Which of the below Google search string brings up sites with "config.php" files?
Attackers footprint target Websites using Google Hacking techniques. Google hacking is a term
that refers to the art of creating complex search engine queries. It detects websites that are
vulnerable to numerous exploits and vulnerabilities. Google operators are used to locate specific
strings of text within the search results.
The configuration file contains both a username and a password for an SQL database. Most sites
with forums run a PHP message base. This file gives you the keys to that forum, including FULL
ADMIN access to the database. WordPress uses config.php that stores the database Username
and Password.
Which of the below Google search string brings up sites with “config.php” files?
Which of the following tool would be considered as Signature Integrity Verifier (SIV)?
Which of the following tool would be considered as Signature Integrity Verifier (SIV)?
Why will this not be possible?
Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the
recommendations for securing the operating system and IIS. These servers are going to run
numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is
still concerned about the security of these servers because of the potential for financial loss. Bob
has asked his company’s firewall administrator to set the firewall to inspect all incoming traffic on
ports 80 and 443 to ensure that no malicious data is getting into the network.
Why will this not be possible?
Which of the following statement correctly defines ICMP Flood Attack?
Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)
Which type of scan does NOT open a full TCP connection?
Which type of scan does NOT open a full TCP connection?
What is the purpose of this code?
Lori was performing an audit of her company’s internal Sharepoint pages when she came across
the following code. What is the purpose of this code?
What sequence of packets is sent during the initial TCP three-way handshake?
What sequence of packets is sent during the initial TCP three-way handshake?
Which port number Steve should scan?
Steve scans the network for SNMP enabled devices. Which port number Steve should scan?
Is there any way you can retrieve information from a website that is outdated?
You are footprinting an organization and gathering competitive intelligence. You visit the
company’s website for contact information and telephone numbers but do not find them listed
there. You know they had the entire staff directory listed on their website 12 months ago but now it
is not there. Is there any way you can retrieve information from a website that is outdated?
What built-in Windows feature could you have implemented to protect the sensitive information on these laptops
You are the CIO for Avantes Finance International, a global finance company based in Geneva.
You are responsible for network functions and logical security throughout the entire corporation.
Your company has over 250 servers running Windows Server, 5000 workstations running
Windows Vista, and 200 mobile users working from laptops on Windows 7.
Last week, 10 of your company’s laptops were stolen from salesmen while at a conference in
Amsterdam. These laptops contained proprietary company information. While doing damage
assessment on the possible public relations nightmare this may become, a news story leaks about
the stolen laptops and also that sensitive information from those computers was posted to a blog
online.
What built-in Windows feature could you have implemented to protect the sensitive information on
these laptops?