What is most likely occurring here?
Simon is the network administrator for his company. Simon is also an IT security expert with over 10 security-related certifications. Simon has been askedby the company CIO to perform a comprehensive security audit of the entire network. After auditing the network at the home office without finding any issues,he travels to one of the company’s branch offices in New Orleans. The first task that Simon carries out is to set up traffic mirroring on the internal-facing port of that office’s firewall. On this port, he uses Wireshark to capture traffic. Alarmingly, he finds a huge number of UDP packets going both directions onports 2140 and 3150. What is most likely occurring here?
What would be the best password attack methodfor Lauren to use in this situation?
Lauren is a network security officer for her agency, a large state-run agency in California. Lauren has been asked by the IT manager of another state agency to perform a security audit on their network. This audit she has been asked to perform will be an external audit. The IT manager thought that Lauren would be a great candidate for this task since she does not work for the other agency but is an accomplished IT auditor. The first task that she has been asked to perform is to attempt to crack user passwords. Since Lauren knows that all state agency passwords must abide by the same password policy, she believes she can finish this particular task quickly. What would be the best password attack methodfor Lauren to use in this situation?
From one of the client computers running Linux, you open a command shell and type in the following command:Wha
You are the chief security information analyst for our company Utilize Incorporated. You are currently preparing for a future security audit that will be performed by a consulting company. This security audit is required by company policy. To prepare, you are performing vulnerability analysis, scanning, brute force, and many other techniques. Your network is comprised of Windows as well as Linux servers. From one of the client computers running Linux, you open a command shell and type in the following command:
What are you trying to accomplish?
What software utility can Paul use to notify him if any war dialing attempts are made on his PBX?
Paul is the systems administrator for One-Time International, a computer manufacturing company. Paul is in charge of the company’s older PBX system as well as its workstations and servers. The company’s internal network is connected to the PBX phone system so that customized software applications used by employees can use the PBX to dial out to customers. Paul is concerned about crackers breaking into his networkby way of the PBX. He is particularly worried about war dialing software that might try all of the company’s nmbers to find a way in. What software utility can Paul use to notify him if any war dialing attempts are made on his PBX?
What type of scan is Hayden attempting here?
Hayden iis the network security administrator for her company, a large marking firm based in Miami. Hayden just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. Hayden is worried about the current security threats; many of which she did not know of. Hayden is worried about the current security state of her company’s network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response.Before the connection is established she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic. What type of scan is Hayden attempting here?
He types in the following command:What is Jonathan trying to accomplish by using HPING2?
Jonathan is an IT Security consultant working for Innovative Security, an IT auditing company in Houston. Jonathan has just been hired on to audit the network of a large law firm company in Houston. Jonathan starts his work by perfoming some initial passive scans and social engineering. He then uses Angry IP to scan for live hosts on the firm’s network. After finding some live IP addresses, he attempts some firewalking techniques to bypass the firewall using ICMP but the firewall blocks this traffic. Jonathan decides to use HPING2 to hopefully bypass the firewall this time. He types in the following command:
What is Jonathan trying to accomplish by using HPING2?
This external auditor types in the folloing Google search attempting to glean information from the web server:
George is the senior security analyst for Tyler Manufacturing, a motorcycle manufacturing company in Seattle. George has been tasked by the president of the company to perform a complete network security audit. The president is most concerned about crackers breaking in through the company’s web server. This web server is vital to the company’s business since over one million dollars of product is sold online every year. The company’s web address is at www.customchoppers.com. George decides to hire an external security auditor to try and break into the network through the web server. This external auditor types in the folloing Google search attempting to glean information from the web server:
What is the auditor trying to accomplish here?
Kyle then types in another URL:What is Kyle attempting here?
Kyle is a security consultant currently working under contract for a large financial firm based in San Francisco. Kyle has been asked by the company to perform any and all tests necessary to ensure that every point of the network is secure. Kyle first performs some passive footprinting. He finds the company’s website which he checks out thoroughly for information. Kyle sets up an account with the company and logs on to their website with his information.
Kyle changes the URL to:
This address produces a Page Cannot be Displayed error. Kyle then types in another URL:
What is Kyle attempting here?
What are you trying to do here?
You are the chief information officer for yuor company, a shipping company based out of Oklahoma City. You are responsible for network security throughout the home office and all branch offices. You have implemented numerous layers of security from logical to physical. As part of your procedures, you perform a yearly network assessment which includesa vulnerability analysis internal network scanning, and external penetration tests. Your main concern currently is the server in the DMZ hosts a number of company websites. To see how the server appears to external users, you log onto a laptop at a Wi-Fi hotspot. Since you already know the IP address of the web server, you create a telnet session to that server and type in the command:
HEAD /HTTP/1.0
After typing in this command, you are presented with the following screen:
What are you trying to do here?
Where can Stephanie go to see pass versions and pages of a website?
Stephanie is the senior security analyst for her company, a manufacturing company in Detroit. Stephanie is in charge of maintaining network security throughout the entire company. A colleague of hers recently told her in confidence that he was able to see confidential corporate information on Stephanie’s external website. He was typing in URLs randomly on the company website and he found information that should not be public. Her friend said this happened about a month ago. Stephanie goes to the addresses he said the page were at, but she finds nothing. She is very concerned about this, since someone should be held accountable if there really was sensitive information posted on the website. Where can Stephanie go to see pass versions and pages of a website?