Carl has successfully compromised a web server from behind a firewall by exploiting a vulnerability in the web server program. He wants to proceed by installing a backdoor program. However, he is aware that not all inbound ports on the firewall are in the open state.

From the list given below, identify the port that is most likely to be open and allowed to reach the server that Carl has just compromised.

John is the network administrator of XSECURITY systems. His network was recently compromised. He analyzes the logfiles to investigate the attack.

Take a look at the following Linux logfile snippet. The hacker compromised and "owned" a Linux machine. What is the hacker trying to accomplish here?

[root@apollo /]# rm rootkit.c

[root@apollo /]# [root@apollo /]# ps -aux | grep inetd ; ps -aux | grep portmap ;

rm /sbin/portmap ; rm /tmp/h ; rm /usr/sbin/rpc.portmap ; rm -rf .bash* ; rm –

rf /root/.bash_history ; rm – rf /usr/sbin/namedps -aux | grep inetd ; ps -aux | grep portmap ; rm /sbin/por359 ? 00:00:00 inetd 359 ? 00:00:00 inetd

rm: cannot remove `/tmp/h’: No such file or directory

rm: cannot remove `/usr/sbin/rpc.portmap’: No such file or directory

[root@apollo /]# ps -aux | grep portmap

[root@apollo /]# [root@apollo /]# ps -aux | grep inetd ; ps -aux | grep portmap ; rm /sbin/portmap ;

rm /tmp/h ; rm /usr/sbin/rpc.portmap ; rm -rf .bash* ; rm -rf /root/.bash_history ; rm – rf /usr/sbin/namedps -aux | grep inetd ; ps -aux | grep portmap ; rm /sbin/por359 ? 00:00:00 inetd

rm: cannot remove `/sbin/portmap’: No such file or directory

rm: cannot remove `/tmp/h’: No such file or directory

>rm: cannot remove `/usr/sbin/rpc.portmap’: No such file or directory

[root@apollo /]# rm: cannot remove `/sbin/portmap’: No such file or directory

Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords.(Choose all that apply.

What is the expected result of the following exploit?

What does the this symbol mean?

Jackson discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. What authentication mechanism is being followed here?

Bank of Timbukut is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web Application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a web browser.

John Stevens is in charge of information security at Bank of Timbukut. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank’s customers had been changed ! However, money hasn’t been removed from the bank, instead money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web Application’s logs and found the following entries.

What kind of attack did the Hacker attempt to carry out at the Bank?

802.11b is considered a ____________ protocol.

Exhibit:

You are conducting pen-test against a company’s website using SQL Injection techniques. You enter "anuthing or 1=1-" in the username filed of an authentication form. This is the output returned from the server.

What is the next step you should do?

What is the problem with this ASP script (login.asp)?

<%

Set objConn = CreateObject("ADODB.Connection")

objConn.Open Application("WebUsersConnection")

sSQL="SELECT * FROM Users where Username=? & Request("user") & _

"?and Password=? & Request("pwd") & "?

Set RS = objConn.Execute(sSQL)

If RS.EOF then

Response.Redirect("login.asp?msg=Invalid Login")

Else

Session.Authorized = True

Set RS = nothing

Set objConn = nothing Response.Redirect("mainpage.asp")

End If

%>