Follow along with the video below to see how to install our site as a web app on your home screen.
Catatan: This feature may not be available in some browsers.
Saat ini Anda mengakses IndoForum sebagai tamu, sehingga Anda tidak memiliki akses penuh untuk melihat artikel dan diskusi yang hanya tersedia bagi anggota. Dengan bergabung, Anda akan mendapatkan akses penuh untuk bertanya, mengirim pesan pribadi, mengikuti polling, dan menggunakan fitur-fitur lainnya. Proses pendaftaran sangat cepat, mudah, dan gratis. Silakan daftar dan validasi email Anda untuk mendapatkan akses penuh sebagai anggota. Harap masukkan alamat email yang valid dan periksa kotak masuk Anda setelah mendaftar untuk proses validasi.
Which of the following is one of the key features found in a worm but not seen in a
virus?
A. The payload is very small, usually below 800 bytes.
B. It is self replicating without need for user intervention.
C. It does not have the ability to propagate on its own.
D. All of them cannot be detected by virus scanners.
You find the following entries in your web log. Each shows attempted access to
either root.exe or cmd.exe. What caused this?
GET /scripts/root.exe?/c+dir
GET /MSADC/root.exe?/c+dir
GET /c/winnt/system32/cmd.exe?/c+dir
GET /d/winnt/system32/cmd.exe?/c+dir
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir
GET
/msadc/..%5c../..%5c../..%5c/..xc1x1c../..xc1x1c../..xc1x1c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc1x1c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0/../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0xaf../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc1x9c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir
A. The Morris worm
B. The PIF virus
C. Trinoo
D. Nimda
E. Code Red
F. Ping of Death
One of the better features of NetWare is the use of packet signature that includes
cryptographic signatures. The packet signature mechanism has four levels from 0 to
3.
In the list below which of the choices represent the level that forces NetWare to sign
all packets?
A. 0 (zero)
B. 1
C. 2
D. 3
What is the name of the software tool used to crack a single account on Netware
Servers using a dictionary attack?
A. NPWCrack
B. NWPCrack
C. NovCrack
D. CrackNov
E. GetCrack
Windumpis the windows port of the famous TCPDump packet sniffer available on a
variety of platforms. In order to use this tool on the Windows platform you must
install a packet capture library.
What is the name of this library?
A. NTPCAP
B. LibPCAP
C. WinPCAP
D. PCAP
You have just installed a new Linux file server at your office. This server is going to
be used by several individuals in the organization, and unauthorized personnel must
not be able to modify any data.
What kind of program can you use to track changes to files on the server?
A. Network Based IDS (NIDS)
B. Personal Firewall
C. System Integrity Verifier (SIV)
D. Linux IP Chains
Jim's organization has just completed a major Linux roll out and now all of the
organization's systems are running the Linux 2.5 kernel. The roll out expenses has
posed constraints on purchasing other essential security equipment and software.
The organization requires an option to control network traffic and also perform
stateful inspection of traffic going into and out of the DMZ.
Which built-in functionality of Linux can achieve this?
A. IP Tables
B. IP Chains
C. IP Sniffer
D. IP ICMP
WinDump is a popular sniffer which results from the porting to Windows of TcpDump
for Linux.What libray does it use ?
A. LibPcap
B. WinPcap
C. Wincap
D. None of the above
Several of your co-workers are having a discussion over the etc/passwd file. They
are at odds over what types of encryption are used to secure Linux
passwords.(Choose all that apply.
A. Linux passwords can be encrypted with MD5
B. Linux passwords can be encrypted with SHA
C. Linux passwords can be encrypted with DES
D. Linux passwords can be encrypted with Blowfish
E. Linux passwords are encrypted with asymmetric algrothims
You are attempting to map out the firewall policy for an organization. You discover
your target system is one hop beyond the firewall. Using hping2, you send SYN
packets with the exact TTL of the target system starting at port 1 and going up to
port 1024. What is this process known as?
A. Footprinting
B. Firewalking
C. Enumeration
D. Idle scanning
Once an intruder has gained access to a remote system with a valid username and
password, the attacker will attempt to increase his privileges by escalating the used
account to one that has increased privileges. such as that of an administrator. What
would be the best countermeasure to protect against escalation of priveges?
A. Give users tokens
B. Give user the least amount of privileges
C. Give users two passwords
D. Give users a strong policy document
Which one of the following attacks will pass through a network layer intrusion
detection system undetected?
A. A teardrop attack
B. A SYN flood attack
C. A DNS spoofing attack
D. A test.cgi attack
Why would an ethical hacker use the technique of firewalking?
A. It is a technique used to discover wireless network on foot.
B. It is a technique used to map routers on a network link.
C. It is a technique used to discover the nature of rules configured on a gateway.
D. It is a technique used to discover interfaces in promiscuous mode.
What makes web application vulnerabilities so aggravating? (Choose two)
A. They can be launched through an authorized port.
B. A firewall will not stop them.
C. They exist only on the Linux platform.
D. They are detectable by most leading antivirus software.
An employee wants to defeat detection by a network-based IDS application. He does
not want to attack the system containing the IDS application.
Which of the following strategies can be used to defeat detection by a network-based
IDS application? (Choose the best answer)
A. Create a network tunnel.
B. Create a multiple false positives.
C. Create a SYN flood.
D. Create a ping flood.
Carl has successfully compromised a web server from behind a firewall by
exploiting a vulnerability in the web server program. He wants to proceed by
installing a backdoor program. However, he is aware that not all inbound ports on
the firewall are in the open state.
From the list given below, identify the port that is most likely to be open and
allowed to reach the server that Carl has just compromised.
A. 53
B. 110
C. 25
D. 69
