Identify the attack when an attacker by several trial and error can read the contents of a password file present in the restricted etc folder just by manipulating the URL in the browser as shown:
http://www.terabytes.com/process.php./../../../../etc/passwd
A. Directory Traversal Attack
B. SQL Injection Attack
C. Denial-of-Service Attack
D. Form Tampering Attack
The Syslog message severity levels are labelled from level 0 to level 7. What does level 0 indicate?
A. Alert
B. Notification
C. Emergency
D. Debugging
Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process?
A. threat_note
B. MagicTree
C. IntelMQ
D. Malstrom
Daniel is a member of an IRT, which was started recently in a company named Mesh Tech. He wanted to
find the purpose and scope of the planned incident response capabilities.
What is he looking for?
A. Incident Response Intelligence
B. Incident Response Mission
C. Incident Response Vision
D. Incident Response Resources
An attacker, in an attempt to exploit the vulnerability in the dynamically generated welcome page, inserted
code at the end of the company's URL as follows:
http://technosoft.com.com/.
Identify the attack demonstrated in the above scenario.
A. Cross-site Scripting Attack
B. SQL Injection Attack
C. Denial-of-Service Attack
D. Session Attack
Which of the following Windows Event Id will help you monitors file sharing across the network?
A. 7045
B. 4625
C. 5140
D. 4624
Which of the following is a default directory in a Mac OS X that stores security-related logs?
A. /private/var/log
B. /Library/Logs/Sync
C. /var/log/cups/access_log
D. ~/Library/Logs
What does the Security Log Event ID 4624 of Windows 10 indicate?
A. Service added to the endpoint
B. A share was assessed
C. An account was successfully logged on
D. New process executed
Which of the following attack inundates DHCP servers with fake DHCP requests to exhaust all available IP addresses?
A. DHCP Starvation Attacks
B. DHCP Spoofing Attack
C. DHCP Port Stealing
D. DHCP Cache Poisoning
Which of the following tool can be used to filter web requests associated with the SQL Injection attack?
A. Nmap
B. UrlScan
C. ZAP proxy
D. Hydra