Which firewall would be most appropriate for Harold? needs?
Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He
knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT.
Which firewall would be most appropriate for Harold? needs?
What principal of social engineering did Julia use?
Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small
accounting firm in Florid a. They have given her permission to perform social engineering attacks on the
company to see if their in-house training did any good. Julia calls the main number for the accounting firm and
talks to the receptionist. Julia says that she is an IT technician from the company’s main office in Iowa. She
states that she needs the receptionist’s network username and password to troubleshoot a problem they are
having. Julia says that Bill Hammond, the CEO of the company, requested this information. After hearing the
name of the CEO, the receptionist gave Julia all the information she asked for. What principal of social
engineering did Julia use?
What information will you be able to gather?
As a security analyst, you setup a false survey website that will require users to create a username and a
strong password. You send the link to all the employees of the company. What information will you be able to
gather?
What tool could you use to get this information?
You are the security analyst working for a private company out of France. Your current assignment is to obtain
credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover
that the bank security defenses are very strong and would take too long to penetrate. You decide to get the
information by monitoring the traffic between the bank and one of its subsidiaries in London. After monitoring
some of the traffic, you see a lot of FTP packets traveling back and forth. You want to sniff the traffic and
extract usernames and passwords. What tool could you use to get this information?
What is a good security method to prevent unauthorized …
What is a good security method to prevent unauthorized users from “tailgating”?
What type of virus is this that you are testing?
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of
your virus software, you load a test network to mimic your production network. Your software successfully
blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code
where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays
the same. What type of virus is this that you are testing?
What is he testing at this point?
Kyle is performing the final testing of an application he developed for the accounting department.
His last round of testing is to ensure that the program is as secure as possible. Kyle runs the following
command. What is he testing at this point?
#include #include int main(int argc, char
*argv[]) { char buffer[10]; if (argc < 2) { fprintf (stderr, “USAGE: %s string\\n”, argv[0]); return 1; }
strcpy(buffer, argv[1]); return 0; }
What type of DoS attack is James testing against his ne…
James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the
broadcast address of his network. What type of DoS attack is James testing against his network?
How will the packet get to its proper destination?
A packet is sent to a router that does not have the packet destination address in its route table.
How will the packet get to its proper destination?
Why will Jonathan not succeed?
Jonathan is a network administrator who is currently testing the internal security of his network. He is
attempting to hijack a session, using Ettercap, of a user connected to his Web server. Why will Jonathan not
succeed?