How many possible sequence number combinations are there in TCP/IP protocol?
How many possible sequence number combinations are there in TCP/IP protocol?
What filter should George use in Ethereal?
George is the network administrator of a large Internet company on the west coast. Per corporate
policy, none of the employees in the company are allowed to use FTP or SFTP programs without
obtaining approval from the IT department. Few managers are using SFTP program on their
computers. Before talking to his boss, George wants to have some proof of their activity.
George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his
network. What filter should George use in Ethereal?
which layer of the OSI model?
Software firewalls work at which layer of the OSI model?
What principal of social engineering did Julia use?
Julia is a senior security analyst for Berber Consulting group. She is currently working on a
contract for a small accounting firm in Florida. They have given her permission to perform social
engineering attacks on the company to see if their in-house training did any good. Julia calls the
main number for the accounting firm and talks to the receptionist. Julia says that she is an IT
technician from the company’s main office in Iowa. She states that she needs the receptionist’s
network username and password to troubleshoot a problem they are having. Julia says that Bill
Hammond, the CEO of the company, requested this information. After hearing the name of the
CEO, the receptionist gave Julia all the information she asked for.
What principal of social engineering did Julia use?
Why is that?
John is using Firewalk to test the security of his Cisco PIX firewall. He is also utilizing a sniffer
located on a subnet that resides deep inside his network. After analyzing the sniffer log files, he
does not see any of the traffic produced by Firewalk. Why is that?
what type of IDS is being used?
When you are running a vulnerability scan on a network and the IDS cuts off your connection,
what type of IDS is being used?
What information will you be able to gather?
As a security analyst you setup a false survey website that will require users to create a username
and a strong password. You send the link to all the employees of the company. What information
will you be able to gather?
what privilege should the daemon service be run under?
On Linux/Unix based Web servers, what privilege should the daemon service be run under?
What has happened?
You are running through a series of tests on your network to check for any security vulnerabilities.
After normal working hours, you initiate a DoS attack against your external firewall. The firewall
quickly freezes up and becomes unusable. You then initiate an FTP connection from an external
IP into your internal network. The connection is successful even though you have FTP blocked at
the external firewall. What has happened?
What networking protocol language should she learn that routers utilize?
Kimberly is studying to be an IT security analyst at a vocational school in her town. The school
offers many different programming as well as networking languages. What networking protocol
language should she learn that routers utilize?