1.
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
DatE. Mon, 16 Jan 2011 01:41:33 GMT
Content-TypE. text/html
Accept-Ranges: bytes
Last-ModifieD. Wed, 28 Dec 2010 15:32:21 GMT
ETaG. b0aac0542e25c31:89d
Content-Length: 7369
Which of the following is an example of what the engineer performed?
2.
To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings?
3.
While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?
4.
Which type of scan is used on the eye to measure the layer of blood vessels?
5.
A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst discovers that the application is developed in ASP scripting language and it uses MSSQL as a database backend. The analyst locates the applications search form and introduces the following code in the search input fielD.
IMG SRC=vbscript:msgbox(Vulnerable);> originalAttribute= SRC originalPath= vbscript:msgbox(Vulnerable);>
When the analyst submits the form, the browser returns a pop-up window that says Vulnerable. Which web applications vulnerability did the analyst discover?
6.
While testing the companys web applications, a tester attempts to insert the following test script into the search area on the companys web sitE.
Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text:
Testing Testing Testing. Which vulnerability has been detected in the web application?
7.
International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining
8.
Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?
9.
A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?
10.
The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106:
Time:Mar 13 17:30:15 Port:20 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:17 Port:21 Source:192.168.1.103
Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:19 Port:22 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:21
Port:23 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:22 Port:25 Source:192.168.1.103 Destination:192.168.1.106
Protocol:TCP Time:Mar 13 17:30:23 Port:80 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP Time:Mar 13 17:30:30 Port:443 Source:192.168.1.103
Destination:192.168.1.106 Protocol:TCP What type of activity has been logged?