What statement is true regarding LM hashes?
What statement is true regarding LM hashes?
What is the tool Firewalk used for?
What is the tool Firewalk used for?
What is a successful method for protecting a router from potential smurf attacks?
What is a successful method for protecting a router from potential smurf attacks?
What can be inferred from this output?
You have performed the traceroute below and notice that hops 19 and 20 both show the same IP address.
What can be inferred from this output?
Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?
Which of the following tools will scan a network to perform vulnerability checks and compliance
auditing?
how can you detect these sniffing interfaces?
During the intelligence gathering phase of a penetration test, you come across a press release by
a security products vendor stating that they have signed a multi-million dollar agreement with the
company you are targeting. The contract was for vulnerability assessment tools and network
based IDS systems. While researching on that particular brand of IDS you notice that its default
installation allows it to perform sniffing and attack analysis on one NIC and caters to its
management and reporting on another NIC. The sniffing interface is completely unbound from the
TCP/IP stack by default. Assuming the defaults were used, how can you detect these sniffing
interfaces?
authenticity, integrity, confidentiality and
The use of technologies like IPSec can help guarantee the followinG. authenticity, integrity,
confidentiality and
What type of technique might be used by these offenders to access the Internet without restriction?
Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have
complained to Neil that there are a few employees who are visiting offensive web site during work
hours, without any consideration for others. Neil knows that he has an up-to-date content filtering
system and such access should not be authorized. What type of technique might be used by these
offenders to access the Internet without restriction?
Which of the following tools allows an attacker to intentionally craft packets to confuse pattern-matching NID
Most NIDS systems operate in layer 2 of the OSI model. These systems feed raw traffic into a
detection engine and rely on the pattern matching and/or statistical analysis to determine what is
malicious. Packets are not processed by the host’s TCP/IP stack allowing the NIDS to analyze
traffic the host would otherwise discard. Which of the following tools allows an attacker to
intentionally craft packets to confuse pattern-matching NIDS systems, while still being correctly
assembled by the host TCP/IP stack to render the attack payload?
Which of the following is a detective control?
Which of the following is a detective control?