What type of initial analysis has Charlie performed to show the company which areas it needs improvements in?
Charlie is an IT security consultant that owns his own business in Denver.Charlie has recently been hired by Fleishman Robotics, a mechanical engineeringcompany also in Denver. After signing service level agreements and other contract papers, Charlie asks to look over the current company security policies. Based on these policies, Charlie compares the policies against what is actually inplace to secure the company’s network. From this information, Charlie is able to produce a report to give to company executives showing which areas the companyis lacking in. This report then becomes the basis for all of Charlie’s remaini ng tests. What type of initial analysis has Charlie performed to show the company which areas it needs improvements in?
Whattype of signature has Justine decided to implement?
Justine is the systems administrator for her company, an international shipping company with offices all over the world. Recent US regulations have forcedthe company to implement stronger and more secure means of communication. Justine and other administrators have been put in charge of securing the company’s digital communication lines. After implementing email encryption, Justine now needs to implement robust digital signatures to ensure data authenticity and reliability. Justine has decided to implement digital signatures which are a variantof DSA and that operate on elliptical curve groups. These signatures are more efficient than DSA and are not vulnerable to a number field sieve attacks. Whattype of signature has Justine decided to implement?
What will the following SQL statement accomplish?
Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy’s first task is to scan all the company’s external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:
SELECT * from Users where username=’admin’ — AND password=’’ AND email like ‘%@testers.com%’
What will the following SQL statement accomplish?
What type of attack are yougoing to attempt on the company’s network?
You are an IT security consultant working on a six month contract with a large energy company based in Kansas City. The energy company has asked you to perform DoS attacks against its branch offices to see if their configurations and network hardening can handle the load. To perform this attack, you craft UDP packets that you know are too large for the routers and switches to handle. You also put confusing offset values in the second and later fragments to confuse thenetwork if it tries to break up the large packets. What type of attack are yougoing to attempt on the company’s network?
What type of social engineering attack has Neil employed here?
Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company’s entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?
What type of scan is Hayden attempting here?
Hayden iis the network security administrator for her company, a large marking firm based in Miami. Hayden just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. Hayden is worried about the current security threats; many of which she did not know of. Hayden is worried about the current security state of her company’s network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response.Before the connection is established she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic. What type of scan is Hayden attempting here?
Where can Stephanie go to see pass versions and pages of a website?
Stephanie is the senior security analyst for her company, a manufacturing company in Detroit. Stephanie is in charge of maintaining network security throughout the entire company. A colleague of hers recently told her in confidence that he was able to see confidential corporate information on Stephanie’s external website. He was typing in URLs randomly on the company website and he found information that should not be public. Her friend said this happened about a month ago. Stephanie goes to the addresses he said the page were at, but she finds nothing. She is very concerned about this, since someone should be held accountable if there really was sensitive information posted on the website. Where can Stephanie go to see pass versions and pages of a website?
What incidentlevel would this situation be classified as?
Darren is the network administrator for Greyson & Associates, a large law firm in Houston. Darren is responsible for all network functions as well as any digital forensics work that is needed. Darren is examining the firewall logs onemorning and notices some unusual activity. He traces the activity target to one of the firm�s internal file servers and finds that many documents on that server were destroyed. After performing some calculations, Darren finds the damageto be around $75,000 worth of lost data. Darren decides that this incident should be handled and resolved within the same day of its discovery. What incidentlevel would this situation be classified as?