Chapter 10: Infrastructure Security
Fill in the missing piece of the command: Nmap has the ability to generate decoys that make the detection of the actual scanning system become much more difficult. The nmap command to generate decoys is nmap ____ RND:10 target_IP_address
-D
Drag the vulnerability to the appropriate mitigation technique. -Run all processes using the least privileged account. Use secure web permissions and access control mechanisms. -Disable the directory listing option and remove the ability to load non-web files from a URL. -Use scripts and systems to compare file hash values with the master value to detect possible changes. -Remove user input fields when possible. -Unused User Accounts and Services -Website Changes -File and Directory Management -HTTP Response Splitting Attacks
-Run all processes using the least privileged account. Use secure web permissions and access control mechanisms. -Unused User Accounts and Services -Disable the directory listing option and remove the ability to load non-web files from a URL. -File and Directory Management -Use scripts and systems to compare file hash values with the master value to detect possible changes. -Website Changes -Remove user input fields when possible. -HTTP Response Splitting Attacks
Which of the following are characteristics of embedded systems? Handle processes in a non-deterministic manner Sealed system Open system Designed to handle multiple complex functions Designed to perform a single function Handle processes in a deterministic manner Makes changes based on user feedback
-Sealed system -Designed to perform a single function -Handle processes in a deterministic manner
Your company has decided to use a Pentbox honeypot to learn which types of attacks may be targeting your site. They have asked you to install and configure the honeypot. You have already installed Pentbox. Which menu allows you to configure the honeypot? 1- Cryptography tools 2- Network tools 3- Web 4- Ip grabber 5- Geolocation ip 6- Mass attack 7- License and contact
2- Network tools Menu item 2- Network tools takes you to another menu where you can choose to create a honeypot.
You are in the process of configuring pfSense Snort as your intrusion detection and prevention system (IDS/IPS). You have configured the options shown in the image, but when you try to save your changes, pfSense won't let you continue. What did you forget to configure? You did not enable ET Pro. You did not sign up for a paid Snort Subscriber Rule Set. You did not enable Snort GPLv2. A Snort Oinkmaster Code was not entered.
A Snort Oinkmaster Code was not entered.
You are the security analyst working for CorpNet (198.28.1.1). You are trying to see if you can discover weaknesses in your network. You have just run the nmap command shown in the image. Which weakness, if any, was found? A compromise was found while scanning port 80. A SYN attack is under way. A compromise was found while scanning port 8080. The entire host appears to be clean.
A compromise was found while scanning port 8080.
Which of the following BEST describes a network policy? A tool that reduces the administrator's workload and minimizes the chance of human error when configuring RADIUS servers and clients. A set of conditions, constraints, and settings used to authorize which remote users and computers can or cannot connect to a network. A Microsoft feature that controls the working environment of user accounts and computer accounts. A method for identifying and verifying the servers and clients that you connect with.
A set of conditions, constraints, and settings used to authorize which remote users and computers can or cannot connect to a network.
Which type of processor chip is designed to perform a single function and is typically custom-designed? FPGA SoC ASIC x86
ASIC The Application-Specific Integrated Circuit (ASIC) chip is created to perform a single function. They are typically custom-designed and used by a company in a single product. The development process is expensive and time-consuming, but the chips offer high performance with low power consumption.
You are the security administrator for your organization. You need to provide Mary with the needed access to make changes to the finances.xlsx file located in the Accounting directory. Which of the following permissions should you set for Mary? -Allow Modify permission on the finances.xlsx file. -Allow Full Control permission on the Accounting directory. -Deny Full Control permission on the Accounting directory. -Allow Write permission on the finances.xlsx file.
Allow Write permission on the finances.xlsx file
A user of your website has posted a message for others to view. After several employees complain of strange behavior on their browser after visiting the site, you investigate and find some text: An XSS vulnerability attack. A buffer overflow attack. An embedded malicious code attack. A SQL injection attack.
An XSS vulnerability attack.
Which of the following web server technologies does Linux typically use? Apache Firefox Edge IIS
Apache Apache is an open-source web server technology that is typically used by Linux, although it is supported by other operating systems. Apache usually comes with the LAMP package, which includes: -Linux as the operating system -Apache as the web server technology -MySQL for handling database use -PHP, Perl, or Python for scripts
Which of the following types of devices use sensors to gather data and send that data back to specialized controllers to make decisions and changes in the systems? Physical security Distributed control system Vehicle systems Automated systems
Automated systems Automated devices use sensors to gather data and send that data back to specialized controllers. These controllers use that data to make decisions and changes in the systems. These systems can be used to automate lighting, HVAC systems, fire control systems, and more.
You are configuring a new email server for your organization and need to implement a firewall solution. The firewall will be designed to handle connections to the email server. Which of the following would be the BEST firewall solution? Bastion host Screened subnet Multi-homed Dual-homed
Bastion host. A bastion host is a specialized computer system with two network interfaces that is placed between the internal and external networks. -A bastion host handles the connection for a private instance, such as logging into an email server. -A bastion host should be designed to perform only that single task. All other services and applications should be removed so the system is better hardened against attacks.
Which web application architecture layer includes the physical devices that are used to access the web application? Business Logic Client/Presentation Web Server Logic Persistence
Client/Presentation The Client layer includes all the physical devices on the client side such as smartphones, laptops, and tablets. These are the devices that are used to access the web application.
Which of the following firewall evasion techniques is used to redirect a user to a malicious website? Malicious code insertion Tunneling Source routing DNS poisoning
DNS poisoning On-path attacks (also known as man-in-the-middle attacks), such as DNS poisoning, can also be used to get around a firewall. This attack works by intercepting the DNS request between a client and DNS server. The attacker sends back a malicious response to redirect the target to a malicious website. The response can also be stored in the DNS cache so whenever the victim goes back to the site, they are automatically redirected to the malicious site.
Which of the following should be implemented as protection against malware attacks? DNS sinkhole Remote blackhole filtering Blackholing internal attacks Redirection
DNS sinkhole DNS sinkholes can be used to protect a network from malware attacks. Many malware programs, such as Trojan horses, are designed to report back to a specific web address to get further instructions. A security analyst can define these known malicious web addresses in the ACL so that all requests to that address are redirected to a sinkhole.
Which of the following permissions would take precedence over the others? Deny Write Deny Read Allow Full Control Allow Read
Deny Read Deny permissions will always take precedence over allow permissions. The most restrictive permission will always take precedence.
Which of the following attacks would use the following syntax? http://www.testout.com.br/../../../../ some_dir/ some_file XSS DNS poisoning Directory traversal SQL injection
Directory traversal Directory traversal can give an attacker access to directories and files that exist outside of the web server directories. A user who connects to a web server accesses files that are located in the document root of the website. If the server is misconfigured, the attacker may be able to use the navigation commands used in a Windows command prompt or Linux terminal to gain access to other directories. For example, if the website files are stored in C:\inetpub\wwwroot\testout, the attacker may be able to type the following into the web browser to gain access to resources on the server: http://www.testout.com.br/../../../../ some_dir/ some_file
You are in the process of configuring pfSense Snort as your intrusion detection and prevention system (IDS/IPS). You want to ensure that it includes the anti-malware IDS/IPS rule set that enables users with cost constraints to enhance their existing network-based malware detection. Select the option that would add these rule sets. Enable ET Open Enable ET Pro Enable Snort VRT Enable Snort GPLv2 Enable OpenAppID
Enable ET Open downloads the Emerging Threats Open rules. The ET Open rule set is an anti-malware IDS/IPS rule set that enables users with cost constraints to enhance their existing network-based malware detection.
Which processor chip can be configured by the end user to perform the tasks he or she needs it to? x86 ASIC SoC FPGA
FPGA Field-Programmable Gate Array (FPGA) chips are physically set up like a ASIC or SoC, but the programming is configured by the end user.
Which of the following firewall evasion countermeasures should be implemented to mitigate firewall evasion? (Select two.) Firewalking Filtering an intruder's IP address Tunneling Banner grabbing Source routing Defense in Depth
Filtering an intruder's IP address Defense in Depth Proper configuration of a firewall, such as filtering the IP address of an intruder and implementing Defense in Depth, are some of the methods that should be implemented to mitigate firewall evasion.
Which of the following firewall identification methods uses a TCP packet with a TTL value set to expire one hop past the firewall? Port scanning Banner grabbing Firewalking Tunneling
Firewalking Firewalking is a technique used to map out firewall and device locations and ACLs. Firewalking works in the following manner: -The attacker sends a TCP or UDP packet out with a Time-to-Live (TTL) value that is set to expire one hop past the firewall. -If the packet makes it through the firewall, the gateway forwards it to the next hop, where the packet expires. -The attacker gets a message back that the TTL exceeded in transit. This tells the attacker where devices are located and which protocols are allowed through the firewall.
Which of the following works together by calling on each other, passing data to each other, and returning values in a program? Function Kernel Stack Variable
Function Programs are built using functions. These functions work together by calling on each other, passing data to each other, and returning values.
Which of the following attack types takes advantage of user input fields on a website? Directory traversal DDoS HTTP response splitting DNS attacks
HTTP response splitting HTTP response splitting attacks take advantage of user input fields on a website. When data is submitted in these fields, the HTTP response includes a header and then the data. An attacker may be able to append malicious script between the header and data. The script is then sent to the server and executed. These attacks can be used to steal data, upload malware, or perform other malicious activities.
Which of the following NAC policies is MOST commonly implemented? Health Time Location Rules
Health Health policies are perhaps the most commonly implemented NAC policy. The policies ensure that a device meets minimum security requirements.
Which of the following is a popular honeypot that can be used to create thousands of other honeypots? VMWare Snort Inline Sebek Honeyd
Honeyd Honeyd is a widely used honeypot that can create thousands of other honeypots. Honeyd can act as a distraction to potential attackers.
Which of the following should be designed to look and function like a real resource in order attract attackers? Server IDS Honeypot Firewall
Honeypot
You are the security analyst for your organization. During a vulnerability analysis, you have noticed the following: -File attributes being altered -Unknown .ozd files -Files that do not match the existing naming scheme -Changes to the log files Which of the following do these signs indicate has occurred? Blacklisting Protocol-based attack Host-based intrusion Network-based intrusion
Host-based intrusion
Which of the following uses the TCP/IP stack and is effectively employed to slow down the spread of worms, backdoors, and similar malware? Snort Inline Layer 2 tarpit Honeyd Layer 4 tarpit
Layer 4 tarpit Layer 4 tarpits use the TCP/IP stack and are employed to slow down the spread of worms, backdoors, and similar malware. A Layer 4 tarpit first accepts an incoming request and then spontaneously switches the TCP message window size to 0. This effectively traps the attacker, as they are unable to terminate the connection because no disconnect request can be sent.
Which of the following honeypot interaction levels simulates a real OS, its applications, and its services? Honeynet High Low Medium
Medium A medium-interaction honeypot: -Simulates a real OS, its applications, and its services. -Is more realistic than a low-interaction honeypot so that it can log and analyze more complex attacks. -Requires more maintenance and oversight than a low-interaction honeypot.
As part of a push by IT to create consistent policies on Windows machines, you are working in PowerShell and have created a binary policy file that covers applications and virus scanning policies. You have another binary policy file called MyPolicy.bin, which you want to use as well. It covers other portions of your company's new Windows policy. What do you need to do to implement both binary files? -Use the Group Policy Management tool to import both files. -Merge the two policies into a single policy file. -Import the policy files in order with two separate commands. -Create an empty XML policy file to copy the contents of the other files into.
Merge the two policies into a single policy file. You would need to merge the two policies. Only one policy file can be active on a Windows system. This means that running two separate commands with two separate files as parameters will not work.
Which type of web application is designed to work on Android or iOS? Client-based Browser-based Web-based Mobile
Mobile Mobile apps are probably the most common type of application used today. Mobile apps are similar to other applications, but are specifically designed to work on mobile operating systems such as Apple iOS or Android.
Which of the following is used to define minimum security requirements a device must meet before it can connect to a network? NAC Honeypot 802.1x IDS
NAC Network access control (NAC) is used to authenticate users to the network and can also define the minimum security requirements that a device must meet before being allowed to connect to a network.
Which of the following Windows permissions apply to local files and directories? chown ACL Share NTFS
NTFS
You are the security technician for your organization. You need to perform diagnostics on a vehicle's subsystems for security purposes. Which of the following would you use to access the vehicle's subsystems? Network port Bluetooth Wi-Fi ODB-II
ODB-II Users and technicians can access a vehicle's subsystems through the Onboard Diagnostics-II, or OBD-II, module.
Which of the following best describes the components of an ICS network? Performance technology Operational technology Manufacturing technology Information technology
Operational technology All of the components of an ICS network are typically referred to as an operational technology (OT) network.
Which of the following types of attacks are IoT devices most vulnerable to? Overflow On-path CSRF XSS
Overflow Internet of Things, or IoT, and automated devices are vulnerable to overflow attacks. By executing an overflow attack, an attacker might be able inject their malicious code into the controller system when it crashes, giving them full access to move around the network from there.
Which of the following HTTP request/response types is used to request that the web server send data using HTML forms? TRACE HEAD GET POST
POST The POST command is used to send data to the server using HTML forms
Which of the following BEST describes the process of verifying that a device meets the minimum health requirements? Remediation Posture assessment NAC policies Post-admission
Posture assessment
The network IDS has sent alerts regarding malformed messages and sequencing errors. Which of the following IDS detection methods is most likely being used? Signature Anomaly Trend Protocol
Protocol Protocol-based detection uses the same network baseline as an anomaly-based IDS but focuses on the protocols being used. If a specific protocol begins showing signs outside the norm, the IDS will trigger alerts. This helps it identify new attacks before signature or anomaly intrusion detection systems. -Protocol-based detection can include malformed messages, sequencing errors, and similar variations from a protocol's known good behavior. -Protocol detection can be useful against unknown or zero-day exploits, which might attempt to manipulate protocol behavior for malicious purposes. -Detecting that a protocol is using an unusual port to operate its services is another way to check for protocol anomalies.
You discover that your network is under a DDoS SYN flood attack. Which of the following DDoS attack methods does this fall under? Application layer DDoS Protocol DDoS DNS DDoS Amplification DDoS
Protocol DDoS A SYN flood attack is a common example of a protocol DDoS method: -The attacker sends a large amount of SYN packets with a spoofed IP address. -The victim responds with the SYN-ACK packet, but it goes to the wrong IP address, so a response never comes. -The target leaves that connection open, waiting for a response to complete the 3-way handshake. -The target becomes overwhelmed while waiting for the response packets to come back.
Which of the following attacks is a SYN flood attack an example of? Application layer DDoS CSRF XSS Protocol DDoS
Protocol DDoS This attack works as follows: -The attacker sends a large number of SYN packets with a spoofed IP address. -The target responds with the SYN-ACK packet, but the packet goes to the spoofed IP address, so a response never comes. -The target leaves the connection open and waiting for a response to complete the 3-way handshake. -The target becomes overwhelmed while waiting for the response packets.
Which of the following blackhole implementations sends traffic going to a specific destination to the blackhole? Remote blackhole filtering Blackholing internal attacks Sinkhole Redirection
Remote blackhole filtering Remote blackhole filtering is similar to redirection, except instead of redirecting all traffic from a specific source, all traffic to a specific destination is redirected to the blackhole for the duration of the attack.
Which type of honeypot is a high-interaction honeypot that is deployed by research institutes, governments, or military organizations to gain detailed knowledge about the actions of intruders? Production honeypot Spider honeypot Research honeypot Database honeypot
Research honeypot Research honeypots are high-interaction honeypots that are deployed by research institutes, governments, or military organizations to gain detailed knowledge about the actions of intruders.
Using the Group Policy Management tool on your Windows server, you are going to create a new group policy using a binary policy file you recently created. What do you do next? -Right-click on the domain name CorpNet.xyz and click Create a GPO in this domain. -Expand the Group Policy Objects folder under CorpNet.xyz and add the binary object file. -Drag the binary policy file and drop it on top of the domain in the tool. -Execute the binary object from PowerShell and then click the Group Policy Results section to verify successful completion.
Right-click on the domain name CorpNet.xyz and click Create a GPO in this domain.
Which of the following needs to be configured so a firewall knows which traffic to allow or block? Rules NAT VPN Bastion host
Rules A firewall controls access to a network through a specific set of rules. Rules determine the traffic that is allowed to pass into, within, or out of the network. Most firewalls are configured to detect the type of traffic, the source and destination addresses, and ports.
Which of the following is used to monitor and control PLC systems? HMI Modbus SCADA DCS
SCADA Supervisory control and data acquisition (SCADA) controllers are used to monitor and control PLC systems. They gather data and make adjustments in the system based on the data acquired from sensors.
Which of the following types of attacks involves constructing malicious commands with the goal of modifying a database? DDoS SQL injection Overflow attack Directory traversal
SQL injection SQL injection attacks involve injecting malicious commands into SQL commands and then injecting that into input fields on a website with the goal of modifying the database.
You have just finished creating several network polices using the Network Policy Server (NPS) as shown in the image. Vera belongs to the Sales, Marketing, and Research groups. What kind of access will Vera have? She will be denied access because the Connections to other access servers option is evaluated first. She will be granted access because she belongs to the Sales group, and that group is evaluated first. She will be granted access because she belongs to the Research group, which overrides the Sales and Marketing policies. She will be denied access because she belongs to the Marketing group, which overrides the Sales policy.
She will be granted access because she belongs to the Sales group, and that group is evaluated first.
Which of the following attacks involves modifying the IP packet header and source address to make it look like they are coming from a trusted source? Zero-day Whitelisting DNS poisoning Spoofing
Spoofing
You have just used OWASP ZAP to run a vulnerability scan on your company's site.3 From the Information window, select the tab that lets you view the vulnerabilities found.
The Alerts tab presents a list of vulnerabilities you want to be aware of.
You created a honeypot server using Pentbox. After a while, you go back to the honeypot server to see what it has been capturing. Which of the following can be gleaned from the results shown? The operating system used by the attacker The country from which the attack took place The name of the host making the attack The number of hops to the attacker
The operating system used by the attacker By examining the results, you can see such things as the operating system being used by the attacker (Windows NT 10.0), the IP address of the attacker (142.191.29.25), and the type of browser used by the attacker (Google Chrome).
You are using Burpsuite to evaluate a new employee portal that will be put into production soon. Based on the highlighted POST traffic and the information in the bottom pane, what can you conclude? -There is not enough information to conclude anything. -The portal is using HTTP and login information is probably being transmitted in cleartext. -The login.php file should be renamed to obscure its purpose. -The portal is ready for production without changes.
The portal is using HTTP and login information is probably being transmitted in cleartext. The portal is using HTTP and login information is probably being transmitted in cleartext. We come to this conclusion because it is a POST method, the name of the file is login.php, and in the lower pane we see that the Origin value is HTTP. Therefore, the logins are probably not secured.
What does the HTTP response message 5xx indicate? The request included bad syntax or another error and cannot be completed. The server did not complete the request. The action was successful. Additional actions need to be taken to complete the request.
The server did not complete the request. The 5xx HTTP response message indicates that the server did not complete the request. The following describes the different HTTP response messages that can be sent when the client requests a web page: -1xx is informational. It indicates a request has been received and the process is continuing. -2xx is success. It indicates an action was received, understood, and accepted. -3xx is redirection. It indicates an additional action needs to be taken to complete the request. -4xx is a client error. It indicates that a request included bad syntax or another error and cannot be completed. -5xx is a server error. It indicates that the server did not complete the request.
While configuring a perimeter firewall on your network using pfSense, you created the rule shown in the image. The intent of the rule is to allow secure traffic coming from the internet through the firewall and to the web server (172.16.1.5) in the DMZ. What have you configured incorrectly? The source and destination ports should be HTTPs. Action should be set to Block. Source should be set to Any. The interface should be configured with the LAN interface.
The source and destination ports should be HTTPs.
Drag the possible detection state to the matching description: -The system accurately detected a threat. -The system accurately detected legitimate traffic and did not flag it. -The system flagged harmless traffic as a potential threat. -Malicious traffic is flagged as harmless. -True-Positive -True-Negative -False-Positive -False-Negative
The system accurately detected a threat. True-Positive The system accurately detected legitimate traffic and did not flag it. True-Negative The system flagged harmless traffic as a potential threat. False-Positive Malicious traffic is flagged as harmless. False-Negative
ou are working with ACLs on your Windows machine and have created some complex permissions with many users and groups defined. Now you want to back up those permissions so that they can be restored in the event of a system failure. What is missing from the below command? PS C:\Users\Administrator> icacls C:\FileShare /save -There has been no file name specified. -The users and groups for which the ACLs are defined is not listed. -The users for the specific ACLs have not been set. -The administrator's password has to be included.
There has been no file name specified. No file name has to be specified in the command.
In what order are rules in an ACL processed? Based on the protocols being used Top to bottom No particular order Bottom to top
Top to bottom Rules in ACLs are processed top to bottom. The most important and specific rules should be placed at the top.
After having downloaded and installed pfblockerng for your pfsense firewall, you are configuring what sites to block. How do you block lists of websites you don't want the employees to access? Create a text file with a list of URLs you wish to block. Use lists found on the internet that are formatted for pfblockerng. Purchase a license to pfsense and use the built-in block lists. Install a proxy to sit between users and the pfsense firewall to whitelist URLs.
Use lists found on the internet that are formatted for pfblockerng.
Match each attack to the appropriate defense: -Use rigid specifications to validate all headers, cookie query strings, hidden fields, and form fields. -Perform input validation. Do not permit dangerous characters in the input. -Log off immediately after using a web application. Clear History after using a web application, and don't allow your browser to save your login details. -Secure remote administration and connectivity testing. Perform extensive input validation. Configure the firewall to deny ICMP traffic. Stop data processed by the attacker from being executed. -Update web servers with security patches on a regular basis. Limit access to the secure areas of the website. XXS Attack DOS Attack CSRF Attack Injection Attack Directory Traversal
Use rigid specifications to validate all headers, cookie query strings, hidterm-7den fields, and form fields. -XSS Attackterm-4 Perform input validation. Do not permit dangerous characters in the input. -Injection Attack Log off immediately after using a web application. Clear History after using a web application, and don't allow your browser to save your login details. -CSRF Attack Secure remote administration and connectivity testing. Perform extensive input validation. Configure the firewall to deny ICMP traffic. Stop data processed by the attacker from being executed. -DOS Attack Update web servers with security patches on a regular basis. Limit access to the secure areas of the website. -Directory Traversal
You have just run the nmap command shown below. Which vulnerabilities were found on the target firewall? VPN Telnet UDP SSHN HTTPS HTTP FTP
VPN VPN was the vulnerability found, as can be seen in the report, "Firewall vulnerable to bypass through vpn helper". The services shown (HTTPS, SSHN, HTTP) are the results of successfully bypassing the firewall using a VPN.
Which of the following BEST describes the role of a remediation server? Relays the statement of health to a backend server. Works to bring devices up to a minimum security level. Verifies that a device meets the minimum security requirements. Authenticates users based on their user credentials.
Works to bring devices up to a minimum security level.
Which of the following Linux permissions allows files to be added or deleted from a directory? Write Read Execute Modify
Write The Write Linux permission allows a file to be changed. It also allows files to be added or deleted from a directory.
Which of the following attacks exploit vulnerabilities in the web application and allows the attacker to compromise a user's interactions with the app? On-path Overflow DDoS XSS
XSS XSS attacks exploit vulnerabilities in the web application and allows the attacker to compromise a user's interactions with the app. In these attacks, the hacker inserts malicious code into a website. When a user accesses the infected site, the code is run on their computer. XSS attacks can be used to gather session IDs, steal data, crack passwords, run keylogging, and more.
You are in the process of configuring pfSense Suricata as your intrusion detection and prevention system (IDS/IPS). You have just finished configuring the Global Settings and have enabled the installation of the ETOpen Emerging Threats rules. To get these rules, select the option tab you must use next.
You must select the Updates tab and then select Updates to download the ETOpen Emerging Threats rules.
You are the security analyst for your organization. During a vulnerability analysis, you have discovered what looks to be malware, but it does not match any signatures or identifiable patterns. Which of the following BEST describes the threat you have discovered? Virus Zero-day Trojan horse Known threat
Zero-day
Which Windows command line tool can be used to show and modify a file's permissions? chmod chown ACL icacls
icacls The command line tool icacls can be used to show and modify a file's permissions.
You are the security analyst for a small corporate network. You are concerned that several employees may still be using the unsecured FTP protocol against company policy. You have been capturing data for a while using Wireshark and are now examining the filtered FTP results. You see that several employees are still using FTP. Which user account used the password of lsie*$11?
jsmith
Cisco devices have a special interface called _____, which is designed to act as a blackhole.
null0 Cisco devices have a special interface called null0, which is designed to act as a blackhole. Any traffic that is forwarded to the null0 interface is discarded without informing the sender.
Which command is used to allow a string to be copied in the code, but can be exploited to carry out overflow attacks? strcpy ls -l icacls chmod
strcpy The strcpy command is included in the C and C++ languages. It was a useful command that allowed a string to be copied in the code. The problem with this command is it doesn't check to see if the data being copied would overwrite the boundaries of a buffer. Attackers could exploit programs using this command to carry out overflow attacks.
