Which of the choices below indicate the other features offered by Snort?
Snort is an open source Intrusion Detection system. However, it can also be used for a few other purposes as well.
Which of the choices below indicate the other features offered by Snort?
What is the probable cause of Bill’s problem?
Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "Echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page again in vain.
What is the probable cause of Bill’s problem?
What do you conclude from the nmap results below?
What do you conclude from the nmap results below?
Staring nmap V. 3.10ALPHA0 (www.insecure.org/map/)
(The 1592 ports scanned but not shown below are in state: closed)
PortStateService
21/tcpopenftp
25/tcpopensmtp
80/tcpopenhttp
443/tcpopenhttps
Remote operating system guess: Too many signatures match the reliability guess the OS. Nmap run completed 1 IP address (1 host up) scanned in 91.66 seconds
Which one of the following techniques can be very effective at avoiding proper detection?
Network Intrusion Detection systems can monitor traffic in real time on networks.
Which one of the following techniques can be very effective at avoiding proper detection?
How can you achieve this?
You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discover the internal structure of publicly accessible areas of the network.
How can you achieve this?
What can you infer from this observation?
While scanning a network you observe that all of the web servers in the DMZ are responding to ACK packets on port 80.
What can you infer from this observation?
What type of technique might be used by these offenders to access the Internet without restriction?
Neil monitors his firewall rules and log files closely on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web sites during work hours, without consideration for others. Neil knows that he has an updated content filtering system and that such access should not be authorized.
What type of technique might be used by these offenders to access the Internet without restriction?
Which of the following strategies can be used to defeat detection by a network-based IDS application?
An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application.
Which of the following strategies can be used to defeat detection by a network-based IDS application? (Choose the best answer)
What makes web application vulnerabilities so aggravating?
What makes web application vulnerabilities so aggravating? (Choose two)
Why would an ethical hacker use the technique of firewalking?
Why would an ethical hacker use the technique of firewalking?