Name two software tools used for OS guessing?
Name two software tools used for OS guessing? (Choose two.
What display filter should you use that shows all TCP packets that contain the word ‘facebook’?
You want to capture Facebook website traffic in Wireshark. What display filter should you use that
shows all TCP packets that contain the word ‘facebook’?
Which organization coordinates computer crime investigations throughout the United States?
Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle
database server has been compromised and customer information along with financial data has
been stolen. The financial loss will be estimated in millions of dollars if the database gets into the
hands of competitors. Sandra wants to report this crime to the law enforcement agencies
immediately.
Which organization coordinates computer crime investigations throughout the United States?
What is the correct code when converted to html entities?
XSS attacks occur on Web pages that do not perform appropriate bounds checking on data
entered by users. Characters like < > that mark the beginning/end of a tag should be converted
into HTML entities.
What is the correct code when converted to html entities?
Which among the following can be used to get this output?
While reviewing the result of scanning run against a target network you come across the following:
Which among the following can be used to get this output?
Here are some of the symptoms of a disgruntled employee:
Most cases of insider abuse can be traced to individuals who are introverted, incapable of dealing
with stress or conflict, and frustrated with their job, office politics, and lack of respect or promotion.
Disgruntled employees may pass company secrets and intellectual property to competitors for
monitory benefits.
Here are some of the symptoms of a disgruntled employee:
Why do you think this occurs?
You are manually conducting Idle Scanning using Hping2. During your scanning you notice that
almost every query increments the IPID regardless of the port being queried. One or two of the
queries cause the IPID to increment by more than one value. Why do you think this occurs?
What is the risk of installing Fake AntiVirus?
Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This
malware uses social engineering to lure users into infected websites with a technique called
Search Engine Optimization.
Once the Fake AV is downloaded into the user’s computer, the software will scare them into
believing their system is infected with threats that do not really exist, and then push users to
purchase services to clean up the non-existent threats.
The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is
made.
What is the risk of installing Fake AntiVirus?
How can you modify your scan to prevent triggering this event in the IDS?
While performing ping scans into a target network you get a frantic call from the organization’s
security team. They report that they are under a denial of service attack. When you stop your
scan, the smurf attack event stops showing up on the organization’s IDS monitor. How can you
modify your scan to prevent triggering this event in the IDS?
How would you describe an attack where an attacker attempts to deliver the payload over multiple packets…
How would you describe an attack where an attacker attempts to deliver the payload over multiple
packets over long periods of time with the purpose of defeating simple pattern matching in IDS
systems without session reconstruction? A characteristic of this attack would be a continuous
stream of small packets.