- All Exams Instant Download
How would you resolve this situation?
You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached cell phone 3G modem to his telephone...
What are the alternatives to defending against possible brute-force password attacks on his site?
Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder's IP address for a period of 24 hours' time after more than three unsuccessful attempts. He is confident that this...
Which of the below Google search string brings up sites with "config.php" files?
Attackers footprint target Websites using Google Hacking techniques. Google hacking is a term that refers to the art of creating complex search engine queries. It detects websites that are vulnerable to numerous exploits and vulnerabilities. Google operators are used to locate specific strings of text within the search results. The...
What port number is used by Kerberos protocol?
What port number is used by Kerberos protocol?A . 88B . 44C . 487D . 419View AnswerAnswer: A
Why will this not be possible?
Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned...
What are some of the common vulnerabilities in web applications that he should be concerned about?
Bret is a web application administrator and has just read that there are a number of surprisingly common web application vulnerabilities that can be exploited by unsophisticated attackers with easily available tools on the Internet. He has also read that when an organization deploys a web application, they invite the...
How would you describe Jason's behavior within a security context?
Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open...
What default port Syslog daemon listens on?
Syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It also provides devices, which would otherwise be unable to communicate a means to notify administrators of problems or...
What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?
BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities. When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that...
What type of session hijacking attack is shown in the exhibit?
What type of session hijacking attack is shown in the exhibit? A . Cross-site scripting AttackB . SQL Injection AttackC . Token sniffing AttackD . Session Fixation AttackView AnswerAnswer: D
