What registry key permission should Theresa check to ensure that Qfecheck runs properly?
Theresa is the chief information security officer for her company, a large shipping company based out of New York City. In the past, Theresa and her IT employees manually checked the status of client computers on the network to see ifthey had the most recent Microsoft updates. Now that the company has added over100 more clients to accommodate new departments, Theresa must find some kind of tool to see whether the clients are up-to-date or not. Theresa decides to useQfecheck to monitor all client computers. When Theresa runs the tool, she is repeatedly told that the software does not have the proper permissions to scan. Theresa is worried that the operating system hardening that she performs on all clients is keeping the software from scanning the necessary registry keys on theclient computers. What registry key permission should Theresa check to ensure that Qfecheck runs properly?
What type of social engineering attack has Neil employed here?
Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company’s entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?
What kind of attack is this program susceptible to?
The programmers on your team are analyzing the free, open source software being used to run FTP services on a server. They notice that there is an excessive number of fgets() and gets() on the source code. These C++ functions do not check bounds. What kind of attack is this program susceptible to?
Which of the following nmap commands in Linux produces the above output?
Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2006-09-25 00:01 EST Host 192.168.0.0 seems to be a subnet broadcast address (returned 4 extra pings).
Host 192.168.0.1 appears to be up.
MAC Address: 00:12:17:31:4F:C4 (Cisco-Linksys)
Host 192.168.0.6 appears to be up.
MAC Address: 00:C0:4F:A1:25:4A (Dell Computer)
Host 192.168.0.10 appears to be up.
MAC Address: 00:B0:D0:FE:87:68 (Dell Computer)
Host 192.168.0.13 appears to be up.
MAC Address: 00:C0:4F:A1:25:89 (Dell Computer)
Host 192.168.0.100 appears to be up.
MAC Address: 00:C0:4F:A1:27:BF (Dell Computer)
Host 192.168.0.103 appears to be up.
MAC Address: 00:0D:88:66:FB:87 (D-Link)
Host 192.168.0.104 appears to be up.
Host 192.168.0.108 appears to be up.
MAC Address: 00:11:D8:90:D6:7F (Asustek Computer)
Host 192.168.0.255 seems to be a subnet broadcast address (returned 4 extra pings).
Nmap run completed — 256 IP addresses (8 hosts up) scanned in 4.390 seconds
Which of the following nmap commands in Linux produces the above output?
What fraud detection technique will the new retail portal beusing?
Pauline is the IT manager for Techworks, an online retailer based out of St.Louis. Pauline is in charge of 8 IT employees which include 3 developers. These developers have recently created a new checkout website that is supposed to be more secure than the one currently being used by the company. After numerousfraud attempts on the website, the company�s CIO decided that there needed to bea change; creating a more secure checkout portal that will check for potentialfraud. This new portal checks for fraud by looking for multiple orders that areto be delivered to the same address but using different cards, different ordersoriginating from the same IP address, credit card numbers vary by only a few digits, and users repeatedly submiting the same credit card numbers with differentexpiration dates. What fraud detection technique will the new retail portal beusing?
What incidentlevel would this situation be classified as?
Darren is the network administrator for Greyson & Associates, a large law firm in Houston. Darren is responsible for all network functions as well as any digital forensics work that is needed. Darren is examining the firewall logs onemorning and notices some unusual activity. He traces the activity target to one of the firm�s internal file servers and finds that many documents on that server were destroyed. After performing some calculations, Darren finds the damageto be around $75,000 worth of lost data. Darren decides that this incident should be handled and resolved within the same day of its discovery. What incidentlevel would this situation be classified as?
Why is using passwords to protect PDF documents not enough to safeguard against information leakage?
Heather is the network administrator for her company, a small medical billing company in Billings. Since the company handles personal information for thousands of clients, they must comply with HIPAA rules and regulations. Heather downloads all the HIPAA requirements for information security and begins an audit of the company. Heather finds out that many of the billing technicians have beensending sensitive information in PDF documents to outside companies. To protec
t this information, they have been password protecting the PDF documents. Heather has informed all the technicians that this method of protecting the data is not safe enough. Why is using passwords to protect PDF documents not enough to safeguard against information leakage?
Identify the line in the source code that might lead to buffer overflow?
The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive number of functions in the source code that might lead to buffer overflow. These C++ functions do not check bounds. Identify the line in the source code that might lead to buffer overflow?