What is this type of attack (that can use either HTTP GET or HTTP POST) called?

An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim’s profile to a text file and then submit the data to the attacker’s database. < iframe src=““http://www.vulnweb.com/updateif.php”” style=““display:none””</iframe> > What is this type of attack (that...

September 27, 2021 No Comments READ MORE +

What does a firewall check to prevent particular ports and applications from getting packets into an organization?

What does a firewall check to prevent particular ports and applications from getting packets into an organization?A . Transport layer port numbers and application layer headersB . Presentation layer headers and the session layer port numbersC . Network layer headers and the session layer port numbersD . Application layer port...

September 27, 2021 No Comments READ MORE +

Which of the following tools would not be useful for cracking the hashed passwords?

Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following tools would not be useful for cracking the hashed passwords?A . John the RipperB . HashcatC . netcatD . THC-HydraView...

September 27, 2021 1 Comment READ MORE +

How do you accomplish this?

in an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It . How do you accomplish this?A . Delete the wireless networkB . Remove all passwordsC . Lock all usersD ....

September 26, 2021 No Comments READ MORE +

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?A . All are hacking tools developed by the legion of doomB . All are tools that can be used not only by hackers, but also security personnelC . All are DDOS toolsD . All are tools that are only...

September 26, 2021 No Comments READ MORE +

What should John do to communicate correctly using this type of encryption?

John wants to send Marie an email that includes sensitive information, and he does not trust the network that he is connected to. Marie gives him the idea of using PGP . What should John do to communicate correctly using this type of encryption?A . Use his own public key...

September 26, 2021 No Comments READ MORE +

What is the best security policy concerning this setup?

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?A . Network elements must...

September 26, 2021 No Comments READ MORE +

What is the purpose of DNS AAAA record?

What is the purpose of DNS AAAA record?A . Authorization, Authentication and Auditing recordB . Address prefix recordC . Address database recordD . IPv6 address resolution recordView AnswerAnswer: D

September 26, 2021 No Comments READ MORE +

As an analyst what would you conclude about the attack?

The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack. You also notice "/bin/sh"...

September 26, 2021 No Comments READ MORE +

What does the following command in netcat do?

What does the following command in netcat do? nc -l -u -p55555 < /etc/passwdA . logs the incoming connections to /etc/passwd fileB . loads the /etc/passwd file to the UDP port 55555C . grabs the /etc/passwd file when connected to UDP port 55555D . deletes the /etc/passwd file when connected...

September 26, 2021 No Comments READ MORE +