What can Wayne infer from this traffic log?
Wayne is the senior security analyst for his company. Wayne is examining some traffic logs on a server and came across some inconsistencies. Wayne finds some IP packets from a computer purporting to be on the internal network. The packets originate from 192.168.12.35 with a TTL of
15. The server replied to this computer and received a response from 192.168.12.35 with a TTL of
21. What can Wayne infer from this traffic log?
Why did this ping sweep only produce a few responses?
Lauren is performing a network audit for her entire company. The entire network is comprised of around 500 computers. Lauren starts an ICMP ping sweep by sending one IP packet to the broadcast address of the network, but only receives responses from around five hosts. Why did this ping sweep only produce a few responses?
Which of the following command results in packets that will appear to originate from the system at 10.8.8.8?
Perimeter testing means determining exactly what your firewall blocks and what it allows. To conduct a good test, you can spoof source IP addresses and source ports. Which of the following command results in packets that will appear to originate from the system at 10.8.8.8? Such a packet is useful for determining whether the firewall is allowing random packets in or out of your network.
What is Jacob seeing here?
Jacob is looking through a traffic log that was captured using Wireshark. Jacob has come across what appears to be SYN requests to an internal computer from a spoofed IP address. What is Jacob seeing here?
what will be the response?
If an attacker’s computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on a closed port, what will be the response?
Which of the following countermeasures will NOT be effective against this attack?
You are writing security policy that hardens and prevents Footprinting attempt by Hackers. Which of the following countermeasures will NOT be effective against this attack?
How would you keep intruders from getting sensitive information regarding the network devices using SNMP?
The SNMP Read-Only Community String is like a password. The string is sent along with each SNMP Get-Request and allows (or denies) access to a device. Most network vendors ship their equipment with a default password of "public". This is the so-called "default public community string". How would you keep intruders from getting sensitive information regarding the network devices using SNMP? (Select 2 answers)
Why attackers use proxy servers?
Why attackers use proxy servers?
What do you call a set of pre-computed hashes?
What do you call a pre-computed hash?
Which type of password cracking technique works like dictionary attack but adds some numbers and symbols to th
Which type of password cracking technique works like dictionary attack but adds some numbers and symbols to the words from the dictionary and tries to crack the password?