What has Tarik set up here to catch employees accessing unauthorized documents?
Tarik is the systems administrator for Qwerty International, a computer parts manufacturing company in San Francisco. Tarik just passed his certified ethical hacker test and now wants to implement many of the things he learned in class. The first project that Tarik completes is to create IT security policies thatcover everything security related from logical to physical. Through managementapproval, all employees must sign and agree to the policies or face disciplinary action. One policy in particular, network file access, is of importance to Tarik and his superiors because of past incidents where employees accessed unauthorized documents. Tarik has fine-tuned the ACL’s to where no one can access information outside of their department’s network folder. To catch anyone that might attempt to access unauthorized files or folders, Tarik creates a folder in theroot of the network file share. Tarik names this folder “HR-Do Not Open”. Inthis folder, Tarik creates many fake HR documents referring to personal information of employees that do not exist. In each document, he places headers and footers that read “Do Not Print or Save”. Then Tarik sets up logging and monitoring to see if anyone accesses the folder and its contents. After only one week, Tarik records two separate employees opening the fake HR files, printing them, and saving them to their personal directories. What has Tarik set up here to catch employees accessing unauthorized documents?
What tech nique was used by the Kiley Innovators employee to send information to the rivalmarketing company?
Lori is a certified ethical hacker as well as a certified hacking forensics investigator working as an IT security consultant. Lori has been hired on by Kiley Innovators, a large marketing firm that recently underwent a string of thefts and corporate espionage incidents. Lori is told that a rival marketing company came out with an exact duplicate product right before Kiley Innovators was abo ut to release it. The executive team believes that an employee is leaking information to the rival company. Lori questions all employees, reviews server logs,and firewall logs; after which she finds nothing. Lori is then given permission to search through the corporate email system. She searches by email being sent to and sent from the rival marketing company. She finds one employee that appears to be sending very large email to this other marketing company, even thoughthey should have no reason to be communicating with them. Lori tracks down theactual emails sent and upon opening them, only finds picture files attached tothem. These files seem perfectly harmless, usually containing some kind of joke. Lori decides to use some special software to further examine the pictures andfinds that each one had hidden text that was stored in each picture. What tech nique was used by the Kiley Innovators employee to send information to the rivalmarketing company?
What type of attack has Cindy used to gain access tothe network through the mobile devices?
Cindy is a certified ethical hacker working on contract as an IT consultantfor Dewdrop Enterprises, a computer manufacturing company based in Dallas. Dewdrop has many sales people that travel all over the state using Blackberry devices and laptops. These mobile devices are the company’s main concern as far as network security. About a year ago, one of the company laptops was stolen from asales person and sensitive company information was stolen from it. Because of this, the company has hired on Cindy to ensure that all mobile devices used by employees are secure. Since many of the employees are now using new laptops withWindows Vista, Cindy has configured Bitlocker on those devices for hard disk encryption. Cindy then uses the BlackBerry Attack Toolkit along with BBProxy to check for vulnerabilities on the blackberry devices. As it turns out, these devices are vulnerable and she is able to gain access to the corporate network throug h the Blackberry devices. What type of attack has Cindy used to gain access tothe network through the mobile devices?
What will this command accomplish for Sydney?
Sydney is a certified ethical hacker working as the systems administrator for Galt Riderson International. Sydney is an expert in Linux systems and is utilizing IPTables to protect Linux clients as well as servers. After monitoring the firewall log files, Sydney has been fine tuning the firewall on many clients to adjust for the best security. Sydney types in the following command:
iptables -A INPUT -s 0/0 -I eth1 -d 192.168.254.121 -p TCP -j ACCEPT
What will this command accomplish for Sydney?
What type of session attack is Gerald employing here?
Gerald is a certified ethical hacker working for a large financial institution in Oklahoma City. Gerald is currently performing an annual security audit ofthe company’s network. One of the company’s primary concerns is how the corporate data is transferred back and forth from the banks all over the city to the data warehouse at the company’s home office. To see what type of traffic is being passed back and forth and to see how secure that data really is, Gerald uses asession hijacking tool to intercept traffic between a server and a client. Gerald hijacks an HTML session between a client running a web application which connects to a SQL database at the home office. Gerald does not kill the client’s session; he simply monitors the traffic that passes between it and the server. What type of session attack is Gerald employing here?
Who is an Ethical Hacker?
Who is an Ethical Hacker?
What is the essential difference between an 'Ethical Hacker' and a 'Cracker'?
What is the essential difference between an ‘Ethical Hacker’ and a ‘Cracker’?