Which one of the following attacks will pass through a network layer intrusion detection system undetected?
Which one of the following attacks will pass through a network layer intrusion detection system
undetected?
Why would an ethical hacker use the technique of firewalking?
Why would an ethical hacker use the technique of firewalking?
What makes web application vulnerabilities so aggravating?
What makes web application vulnerabilities so aggravating? (Choose two)
Which of the following strategies can be used to defeat detection by a network-based IDS application?
An employee wants to defeat detection by a network-based IDS application. He does not want to
attack the system containing the IDS application.
Which of the following strategies can be used to defeat detection by a network-based IDS
application? (Choose the best answer)
From the list given below, identify the port that is most likely to be open and allowed to reach the server th
Carl has successfully compromised a web server from behind a firewall by exploiting a
vulnerability in the web server program. He wants to proceed by installing a backdoor program.
However, he is aware that not all inbound ports on the firewall are in the open state.
From the list given below, identify the port that is most likely to be open and allowed to reach the
server that Carl has just compromised.
What can you infer from this observation?
While scanning a network you observe that all of the web servers in the DMZ are responding to
ACK packets on port 80.
What can you infer from this observation?
How can you achieve this?
You are the security administrator for a large network. You want to prevent attackers from running
any sort of traceroute into your DMZ and discover the internal structure of publicly accessible
areas of the network.
How can you achieve this?
(Choose two)
Bob, an Administrator at XYZ was furious when he discovered that his buddy Trent, has launched
a session hijack attack against his network, and sniffed on his communication, including
administrative tasks suck as configuring routers, firewalls, IDS, via Telnet.
Bob, being an unhappy administrator, seeks your help to assist him in ensuring that attackers such
as Trent will not be able to launch a session hijack in XYZ.
Based on the above scenario, please choose which would be your corrective measurement
actions. (Choose two)
Which one of the following techniques can be very effective at avoiding proper detection?
Network Intrusion Detection systems can monitor traffic in real time on networks.
Which one of the following techniques can be very effective at avoiding proper detection?
What do you conclude from the nmap results below?
What do you conclude from the nmap results below?
Staring nmap V. 3.10ALPHA0 (www.insecure.org/map/)
(The 1592 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
25/tcp open smtp
80/tcp open http
443/tcp open https
Remote operating system guess: Too many signatures match the reliability guess the OS. Nmap
run completed – 1 IP address (1 host up) scanned in 91.66 seconds