A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm’s public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output: HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html Accept-Ranges: bytes
Last Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag:“b0aac0542e25c31:89d” Content-Length: 7369
Which of the following is an example of what the engineer performed?

1. A. Banner grabbing
2. B. SQL injection
3. C. Whois database query
4. D. Cross-site scripting

Correct Answer: A

What port number is used by LDAP protocol?

1. A. 110
2. B. 389
3. C. 464
4. D. 445

Correct Answer: B

Under what conditions does a secondary name server request a zone transfer from a primary name server?

1. A. When a primary SOA is higher that a secondary SOA
2. B. When a secondary SOA is higher that a primary SOA
3. C. When a primary name server has had its service restarted
4. D. When a secondary name server has had its service restarted
5. E. When the TTL falls to zero

Correct Answer: A

A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also Identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin?

1. A. Credentialed assessment
2. B. Database assessment
3. C. Host-based assessment
4. D. Distributed assessment

Correct Answer: C
The host-based vulnerability assessment (VA) resolution arose from the auditors’ got to periodically review systems. Arising before the net becoming common, these tools typically take an “administrator’s eye” read of the setting by evaluating all of the knowledge that an administrator has at his or her disposal.
UsesHost VA tools verify system configuration, user directories, file systems, registry settings, and all forms of other info on a number to gain information about it. Then, it evaluates the chance of compromise. it should also live compliance to a predefined company policy so as to satisfy an annual audit. With administrator access, the scans area unit less possible to disrupt traditional operations since the computer code has the access it has to see into the complete configuration of the system.
What it Measures Host
VA tools will examine the native configuration tables and registries to spot not solely apparent vulnerabilities, however additionally “dormant” vulnerabilities – those weak or misconfigured systems and settings which will be exploited when an initial entry into the setting. Host VA solutions will assess the safety settings of a user account table; the access management lists related to sensitive files or data; and specific levels of trust applied to other systems. The host VA resolution will a lot of accurately verify the extent of the danger by determinant however way any specific exploit could also be ready to get.

An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt the information before transmitting onto the wire?

1. A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234
2. B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat <machine A IP> 1234
3. C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat <machine A IP> 1234 -pw password
4. D. Use cryptcat instead of netcat

Correct Answer: D