Module 9 quiz

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following strings in the Apache common log format represents "time" when the server receives the request in the format "[day/month/year:hour:minute:second zone]"? %h %u %t %l

%t

Identify the regular expression that is used to detect meta-characters in an SQL injection attack. /exec(\s|\+)+(s|x)p\w+/ix /((\%27)|(\'))union/ix /((\%3D)|(=))[^\n]*((\%27)|(\')|(\-\-)|(%3B)|(;))/i /\w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))/ix

/((\%3D)|(=))[^\n]*((\%27)|(\')|(\-\-)|(%3B)|(;))/i

Jonas, a forensics professional, was tasked with investigating an application hosted on an Apache server running on an Ubuntu machine. As the first step of the investigation, Jonas navigated to the storage location of the log files to view all the access and error logs. Identify the storage location of the log files in Ubuntu where Jonas could find useful information for the investigation. /usr/local/etc/apache22/httpd.conf /etc/apache2/apache2.conf ORACLE_HOME\Apache\Apache\conf /etc/httpd/

/etc/apache2/apache2.conf

Jaxton, a forensics expert, was analyzing the IIS logs in a Windows-based server that was compromised earlier. He initiated the investigation process by extracting the IIS log entries and monitored the "sc-status" field to identify how the attacker's request was fulfilled without error. Which of the following codes represents the "sc-status" in the IIS log entry? 200 80 27 365

200

1. The victim clicks the link and is redirected to the bank website. 2. The attacker logs into the server using the victim's credentials with the same session ID. 3. The attacker visits the bank website and logs in using their credentials. 4. The attacker sends an email to the victim that contains a link with a fixed session ID. 5. The web server sets a session ID on the attacker's machine. 6. The victim logs in to the server using their credentials and fixed session ID. 1 -> 2 -> 3 -> 4 -

3 -> 5 -> 4 -> 1 -> 6 -> 2

Given below is an example of an Apache access log entry in the common log format: "10.10.10.10 - Jason [17/Aug/2019:00:12:34 +0300] "GET/images/content/bg_body_1.jpgHTTP/1.0" 500 1458" From the above log entry, identify the status code indicating that the response was successful. [17/Aug/2019:00:12:34 +0300] 1458 500 10.10.10.10

500

Malcolm, a professional hacker, was attempting to intrude into an organization's network. In this process, he obtained the credentials of an employee using packet sniffers. Using the stolen credentials, Malcolm impersonated the employee to intrude into the organization's network. Identify the type of attack performed by Malcolm in the above scenario. XML external entities Unvalidated redirects and forwards Authentication hijacking Security management exploits

Authentication hijacking

Boney, a forensics officer, was tasked with investigating a Windows Server machine suspected of being used for malicious online activities. He initiated the investigation process by executing a built-in Windows tool that helped him analyze NetBIOS over TCP/IP activity. Identify the command used by Boney in the above scenario. C:\> net use C:\> nbstat -S C:\> eventvwr.msc C:\> schtasks.exe

C:\> nbstat -S

Which of the following commands is used by security specialists to check for any unusual network services? C:\> nbstat -S C:\> net use C:\> net start C:\> schtasks.exe

C:\> net start

Which of the following commands is used to find any unusual listening on TCP and UDP ports? C:\> net use C:\> schtasks.exe C:\> eventvwr.msc C:\> netstat -na

C:\> netstat -na

Which of the following commands is used by investigators to find scheduled and unscheduled tasks on localhost? C:\> dir C:\> net start C:\> schtasks.exe C:\> net use

C:\> schtasks.exe

Which of the following time standards is used by the IIS server to record IIS logs, helping synchronize servers in multiple time zones? India Standard Time (IST) Eastern African Time (EAT) Greenwich Mean Time (GMT) Coordinated Universal Time (UTC)

Coordinated Universal Time (UTC)

In which of the following attacks does the attacker make an authenticated user perform certain tasks on the web application chosen by the attacker? Path/directory traversal Unvalidated input Cross-site scripting (XSS) Cross-site request forgery

Cross-site request forgery

Reid, an attacker, targeted an online COVID survey website, where citizens provide their personal and health-related details. He took advantage of a vulnerability present in the web application and manipulated the communication between the users and the server to make changes to the application data. Identify the type of attack performed by Reid in the above scenario. Path/directory traversal Parameter/form tampering Cookie poisoning Broken access control

Parameter/form tampering

Identify the attack in which the attackers tamper with the URL, HTTP requests, headers, hidden fields, form fields, and query strings to bypass security implementations. Sensitive data exposure Security misconfiguration Denial-of-service Unvalidated input

Unvalidated Input

Tanner, a professional hacker, sent a fake email to Killian describing new offers on his credit card. Killian, without verifying the legitimacy of the email, clicked on the malicious link in the email. As a result, a malicious script was executed on Killian's system, granting backdoor access to Tanner. Identify the type of attack performed by Tanner in the above scenario. Security management exploits Session fixation attack XML external entities Unvalidated redirects and forwards

Unvalidated redirects and forwards

Which of the following fields in the IIS log entry indicates that the user wanted to download a file from a folder? cs-uri-query cs-uri-stem cs(Referer) cs-username

cs-uri-stem

In which of the following URLs did attackers double-encode the input to perform an SQL injection attack? http://www.bank.com/accounts.php?id=1+UNunionION+SEselectLECT+1,2,3--/**/SeLecT/**/1,2,3— http://www.bank.com/accounts.php?id=1+UnioN/**/SeLecT/**/1,2,3-- http://www.bank.com/accounts.phpid=1%252f%252a*/union%252f%252a/select%252f%252a*/ 1,2,3%252f%252a*/from%252f%252a*/users— http://www.bank.com/accounts.php?id=1+uni%Obon+se%Oblect+1,2,3--

http://www.bank.com/accounts.php?id=1%252f%252a*/union%252f%252a/select%252f%252a*/ 1,2,3%252f%252a*/from%252f%252a*/users—

Which of the following elements of Apache core handles server startups and timeouts? http_request http_main http_protocol Alloc.c

http_main

Which of the following elements of Apache core is responsible for managing the routines and interacts with the client and handles all the data exchange and socket connections between the client and the server? http_request http_main http_core http_protocol

http_protocol


Kaugnay na mga set ng pag-aaral

Chapter 13 Accounting Changes Prior period Errors

View Set

Psych 2000 Brossoit exam 2, PSYCH-BROSSOIT EXAM 2

View Set

Chapter Quiz - Oklahoma Statutes, Rules, and Regulations Common to all lines

View Set

Ch. 16 Exam Questions (Health) - Private Insurance Plans for Seniors

View Set

магнитная индукция

View Set

Muckrakers and the NAACP - Progressive reform

View Set

HA&P Pearson Module Ch. 3 Part 2

View Set

ATI: Nursing Care of Children (ALL: Book, adaptive quizzes, assessments A & B)

View Set

Chapter 8: Lifting and Moving Patients

View Set