What exactly is John trying to do?
John Beetlesman, the hacker has successfully compromised the Linux system of Angent Telecommunications, Inc’s?Webserver running Apache. He has downloaded sensitive documents and database files off the machine.
Upon performing various tasks, Beetlesman finally runs the following command on the Linux box before disconnecting.
for (( i = 0;i<11;i++ )); do
?dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done
What exactly is John trying to do?
From the options below, choose the exploit against which this rule applies?
Study the snort rule given:
alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:”NETBIOS DCERPC ISystemActivator bind attempt”; flow:to_server,established; content:”|05|”; distance:0; within:1; content:”|0b|”; distance:1; within:1; byte_test:1,&,1,0,relative; content:”|A0 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 46|”; distance:29; within:16; reference:cve,CAN-2003-0352; classtype:attempted-admin; sid:2192; rev:1;)
alert tcp $EXTERNAL_NET any -> $HOME_NET 445 (msg:”NETBIOS SMB DCERPC ISystemActivator bind attempt”; flow:to_server,established; content:”|FF|SMB|25|”; nocase; offset:4; depth:5; content:”|26 00|”; distance:56; within:2; content:”|5c 00|P|00|I|00|P|00|E|00 5c 00|”; nocase; distance:5; within:12; content:”|05|”; distance:0; within:1; content:”|0b|”; distance:1; within:1; byte_test:1,&,1,0,relative; content:”|A0 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 46|”; distance:29; within:16; reference:cve,CAN-2003-0352; classtype:attempted-admin; sid:2193; rev:1;)
From the options below, choose the exploit against which this rule applies?
Why are they not seeing thesame odd behavior when browsing the vendor website with Firefox?
Steven is the help desk manager for Fortified Investors, an investment firmbased in Boston. Steven is responsible for fielding all help desk calls from company employees. Steven is getting numerous calls from users stating that whenthey navigate to one of the company vendor’s websites, their Internet Explorer browser starts to behave abnormally by pulling up pop-ups and being redirected toother pages. All the users that have called Steven are using Internet Explorerfor their browsers. Steven checks the source code of the vendor’s page and sees some odd scripts in the source code. The employees still need to access the vendor’s page to perform their work duties so Steven decides to download and install Firefox on these users’ computers. When browsing with Firefox, the users donot see any odd behavior on the website as before. Why are they not seeing thesame odd behavior when browsing the vendor website with Firefox?
What is the purpose of this code?
Ralph is the network administrator for his company. As well as being responsible for the logical and physical network, he is in charge of logical and physical security. Ralph is currently performing a security audit of the company’s network, including its two internally-hosted websites. These websites utilize RSS feeds to update subscribers on current information. While performing his audit, Ralph is flagged to some irregular code in one of the website pages. What is the purpose of this code?
Whatmonitoring method is Wesley’s colleague recommending?
Wesley is an IT technician working for Bonner-Riddel, a research foundationlocated in Lansing. Wesley works on both Windows and Linux-based machines, butenjoys tweaking and customizing open source applications more. Wesley has beenusing a Concurrent Versions System (CVS) to monitor the latest additions and revisions to source code he likes to work on. Wesley likes CVS but has issues whensome items are partially checked-in. A colleague of his told him about anotherway to monitor source code; this method even tracks directory versioning. Whatmonitoring method is Wesley’s colleague recommending?
What type of exploit has Harold inserted into the online game?
Harold is a software application developer for 24/7 Gaming Incorporated, anonline gaming company that hosts over 25 online game environments. Harold has worked at the company for over 8 years and has risen up through the ranks. One day, Harold comes in to work and is informed that his position is being terminated in two weeks for budget reasons. Harold is furious because of all the time and effort he has invested in the company. Harold decides to get revenge so he implants some hacks into the code of one online game the company hosts. He tellshis friends how to access the code; which lets them see through walls and otherobjects within the game while other players cannot. What type of exploit has Harold inserted into the online game?
What kind of license validation was used to make the graphics software work correctly?
Calvin is the IT manager for Riverson & Associates, an advertising firm based out of Toronto. Calvin is responsible for all IT related situations. The firm’s marketing director has asked Calvin to purchase a graphics editing application to install on two computers in the marketing department. Calvin makes the purchase and receives the software in the mail one week later. Calvin installs the software on the two requested computers. When the marketing users try to use the software, it says they need to “Insert device for validation”. Calvin calls the software company to find out what the issue is. Calvin thought there was a CD key that needed to be used on installation but the company’s support represe ntative said there should have been a USB device included in the software box. Calvin looks through the software boxes and finds two USB devices. After plugging the devices into the computers in marketing, the graphics software works properly. What kind of license validation was used to make the graphics software work correctly?
What haveyou asked your IT staff to install on all the computers in the agency?
You are the systems administrator for your company, a medium-sized state agency in Oregon. You are responsible for all workstations, servers, network equipment, and software. You have two junior IT staff that field help desk calls astheir primary duty. Since you are on a limited budget, you have had to get by with outdated hardware and software for many years. After a small increase in your budget this year, you decide to purchase Microsoft Office 2007 for your agency. This software is licensed for only one copy; but you give it to your juniorIT staff and tell them to install it on every computer in the agency. What haveyou asked your IT staff to install on all the computers in the agency?
What are these sights called that Theresa has been tasked with taking down?
Theresa is an IT security analyst working for the United Kingdom Internet Crimes Bureau in London. Theresa has been assigned to the software piracy division which focuses on taking down individual and organized groups that distribute copyrighted software illegally. Theresa and her division have been responsible for taking down over 2,000 FTP sites hosting copyrighted software. Theresa’s sup ervisor now wants her to focus on finding and taking down websites that host illegal pirated software. What are these sights called that Theresa has been tasked with taking down?
What types of policies has Marshall written for the users working on computers in the publicly-accessible area
Marshall is the information security manager for his company. Marshall wasjust hired on two months ago after the last information security manager retired. Since the last manager did not implement or even write IT policies, Marshallhas begun writing IT security policies to cover every conceivable aspect. Marshall’s supervisor has informed him that while most employees will be under one set of policies, ten other employees will be under another since they work on computers in publicly-accessible areas. Per his supervisor, Marshall has written two sets of policies. For the users working on publicly-accessible computers, their policies state that everything is forbidden. They are not allowed to browsethe Internet or even use email. The only thing they can use is their work related applications like Word and Excel. What types of policies has Marshall written for the users working on computers in the publicly-accessible areas?