- Email support@dumps4free.com
Take a look at the following attack on a Web Server using obstructed URL:
How would you protect from these attacks?
A.
Configure the Web Server to deny requests involving "hex encoded" characters
B.
Create rules in IDS to alert on strange Unicode requests
C.
Use SSL authentication on Web Servers
D.
Enable Active Scripts Detection at the firewall and routers
Create rules in IDS to alert on strange Unicode requests
Identify the web application attack where the attackers exploit vulnerabilities in dynamically
generated web pages to inject client-side script into web pages viewed by other users.
A.
LDAP Injection attack
B.
Cross-Site Scripting (XSS)
C.
SQL injection attack
D.
Cross-Site Request Forgery (CSRF
Cross-Site Scripting (XSS)
A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.
A.
Use port security on his switches.
B.
Use a tool like ARPwatch to monitor for strange ARP activity.
C.
Use a firewall between all LAN segments.
D.
If you have a small network, use static ARP entries
Use port security on his switches.
Use a tool like ARPwatch to monitor for strange ARP activity.
If you have a small network, use static ARP entries
Abel, a security professional, conducts penetration testing in his client organization to
check for any security loopholes. He launched an attack on the DHCP servers by
broadcasting forged DHCP requests and leased all the DHCP addresses available in the
DHCP scope until the server could not issue any more IP addresses. This led to a Dos
attack, and as a result, legitimate employees were unable to access the clients network.
Which of the following attacks did Abel perform in the above scenario?
A.
VLAN hopping
B.
DHCP starvation
C.
Rogue DHCP server attack
D.
STP attack
DHCP starvation
Explanation: A DHCP starvation assault is a pernicious computerized assault that
objectives DHCP workers. During a DHCP assault, an unfriendly entertainer floods a
DHCP worker with false DISCOVER bundles until the DHCP worker debilitates its stock of
IP addresses. When that occurs, the aggressor can deny genuine organization clients
administration, or even stock an other DHCP association that prompts a Man-in-the-Middle
(MITM) assault.
In a DHCP Starvation assault, a threatening entertainer sends a huge load of false
DISCOVER parcels until the DHCP worker thinks they’ve used their accessible pool.
Customers searching for IP tends to find that there are no IP addresses for them, and
they’re refused assistance. Furthermore, they may search for an alternate DHCP worker,
one which the unfriendly entertainer may give. What’s more, utilizing a threatening or sham
IP address, that unfriendly entertainer would now be able to peruse all the traffic that
customer sends and gets.
In an unfriendly climate, where we have a malevolent machine running some sort of an
instrument like Yersinia, there could be a machine that sends DHCP DISCOVER bundles.
This malevolent customer doesn’t send a modest bunch – it sends a great many vindictive
DISCOVER bundles utilizing sham, made-up MAC addresses as the source MAC address
for each solicitation.
In the event that the DHCP worker reacts to every one of these false DHCP DISCOVER
parcels, the whole IP address pool could be exhausted, and that DHCP worker could trust
it has no more IP delivers to bring to the table to legitimate DHCP demands.
When a DHCP worker has no more IP delivers to bring to the table, ordinarily the following
thing to happen would be for the aggressor to get their own DHCP worker. This maverick
DHCP worker at that point starts giving out IP addresses.
The advantage of that to the assailant is that if a false DHCP worker is distributing IP
addresses, including default DNS and door data, customers who utilize those IP delivers
and begin to utilize that default passage would now be able to be directed through the
aggressor’s machine. That is all that an unfriendly entertainer requires to play out a man-inthe-
center (MITM) assault.
The tools which receive event logs from servers, network equipment, and applications, and
perform analysis and correlation on those logs, and can generate alarms for security
relevant issues, are known as what?
A.
network Sniffer
B.
Vulnerability Scanner
C.
Intrusion prevention Server
D.
Security incident and event Monitoring
Security incident and event Monitoring
| Page 7 out of 104 Pages |
| Previous |