What is the difference between the AES and RSA algorithms?
What tool can crack Windows SMB passwords simply by listening to network traffic?
Norman is an IT Security Manager of a bank in his country. One day. he found out that there is a security breach to his company's email server based on analysis of a suspicious connection from the email server to an unknown IP Address.
What is the first thing that Norman needs to do before contacting the incident response team?
Initiating an attack against targeted businesses and organisations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits.
What type of attack is outlined in the scenario?
In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?
Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?
Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?
Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?
An NMAP scan of a server shows port 69 is open. What risk could this pose?
When a normal TCP connection starts, a destination host receives a SYN (synchronise/start) packet from a source host and sends back a SYN/ACK (synchronise acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.
How would an attacker exploit this design by launching TCP SYN attack?
What kind of risk will remain even if all theoretically possible safety measures would be applied?
An NMAP scan of a server shows port 25 is open. What risk could this pose?
Charlie finished a C programming course and created a small C application to monitor the network traffic and produce alerts when any origin sends "many" IP packets, based on the average number of packets sent by all origins and using some thresholds.
In concept, the solution developed by Charlie is actually:
Which of the following is the BEST way to defend against network sniffing?
Which of the following is an example of two factor authentication?
Why would an attacker want to perform a scan on port 137?
On performing a risk assessment, you need to determine the potential impacts when some of the critical business process of the company interrupt its service. What is the name of the process by which you can determine those critical business?
Which type of security document is written with specific step-by-step details?