Which of the choices below are the proper features offered by Snort?
Snort is an open source Intrusion Detection System. However, it can also be used for a few other purposes such as a sniffer. Which of the choices below are the proper features offered by Snort?
Which of the following options would indicate the best course of action for John?
John wants to try a new hacking tool on his Linux system. As the application comes from a site in his untrusted zone, John wants to ensure that the downloaded tool has not been Trojaned. Which of the following options would indicate the best course of action for John?
Which of the following comes as one of the last steps that should be taken to ensure that the compromise canno
An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?
What would be the name of this tool?
John is using a special tool on his Linux platform that has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI scripts. Moreover, the database detects DDoS zombies and Trojans as well. What would be the name of this tool?
What do the signature of attack for SYN Flood contains?
SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large number of half-open TCP connections. The signature of attack for SYN Flood contains:
Which of the following type of scans would be the most accurate and reliable?
Nathalie would like to perform a reliable scan against a remote target. She is not concerned about being stealth at this point. Which of the following type of scans would be the most accurate and reliable?
What tool would be best used to have the LM hashes computed for all possible permutations of the administrator
Johnny is a member of the hacking group Orpheus1. He is currently working on breaking into the Department of Defense’s front end Exchange Server. He was able to get into the server, located in a DMZ, by using an unused service account that had a very weak password that he was able to guess. Johnny wants to crack the administrator password, but does not have a lot of time to crack it. He wants to use a tool that already has the LM hashes computed for all possible permutations of the administrator password.?
What tool would be best used to accomplish this?
How can an attacker disguise his buffer overflow attack signature such that there is a greater probability of
Basically, there are two approaches to network intrusion detection: signature detection, and anomaly detection. The signature detection approach utilizes well-known signatures for network traffic to identify potentially malicious traffic. The anomaly detection approach utilizes a previous history of network traffic to search for patterns that are abnormal, which would indicate an intrusion. How can an attacker disguise his buffer overflow attack signature such that there is a greater probability of his attack going undetected by the IDS?
Which of the following encryption is not based on block cipher?
Which of the following encryption is not based on block cipher?
How do you disable LM authentication in Windows XP?
LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user’s password. How do you disable LM authentication in Windows XP?