Pastebin.com - Printed Paste ID: https://pastebin.com/

1. lab 4
2. what are the five steps of a hacking attack
3.  
4. during the reconnaissance step of the attack, describe what zenmap gui performs to do passive os fingerprinting
5.  
6. what step in the hacking attack process uses zenmap gui
7.  
8. what step in the hacking attack process identifies known vulnerabilities and exploits
9.  
10. during the scanning step of the hacking attack process, you identifed known software vulnerabilities in a windows xp professional workstation. list the name and number of the critical microsoft vulnerabilities identified. what is vulnerability "ms08-067"
11.  
12. which tool and application was used to exploit the indentified vulnerability on the targeted microsoft 2003 xp sp2 workstation
13.  
14. if you are a member of the security penetration testing team and you identify vulnerabilities and exploits, should you obtain written permission from the owners prior to compromising and exploting the known vulnerability
15.  
16. what does the tool ettercap do
17.  
18. the most important step in the five step hacking process is step 5 where the security practitioner must remediate the vulnerability and eliminate the exploit. what is the name and number of the microsoft security bulliten
19.  
20. what is the name of hte microsoft windows xp sp2 security patch needed to remediate this software vulnerability and exploit
21.  
22. lab 5
23.  
24. why is it critical to perform a penetration test on a web application prior to production implementation
25.  
26. what is a cross site scripting attack? explain in your own words
27.  
28. what is a reflective cross site scripting attack
29.  
30. what common method of obfuscation is used in most real world sql attacks
31.  
32. which web application attack is more prone to extract privacy data elements out of a database
33.  
34. if you can monitor when sql injections are performed on an sql database, what would you recommened as a security countermeasure to monitor your production sql databases
35.  
36. given that apache and internet information services (iis) are the two most popular web application servers for liunux and microsft windows platforms what would you do to identify known software vulnerabilities ande xploits
37.  
38. what can you do to ensure that your organization incorporates penetrating testing and web application testing as part of its implementation procedures
39.  
40. what other security coountermeasures do you recommend for web sites and web application deployment to ensure the cia of the web application
41.  
42. who is responsible and accountabe for the cia of production web applications and web servers