Destination unreachable administratively prohibited messages can inform the hacker to what?
Destination unreachable administratively prohibited messages can inform the hacker to what?
Which of the following Nmap commands would be used to perform a stack fingerprinting?
Which of the following Nmap commands would be used to perform a stack fingerprinting?
What is odd about this attack?
Exhibit
(Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic
TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.)
Snort has been used to capture packets on the network. On studying the packets, the penetration
tester finds it to be abnormal. If you were the penetration tester, why would you find this
abnormal?
What is odd about this attack? Choose the best answer.
Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS
Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up
by and IDS?
Name two software tools used for OS guessing?
Name two software tools used for OS guessing? (Choose two.
Which organization coordinates computer crime investigations throughout the United States?
Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle
database server has been compromised and customer information along with financial data has
been stolen. The financial loss will be estimated in millions of dollars if the database gets into the
hands of competitors. Sandra wants to report this crime to the law enforcement agencies
immediately.
Which organization coordinates computer crime investigations throughout the United States?
Which among the following can be used to get this output?
Why do you think this occurs?
You are manually conducting Idle Scanning using Hping2. During your scanning you notice that
almost every query increments the IPID regardless of the port being queried. One or two of the
queries cause the IPID to increment by more than one value. Why do you think this occurs?
How can you modify your scan to prevent triggering this event in the IDS?
While performing ping scans into a target network you get a frantic call from the organization’s
security team. They report that they are under a denial of service attack. When you stop your
scan, the smurf attack event stops showing up on the organization’s IDS monitor. How can you
modify your scan to prevent triggering this event in the IDS?
what would you infer from this scan?
Neil notices that a single address is generating traffic from its port 500 to port 500 of several other
machines on the network. This scan is eating up most of the network bandwidth and Neil is
concerned. As a security professional, what would you infer from this scan?