Which tool is used to automate SQL injections and exploit a database by forcing a given web
application to connect to another database controlled by a hacker?

Why do you need to capture five to ten million packets in order to crack WEP with AirSnort?

A security analyst is performing an audit on the network to determine if there are any deviations
from the security policies in place. The analyst discovers that a user from the IT department had a
dial-out modem installed. Which security policy must the security analyst check to see if dial-out
modems are allowed?

Sally is a network admin for a small company. She was asked to install wireless accesspoints in
the building. In looking at the specifications for the access-points, she sees that all of them offer
WEP. Which of these are true about WEP?

Select the best answer.

A company is using Windows Server 2003 for its Active Directory (AD). What is the most efficient
way to crack the passwords for the AD users?

Joe Hacker is going wardriving. He is going to use PrismStumbler and wants it to go to a GPS
mapping software application. What is the recommended and well-known GPS mapping package
that would interface with PrismStumbler?
Select the best answer.

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the
following?

Virus Scrubbers and other malware detection program can only detect items that they are aware
of. Which of the following tools would allow you to detect unauthorized changes or modifications of
binary files on your system by unknown malware?

Passive reconnaissance involves collecting information through which of the following?

What are the main drawbacks for anti-virus software?