How can this help you in foot printing the organization?
You are gathering competitive intelligence on an organization. You notice that they have jobs
listed on a few Internet job-hunting sites. There are two jobs for network and system
administrators. How can this help you in foot printing the organization?
which of the following bit set?
TCP packets transmitted in either direction after the initial three-way handshake will have which of
the following bit set?
Identify the line in the source code that might lead to buffer overflow?
The programmers on your team are analyzing the free, open source software being used to run
FTP services on a server in your organization. They notice that there is excessive number of
functions in the source code that might lead to buffer overflow. These C++ functions do not check
bounds. Identify the line in the source code that might lead to buffer overflow?
What framework architecture is shown in this exhibit?
What framework architecture is shown in this exhibit?
Which of the following steganography utilities exploits the nature of white space and allows the user to conce
Which of the following steganography utilities exploits the nature of white space and allows the
user to conceal information in these white spaces?
How long will it take to crack the password by an attacker?
You have chosen a 22 character word from the dictionary as your password. How long will it take
to crack the password by an attacker?
What vulnerability is detected in the web application here?
While testing web applications, you attempt to insert the following test script into the search area
on the company’s web site:
<script>alert(‘Testing Testing Testing’)</script>
Later, when you press the search button, a pop up box appears on your screen with the text
“Testing Testing Testing”. What vulnerability is detected in the web application here?
What techniques would you use to evade IDS during a Port Scan?
What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)
What kind of Denial of Service attack was best illustrated in the scenario above?
Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would
result in serious financial losses. He planned the attack carefully and carried out the attack at the
appropriate moment.
Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction
server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot
the system, as no one was able to access the resources of the company. This process involves
human interaction to fix it.
What kind of Denial of Service attack was best illustrated in the scenario above?
What tool would be best used to accomplish this?
Johnny is a member of the hacking group Orpheus1. He is currently working on breaking into the
Department of Defense’s front end Exchange Server. He was able to get into the server, located in
a DMZ, by using an unused service account that had a very weak password that he was able to
guess. Johnny wants to crack the administrator password, but does not have a lot of time to crack
it. He wants to use a tool that already has the LM hashes computed for all possible permutations
of the administrator password.
What tool would be best used to accomplish this?