At what layer of the TCP stack does web browsing take place?
This type of attack is usually the result of faulty programming practices. It allows an attacker to place data into a buffer that is larger than the allocated size, resulting in an overflow, overwriting, and corruption of adjacent data spaces.
IP spoofing is not difficult and can be used in a variety of attacks. However, the attacker will not see the packets that are returned to the spoofed IP address. In this case, the attacker uses ______________ and then sniffs the traffic as it passes.
Which tool helps hackers hide their activities by removing IIS log entries based on the attacker’s IP address?
This IIS vulnerability allows a remote user to view server-side scripts
Once an initial sequence number (ISN) has been agreed to, all the packets that follow will be the ____________. This makes it possible to inject data into a communication stream.
In _____________ hijacking, the attacker uses a packet-sniffer to capture the session IDs to gain control of an existing session or to create a new unauthorized session
Which of the following tools automates and takes advantage of directory traversal exploits in IIS?
Identify two vulnerabilities of Microsoft’s Internet Information Services (IIS) from the options listed below. (Select two.)
Which of the following is the best countermeasure against hijacking? (Select all that apply.)
This IIS vulnerability allows files to be accessed only when they reside on the same logical drive as the web folders
An attacker sends packets to a target host using a spoofed IP address of a trusted host on a different network. What kind of packets will be returned to the attacker?
At what layer of the TCP stack does the three-way handshake occur?
In this type of attack, an attacker uses forged ICMP packets to redirect traffic between the client and the host through the attacker’s host.
_____________ is the US government’s repository of standards-based vulnerability-management data that includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics.
_____________ is an open-source development platform that allows users to configure exploit modules and test systems against attack.
By default, where are the IIS logs recorded?
What are the three steps in session hijacking? (Select all that apply.)
Which steps should be taken to increase web server security? (Select all that apply.)
This IIS 7 component allows clients to publish, locks and manages resources on the web, and should be disabled on a dedicated server.