SANS Hacker Tools, Techniques, Exploits and Incident Handling Set 1

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. An attacker uses software that keeps trying password combinations until the correct password is found. Which type of attack is this?

Which of the following functions can you use to mitigate a command injection attack? Each correct answer represents a part of the solution. Choose all that apply.

Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access. How was security compromised and how did the firewall respond?

In which of the following attacking methods does an attacker distribute incorrect IP address?

Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?

Which of the following tools can be used for steganography? Each correct answer represents a complete solution. Choose all that apply.

Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?

Which of the following attacks come under the category of layer 2 Denial-of-Service attacks? Each correct answer represents a complete solution. Choose all that apply.

Which of the following tools can be used to perform brute force attack on a remote database? Each correct answer represents a complete solution. Choose all that apply.

Which of the following are the primary goals of the incident handling team? Each correct answer represents a complete solution. Choose all that apply.