What type of OS fingerprinting technique sends specially crafted packets to the remote OS and
analyzes the received response?

The programmers on your team are analyzing the free, open source software being used to run
FTP services on a server. They notice that there is an excessive number of fgets() and gets() on
the source code. These C++ functions do not check bounds.
What kind of attack is this program susceptible to?

How do employers protect assets with security policies pertaining to employee surveillance
activities?

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary
data storage area) then it was intended to hold.
What is the most common cause of buffer overflow in software today?

When analyzing the IDS logs, the system administrator noticed an alert was logged when the
external router was accessed from the administrator’s computer to update the router configuration.
What type of an alert is this?

The following exploit code is extracted from what kind of attack?

Which of the following parameters enables NMAP’s operating system detection feature?

StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft’s /GS
option use _____ defense against buffer overflow attacks.

Which of the following is an example of IP spoofing?

Symmetric encryption algorithms are known to be fast but present great challenges on the key
management side. Asymmetric encryption algorithms are slow but allow communication with a
remote host without having to transfer a key out of band or in person. If we combine the strength
of both crypto systems where we use the symmetric algorithm to encrypt the bulk of the data and
then use the asymmetric encryption system to encrypt the symmetric key, what would this type of
usage be known as?