what range of sequence numbers should a packet, sent by the client fall in order to be accepted by the server?
You want to carry out session hijacking on a remote server. The server and the client are
communicating via TCP after a successful TCP three way handshake. The server has just
received packet #120 from the client. The client has a receive window of 200 and the server has a
receive window of 250.
Within what range of sequence numbers should a packet, sent by the client fall in order to be
accepted by the server?
What type of scan is Hayden attempting here?
Hayden is the network security administrator for her company, a large finance firm based in Miami.
Hayden just returned from a security conference in Las Vegas where they talked about all kinds of
old and new security threats; many of which she did not know of. Hayden is worried about the
current security state of her company’s network so she decides to start scanning the network from
an external IP address. To see how some of the hosts on her network react, she sends out SYN
packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the
connection is established she sends RST packets to those hosts to stop the session. She does
this to see how her intrusion detection system will log the traffic. What type of scan is Hayden
attempting here?
How would you prevent session hijacking attacks?
How would you prevent session hijacking attacks?
Identify the correct statement related to the above Web Server installation?
Web servers are often the most targeted and attacked hosts on organizations’ networks. Attackers
may exploit software bugs in the Web server, underlying operating system, or active content to
gain unauthorized access.
Identify the correct statement related to the above Web Server installation?
Which of the following attacks takes best advantage of an existing authenticated connection?
Which of the following attacks takes best advantage of an existing authenticated connection?
what will be the response?
If an attacker’s computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on a
closed port, what will be the response?
Why is this considered to be more secure than Basic authentication?
Tess King is making use of Digest Authentication for her Web site. Why is this considered to be
more secure than Basic authentication?
What is Jacob seeing here?
Jacob is looking through a traffic log that was captured using Wireshark. Jacob has come across
what appears to be SYN requests to an internal computer from a spoofed IP address. What is
Jacob seeing here?
Which of the following options would be your current privileges?
You have successfully run a buffer overflow attack against a default IIS installation running on a
Windows 2000 Server. The server allows you to spawn a shell. In order to perform the actions
you intend to do, you need elevated permission. You need to know what your current privileges
are within the shell. Which of the following options would be your current privileges?
Which of the following Registry location does a Trojan add entries to make it persistent on Windows 7?
Which of the following Registry location does a Trojan add entries to make it persistent on
Windows 7? (Select 2 answers)