An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
Only using OSPFv3 will mitigate this risk.
Make sure that legitimate network routers are configured to run routing protocols with authentication.Redirection of the traffic cannot happen unless the admin allows it explicitly.
Disable all routing protocols and only use static routes
SHOW ANSWERWhy should the security analyst disable/remove unnecessary ISAPI filters?
To defend against webserver attacks
To defend against social engineering attacks
To defend against wireless attacks
To defend against jailbreaking
SHOW ANSWERenv x=`(){ :;};echo exploit` bash -c ‘cat /etc/passwd’
What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?
Changes all passwords in passwd
Removes the passwd file
Add new user to the passwd file
SHOW ANSWERShellshock had the potential for an unauthorized user to gain access to a server. It affected many internet facing services, which OS did it not directly affect?
WindowsUnix
Linux
OS X
SHOW ANSWERWhat type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?
Passive
Distributive
Reflective
Active
SHOW ANSWERWhat mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?
User Access Control
Data Execution PreventionAddress Space Layout Randomization
Windows firewall
SHOW ANSWERA network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named “”nc.”” The FTP server’s access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server’s software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?
Privilege escalation
Brute force login
Directory traversal
SHOW ANSWERAn attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?
He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.
He will repeat the same attack against all L2 switches of the network.
He will activate OSPF on the spoofed root bridge.
He will repeat this action so that it escalates to a DoS attack.
SHOW ANSWERWhich system consists of a publicly available set of databases that contain domain name registration contact information?
CAPTCHA
IETF
WHOIS
IANA
SHOW ANSWER___________ Is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types.
DNSSECResource records
Zone transfer
Resource transfer
SHOW ANSWERSome clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat
The use of DNSSECClient awareness
The use of double-factor authentication
The use of security agents in clients computers
SHOW ANSWERA regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?
Place a front-end web server in a demilitarized zone that only
handles external web traffic
Require all employees to change their anti-virus program with a new one.
Issue new certificates to the web servers from the root certificate authority
Move the financial data to another server on the same IP subnet
SHOW ANSWERIn both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?
Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain nameBoth pharming and phishing attacks are identical
In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
SHOW ANSWERAn attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to http://www.MyPersonalBank.com, the user is directed to a phishing site.
Which file does the attacker need to modify
Boot.ini
Sudoers
Networks
SHOW ANSWER