Retrieved from https://studentshare.org/information-technology/1641992-answer-questions
https://studentshare.org/information-technology/1641992-answer-questions.
Question & Answers Fill the blank What search string would you use with Google to locate a Web server that was offering up a directory listing of the /etc directory, including the passwd file. ……………………….inurl:”powered by” site:test.com2. You are analyzing network traffic and you see the string dXNlcjpwYXNzd29yZA== in a Web request where the client is authenticating with the server. The username from this request is and the password is .User:passwordQuestions : 3.
Before you embark on a penetration test, what is the very first thing you want to get?Establishing and Agreeing upon the rules of the engagement with the target system is needed before embarking on a penetration test.4. What type of scan are you running if you use the following? nmap -sS 192.168.0.0/24It scans the 256 addresses between 192.168.0.0 and 192.168.0.255. It checks what software is running on every up host. It also needs the root privileges because of OS detection and SYN scan.5. What tool would you use to get passwords on a voice over IP network?
Cain and Abel is a window base password recovery protocol, which cracks passwords of networks and recovers the VoIP conversation. It also includes many other features beyond the password cracking.6. You find the following in Web logs. POST /scripts/postit.php?p=%3Cscript%3Ealert(document.cookie())%3C%2Fscript%3EWhat is going on?This is injection which means disabling of JavaScript for both HTTP Get and Post requests. Popup window will contain the cookie values.Answer these question clearly .7. Is a vulnerability scanner completely accurate and reliable?
Why or why not?Vulnerability scanner is completely accurate as it has become a mature industry. It provides network security and timely remediation.8. You see someone using the command "nc www.google.com 80". What is it they are trying to do?TCP service is being tested9. Explain clearly, in your own words, what a buffer overflow is.Buffer flow occurs when data in a temporary storage exceeds than the intended to hold the data. Buffers also hold the finite amount of the data. Additional information overflows in the adjacent buffer and overwrites the data held in the neighboring buffers. 10. You are periodically running vulnerability scans on your Web server.
One day it indicates to you that Firefox has a security vulnerability that could allow for a privilege escalation. How concerned are you about this finding? Include your reasoning.Various vulnerabilities are found in the Mozilla Firefox, such as SeaMonkey and Thunderbird that allows for the remote code execution. Exploitation of these vulnerabilities result into a risk that an attacker gains the privileges as someone logged on user uses. Attacker can also get the session of the authentication credentials.
Attacker can install the programs and delete, change and create the data as well as new accounts.Multiple choices11. Which of the following technologies are CLIENT side?JavaScript NoHTML Yes HTTP NoPHP No Flash Yes Perl No12. Which of the following technologies are SERVER side?Java script yes HTTP Yes PHP Yes Ruby No HTML No
Read More