What is the destination MAC address of a broadcast frame?
John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto
the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame?
What would you call this attack?
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use
these tools in his lab and is now ready for real world exploitation. He was able to effectively
intercept communications between the two entities and establish credentials with both sides of the
connections. The two remote ends of the communication never notice that Eric is relaying the
information between the two.
What would you call this attack?
How can this help you in foot printing the organization?
You are gathering competitive intelligence on an organization. You notice that they have jobs
listed on a few Internet job-hunting sites. There are two jobs for network and system
administrators. How can this help you in foot printing the organization?
What is Eve trying to do?
Eve is spending her day scanning the library computers. She notices that Alice is using a
computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice
machine. From the command prompt, she types the following command.
For /f “tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:”Administrator” %%a
What is Eve trying to do?
which of the following bit set?
TCP packets transmitted in either direction after the initial three-way handshake will have which of
the following bit set?
Which of the following represents the initial two commands that an IRC client sends to join an IRC network?
Which of the following represents the initial two commands that an IRC client sends to join an IRC
network?
Identify the line in the source code that might lead to buffer overflow?
The programmers on your team are analyzing the free, open source software being used to run
FTP services on a server in your organization. They notice that there is excessive number of
functions in the source code that might lead to buffer overflow. These C++ functions do not check
bounds. Identify the line in the source code that might lead to buffer overflow?
Which TCP and UDP ports must you filter to check null sessions on your network?
Null sessions are un-authenticated connections (not using a username or password.) to an NT or
2000 system. Which TCP and UDP ports must you filter to check null sessions on your network?
What framework architecture is shown in this exhibit?
What framework architecture is shown in this exhibit?
Study the following log extract and identify the attack.
Study the following log extract and identify the attack.