what will be the result?
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP
cache of these switches. If these switches’ ARP cache is successfully flooded, what will be the
result?
What can he do to help ensure this?
John wishes to install a new application onto his Windows 2000 server.
He wants to ensure that any application he uses has not been Trojaned.
What can he do to help ensure this?
What is the hexadecimal value of NOP instruction?
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in
the program exploit.c
What is the hexadecimal value of NOP instruction?
Identify the remote server’s port number by decoding the packet?
Jason’s Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the
trojan communicates to a remote server on the Internet. Shown below is the standard “hexdump”
representation of the network packet, before being decoded. Jason wants to identify the trojan by
looking at the destination port number and mapping to a trojan-port number database on the
Internet. Identify the remote server’s port number by decoding the packet?
This TCP flag instructs the sending system to transmit all buffered data immediately.
This TCP flag instructs the sending system to transmit all buffered data immediately.
Which of the following Netcat commands would be used to perform a UDP scan of the lower 1024 ports?
Which of the following Netcat commands would be used to perform a UDP scan of the lower 1024
ports?
How would you proceed?
The network administrator at Spears Technology, Inc has configured the default gateway Cisco
router’s access-list as below:
You are hired to conduct security testing on their network. You successfully brute-force the SNMP
community string using a SNMP crack tool. The access-list configured at the router prevents you
from establishing a successful connection. You want to retrieve the Cisco configuration from the
router. How would you proceed?
Sniffing is considered an active attack.
Sniffing is considered an active attack.
How will you achieve this without raising suspicion?
You work for Acme Corporation as Sales Manager. The company has tight network security
restrictions. You are trying to steal data from the company’s Sales database (Sales.xls) and
transfer them to your home computer. Your company filters and monitors traffic that leaves from
the internal network to the Internet. How will you achieve this without raising suspicion?
A file integrity program such as Tripwire protects against Trojan horse attacks by:
A file integrity program such as Tripwire protects against Trojan horse attacks by: