EC COUNCIL-Ethical Hacking and Countermeasures (CEHv6) Set 1

A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. What kind of Web application vulnerability likely exists in their software?

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned. Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

Which of these is capable of searching for and locating rogue access points?

Websites and web portals that provide web services commonly use the Simple Object Access Protocol (SOAP). Which of the following is an incorrect definition or characteristics of the protocol?

You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?

What type of vulnerability/attack is it when the malicious person forces the user's browser to send an authenticated request to a server?

From the following table, identify the wrong answer in terms of Range (ft).

What would you enter, if you wanted to perform a stealth scan using Nmap?

You are doing an internal security audit and intend to find out what ports are open on all the servers. What is the best way to find out?