Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Jan 16th, 2012  |  syntax: None  |  size: 2.45 KB  |  views: 2,060  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. lab 4
  2. what are the five steps of a hacking attack
  3.  
  4. during the reconnaissance step of the attack, describe what zenmap gui performs to do passive os fingerprinting
  5.  
  6. what step in the hacking attack process uses zenmap gui
  7.  
  8. what step in the hacking attack process identifies known vulnerabilities and exploits
  9.  
  10. during the scanning step of the hacking attack process, you identifed known software vulnerabilities in a windows xp professional workstation. list the name and number of the critical microsoft vulnerabilities identified. what is vulnerability "ms08-067"
  11.  
  12. which tool and application was used to exploit the indentified vulnerability on the targeted microsoft 2003 xp sp2 workstation
  13.  
  14. if you are a member of the security penetration testing team and you identify vulnerabilities and exploits, should you obtain written permission from the owners prior to compromising and exploting the known vulnerability
  15.  
  16. what does the tool ettercap do
  17.  
  18. the most important step in the five step hacking process is step 5 where the security practitioner must remediate the vulnerability and eliminate the exploit. what is the name and number of the microsoft security bulliten
  19.  
  20. what is the name of hte microsoft windows xp sp2 security patch needed to remediate this software vulnerability and exploit
  21.  
  22. lab 5
  23.  
  24. why is it critical to perform a penetration test on a web application prior to production implementation
  25.  
  26. what is a cross site scripting attack? explain in your own words
  27.  
  28. what is a reflective cross site scripting attack
  29.  
  30. what common method of obfuscation is used in most real world sql attacks
  31.  
  32. which web application attack is more prone to extract privacy data elements out of a database
  33.  
  34. if you can monitor when sql injections are performed on an sql database, what would you recommened as a security countermeasure to monitor your production sql databases
  35.  
  36. given that apache and internet information services (iis) are the two most popular web application servers for liunux and microsft windows platforms what would you do to identify known software vulnerabilities ande xploits
  37.  
  38. what can you do to ensure that your organization incorporates penetrating testing and web application testing as part of its implementation procedures
  39.  
  40. what other security coountermeasures do you recommend for web sites and web application deployment to ensure the cia of the web application
  41.  
  42. who is responsible and accountabe for the cia of production web applications and web servers
clone this paste RAW Paste Data