Which of the following is a patch management utility that scans one or more computers on your network and aler
Which of the following is a patch management utility that scans one or more computers on your network and alerts you if any important Microsoft security patches are missing. It then provides links that enable those missing patches to be downloaded and installed.
You want to retrieve the Cisco configuration from the router. How would you proceed?
The network administrator at Spears Technology, Inc has configured the default gateway Cisco router’s access-list as below:
Current configuration : 1206 bytes
!
version 12.3
!
hostname Victim
!
enable secret 5 $1$h2iz$DHYpcqURF0APD2aDuA.YX0
!
interface Ethernet0/0
p address dhcp
p nat outside
alf-duplex
!
interface Ethernet0/1
p address 192.168.1.1 255.255.255.0
p nat inside
alf-duplex
!
router rip
etwork 192.168.1.0
!
ip nat inside source list 102 interface Ethernet0/0 overload
no ip http server
ip classless
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 102 permit ip any any
!
snmp-server community public RO
snmp-server community private RW 1
snmp-server enable traps tty
!
line con 0
ogging synchronous
ogin
line aux 0
line vty 0 4
assword secret
ogin
!
!
end
You are hired to conduct security testing on their network. You successfully brute-force the SNMP community string using a SNMP crack tool. The access-list configured at the router prevents you from establishing a successful connection.
You want to retrieve the Cisco configuration from the router. How would you proceed?
How was security compromised and how did the firewall respond?
Dave has been assigned to test the network security of Acme Corp. The test was announced to the employees. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a sand clock to mark the progress of the test. Dave successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access. How was security compromised and how did the firewall respond?
_____ ensures that the enforcement of organizational security policy does not rely on voluntary web applicatio
_____ ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.
What will this command accomplish?
Michael is the security administrator for the ABC company.?Michael has been charged with strengthening the company’s security policies, including its password policies.Due to certain legacy applications, Michael was only able to enforce a password group policy in Active Directory with a minimum of 10 characters.He has informed the company’s employees, however, that the new password policy requires that everyone must have complex passwords with at least 14 characters.Michael wants to ensure that everyone is using complex passwords that meet the new security policy requirements.Michael has just logged on to one of the network’s domain controllers and is about to run the following command.
What will this command accomplish?
Can June use an antivirus program in this case and would it be effective against a polymorphic virus?
June, a security analyst, understands that a polymorphic virus has the ability to mutate and can change its known viral signature and hide from signature-based antivirus programs. Can June use an antivirus program in this case and would it be effective against a polymorphic virus?
Why is Jim having these problems?
Jim was having no luck performing a penetration test on his company’s network. He was running the test from home and had downloaded every security scanner he could lay his hands on. Despite knowing the IP range of all of the systems, and the exact network configuration, Jim was unable to get any useful results. Why is Jim having these problems?
As a security tester, how would you discover what telephone numbers to dial-in to the router?
Wardialing is one of the oldest methods of gaining unauthorized access to the targeted systems, it is one of the dangers most commonly forgotten by network engineers and system administrators. A hacker can sneak past all the expensive firewalls and IDS and connect easily into the network. Through wardialing, an attacker searches for the devices located in the target network infrastructure that are also accessible through the telephone line.
‘Dial backup’ in routers is most frequently found in networks where redundancy is required. Dial-on-demand routing (DDR) is commonly used to establish connectivity as a backup.
As a security tester, how would you discover what telephone numbers to dial-in to the router?
Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the tr
SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?
What type of virus has Lyle found on this computer?
Lyle is a systems security analyst for Gusteffson & Sons, a large law firm in Beverly Hills. Lyle�s responsibilities include network vulnerability scans, Antivirus monitoring, and IDS monitoring. Lyle receives a help desk call from a user in the Accounting department. This user reports that his computer is running very slow all day long and it sometimes gives him an error message that the hard drive is almost full. Lyle runs a scan on the computer with the company antivirus software and finds nothing. Lyle downloads another free antivirus application and scans the computer again. This time a virus is found on the computer.The infected files appear to be Microsoft Office files since they are in the same directory as that software. Lyle does some research and finds that this virus disguises itself as a genuine application on a computer to hide from antivirus software. What type of virus has Lyle found on this computer?