1.
This packet was taken from a packet sniffer that monitors a Web server. This packet was originally 1514 bytes long, but only the first 512 bytes are shown here. This is the standard hexdump representation of a network packet, before being decoded. A hexdump has three columns: the offset of each line, the hexadecimal data, and the ASCII equivalent. This packet contains a 14-byte Ethernet header, a 20-byte IP header, a 20-byte TCP header, an HTTP header ending in two line-feeds (0D 0A 0D 0A) and then the data. By examining the packet identify the name and version of the Web server?
2.
This kind of attack will let you assume a users identity at a dynamically generated web page or site:
3.
____________ will let you assume a users identity at a dynamically generated web page or site.
4.
What is Form Scalpel used for?
5.
Bubba has just accessed he preferred ecommerce web site and has spotted an item that he would like to buy. Bubba considers the price a bit too steep. He looks at the source code of the webpage and decides to save the page locally, so that he can modify the page variables. In the context of web application security, what do you think Bubba has changes?
6.
Take a look at the following attack on a Web Server using obstructed URL: http://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74%63%2f %70%61%73%73%77%64 The request is made up of: %2e%2e%2f%2e%2e%2f%2e%2f% = ../../../ %65%74%63 = etc %2f = / %70%61%73%73%77%64 = passwd How would you protect information systems from these attacks?
7.
What are the differences between SSL and S-HTTP?
8.
Kevin sends an email invite to Chris to visit a forum for security professionals. Chris clicks on the link in the email message and is taken to a web based bulletin board. Unknown to Chris, certain functions are executed on his local system under his privileges, which allow Kevin access to information used on the BBS. However, no executables are downloaded and run on the local system. What would you term this attack?
9.
Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in which also he remains unsuccessful. What is the probable cause of Bill's problem?
10.
Which of the following statements best describes the term Vulnerability?
COMPANY
Products
 
OTHERS
Partner

Copyright © RVR Innovations LLP 2024 | All rights reserved - Mytat.co is the venture of RVR Innovations LLP