An IT security engineer notices that the company’s web server is currently being hacked. What
should the engineer do next?

During a penetration test, a tester finds a target that is running MS SQL 2000 with default
credentials. The tester assumes that the service is running with Local System account. How
can this weakness be exploited to access the system?

Which of the following programming languages is most vulnerable to buffer overflow attacks?

Which property ensures that a hash function will not produce the same hashed value for two
different messages?

From the two screenshots below, which of the following is occurring?

Which of the following can the administrator do to verify that a tape backup can be recovered in its
entirety?

An NMAP scan of a server shows port 69 is open. What risk could this pose?

A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows
NT4 web server. While it is effective, the tester finds it tedious to perform extended functions.
On further research, the tester come across a perl script that runs the following msadc
functions:system(“perl msadc.pl -h $host -C \”echo open $your >testfile\””);

Which exploit is indicated by this script?

When setting up a wireless network, an administrator enters a pre-shared key for security. Which
of the following is true?

Which of the following defines the role of a root Certificate Authority (CA) in a Public Key
Infrastructure (PKI)?