You are the network administrator for a small bank in Dallas, Texas. To ensure network security, you enact a security policy that requires all users to have 14 character passwords. After giving your users 2 weeks notice, you change the Group Policy to force 14 character passwords. A week later you dump the SAM database from the standalone server and run a password-cracking tool against it. Over 99% of the passwords are broken within an hour. Why were these passwords cracked so quickly?

At what layer of the OSI model do routers function on?

What will the following command produce on a website login page?What will the following command produce on a website? login page?
SELECT email, passwd, login_id, full_name
FROM members
WHERE email = ‘someone@somehwere.com’; DROP TABLE members; –‘

You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:
alert(“This is a test.”)
When you type this and click on search, you receive a pop-up window that says:
“This is a test.”
What is the result of this test?

Why are Linux/Unix based computers better to use than Windows computers for idle scanning?

You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?