- (Topic 1)
Which of the following is Microsoft's implementation of the file and application server for the Internet and private intranets?
Correct Answer:
D
Microsoft Internet Information Server (IIS) is a WeA, Bpplication server for the Internet and private intranets. IIS receives requests from users on the network using the World Wide Web (WWW) service and transmits information using the Hypertext Transport Protocol (HTTP). IIS uses Microsoft Transaction Server (MTS) to provide security, performance, and scalability with server side packages.
- (Topic 2)
From an auditing perspective, database security can be broken down into four key categories: Server Security Database Connections Table Access Control Restricting Database Access Which of the following categories leads to the process of limiting access to the database server?
Correct Answer:
D
Server security is the process of limiting access to the database server. This is one of the most basic and most important components of database security. It is imperative that an organization not let their database server be visible to the world. If an organization's database server is supplying information to a web server, then it should be configured to allow connections only from that web server. Also, every server should be configured to allow only trusted IP addresses. Answer B is incorrect. With regard to database connections, system administrators should not allow immediate unauthenticated updates to a database. If users are allowed to make updates to a database via a web page, the system administrator should validate all updates to make sure that they are warranted and safe. Also, the system administrator should not allow users to use their designation of "sa" when accessing the database. This gives employees complete access to all of the data stored on the database regardless of whether or not they are authenticated to have such access. Answer A is incorrect. Table access control is related to an access control list, which is a table that tells a computer operating system which access rights each user has to a particular system object. Table access control has been referred to as one of the most overlooked forms of database security. This is primarily because it is so difficult to apply. In order to properly use table access control, the system administrator and the database developer need to collaborate with each other. Answer C is incorrect. Restricting database access is important especially for the companies that have their databases uploaded on the Internet. Internet-based databases have been the most recent targets of attacks, due to their open access or open ports. It is very easy for criminals to conduct a "port scan" to look for ports that are open that popular database systems are using by default. The ports that are used by default can be changed, thus throwing off a criminal looking for open ports set by default. Following are the security measures that can be implemented to prevent open access from the Internet: Trusted IP addresses: Servers can be configured to answer pings from a list of trusted hosts only. Server account disabling: The server ID can be suspended after three password attempts. Special tools: Products can be used to send an alert when an external server is attempting to breach the system's security. One such example is RealSecure by ISS.
- (Topic 1)
Which of the following mechanisms is closely related to authorization?
Correct Answer:
B
Authorization is a process that verifies whether a user has permission to access a Web resource. A Web server can restrict access to some of its resources to only those clients that log in using a recognized username and password. To be authorized, a user must first be authenticated. Answer C is incorrect. Verifying username and password describes the mechanism of authentication. Authentication is the process of verifying the identity of a user. This is usually done using a user name and password. This process compares the provided user name and password with those stored in the database of an authentication server. Answer D is incorrect. Sending data so that no one can alter it on the way describes the mechanism of data integrity. Data integrity is a mechanism that ensures that the data is not modified during transmission from source to destination. This means that the data received at the destination should be exactly the same as that sent from the source. Answer A is incorrect. Sending secret data such as credit card information describes the mechanism of confidentiality. Confidentiality is a mechanism that ensures that only the intendeA, Duthorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it.
- (Topic 4)
You want to append a tar file if the on-disk version of the tar file has a modification date more recent than its copy in the tar archive. Which of the following commands will you use to accomplish the task?
Correct Answer:
A
The tar -u command is used to append a tar file if the on-disk version of the tar file has a modification date more recent than its copy in the tar archive. Answer B is incorrect. The tar -t command is used to list the contents of an archive. Answer D is incorrect. The tar -x command is used to extract the files from an archive. Answer C is incorrect. The tar -c command is used to create a new archive of specified files.
- (Topic 3)
Which of the following tools can be used to perform tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing?
Correct Answer:
C
Cain is a multipurpose tool that can be used to perform many tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing. This password cracking program can perform the following types of password cracking attacks: Dictionary attack Brute force attack Rainbow attack Hybrid attack Answer A is incorrect. L0phtcrack is a tool which identifies and remediate security vulnerabilities that result from the use of weak or easily guessed passwords. It recovers Windows and Unix account passwords to access user and administrator accounts. Answer D is incorrect. John the Ripper is a fast password cracking tool that is available for most versions of UNIX, Windows, DOS, BeOS, and Open VMS. It also supports Kerberos, AFS, and Windows NT/2000/XP/2003 LM hashes. John the Ripper requires a user to have a copy of the password file. Answer B is incorrect. Obiwan is a Web password cracking tool that is used to perform brute force and hybrid attacks. It is effective against HTTP connections for Web servers that allow unlimited failed login attempts by the user. Obiwan uses wordlists as well as alphanumeric characters as possible passwords.