com’; DROP TABLE members; –‘
Why PDF passwords do not offer maximum protection?
Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he
needs to send PDF documents containing sensitive information through E-mail to his customers.
Bill protects the PDF documents with a password and sends them to their intended recipients.
Why PDF passwords do not offer maximum protection?
Why were these passwords cracked so quickly?
You are the network administrator for a small bank in Dallas, Texas. To ensure network security,
you enact a security policy that requires all users to have 14 character passwords. After giving
your users 2 weeks notice, you change the Group Policy to force 14 character passwords. A week
later you dump the SAM database from the standalone server and run a password-cracking tool
against it. Over 99% of the passwords are broken within an hour. Why were these passwords
cracked so quickly?
what is the smallest possible shellcode?
In Linux, what is the smallest possible shellcode?
what changes should the client company make?
Click on the Exhibit Button
Paulette works for an IT security consulting company that is currently performing an audit for the
firm ACE Unlimited. Paulette’s duties include logging on to all the company’s network equipment to
ensure IOS versions are up-to-date and all the other security settings are as stringent as possible.
Paulette presents the following screenshot to her boss so he can inform the client about necessary
changes need to be made. From the screenshot, what changes should the client company make?
Exhibit: 