Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been
able to spawn an interactive shell and plans to deface the main web page. He first attempts to use
the “Echo” command to simply overwrite index.html and remains unsuccessful. He then attempts
to delete the page and achieves no progress. Finally, he tries to overwrite it with another page
again in vain.

What is the probable cause of Bill’s problem?

Which of the following is a protocol that is prone to a man-in-the-middle (MITM) attack and maps a
32-bit address to a 48-bit address?

Snort is an open source Intrusion Detection system. However, it can also be used for a few other
purposes as well.
Which of the choices below indicate the other features offered by Snort?

Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid
detection by the network’s IDS?

When referring to the Domain Name Service, what is denoted by a ‘zone’?

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of

the following choices would be a common vulnerability that usually exposes them?

Statistics from cert.org and other leading security organizations has clearly showed a steady rise
in the number of hacking incidents perpetrated against companies.
What do you think is the main reason behind the significant increase in hacking attempts over the
past years?

Which type of access control is used on a router or firewall to limit network activity?

You are doing IP spoofing while you scan your target. You find that the target has port 23 open.
Anyway you are unable to connect. Why?

While examining a log report you find out that an intrusion has been attempted by a machine
whose IP address is displayed as 0xde.0xad.0xbe.0xef. It looks to you like a hexadecimal number.
You perform a ping 0xde.0xad.0xbe.0xef. Which of the following IP addresses will respond to the
ping and hence will likely be responsible for the intrusion?