Question 266
Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are-secure.com.
She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the
ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request
traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server.
Which of the following DoS attacks is Maria using to accomplish her task?
Question 267
OutGuess is used for __________ attack.
Question 268
Adam, a malicious hacker has successfully gained unauthorized access to the Linux system of Umbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and database files from the computer.
After performing these malicious tasks, Adam finally runs the following command on the Linux command box before disconnecting.
for (( i = 0;i<11;i++ )); do dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda done Which of the following actions does Adam want to perform by the above command?
Question 269
Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:
Scan directed at open port: ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23192.5.2.92:4079 <----NO RESPONSE--
---192.5.2.110:23
Scan directed at closed port:
ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23
192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
Which of the following types of port scan is Adam running?
Question 270
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-
secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is
as follows:
C:\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the
following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.
