lab 4
what are the five steps of a hacking attack
during the reconnaissance step of the attack, describe what zenmap gui performs to do passive os fingerprinting
what step in the hacking attack process uses zenmap gui
what step in the hacking attack process identifies known vulnerabilities and exploits
during the scanning step of the hacking attack process, you identifed known software vulnerabilities in a windows xp professional workstation. list the name and number of the critical microsoft vulnerabilities identified. what is vulnerability "ms08-067"
which tool and application was used to exploit the indentified vulnerability on the targeted microsoft 2003 xp sp2 workstation
if you are a member of the security penetration testing team and you identify vulnerabilities and exploits, should you obtain written permission from the owners prior to compromising and exploting the known vulnerability
what does the tool ettercap do
the most important step in the five step hacking process is step 5 where the security practitioner must remediate the vulnerability and eliminate the exploit. what is the name and number of the microsoft security bulliten
what is the name of hte microsoft windows xp sp2 security patch needed to remediate this software vulnerability and exploit
lab 5
why is it critical to perform a penetration test on a web application prior to production implementation
what is a cross site scripting attack? explain in your own words
what is a reflective cross site scripting attack
what common method of obfuscation is used in most real world sql attacks
which web application attack is more prone to extract privacy data elements out of a database
if you can monitor when sql injections are performed on an sql database, what would you recommened as a security countermeasure to monitor your production sql databases
given that apache and internet information services (iis) are the two most popular web application servers for liunux and microsft windows platforms what would you do to identify known software vulnerabilities ande xploits
what can you do to ensure that your organization incorporates penetrating testing and web application testing as part of its implementation procedures
what other security coountermeasures do you recommend for web sites and web application deployment to ensure the cia of the web application
who is responsible and accountabe for the cia of production web applications and web servers