CMIT 321 quiz 3 - By default, where are the IIS logs recorded

University of Maryland, University College CMIT 321 quiz 3

Session hijacking types include

Question 1 (5 points)

 By default, where are the IIS logs recorded?

Question 1 options:

Inetpub/logs

%systemroot%\logfiles

%systemroot%\system32\logfiles

Inetpub\www\logs

Save

Question 2 (5 points)

 Which steps should be taken to increase web server security? (Select all that apply.)

Question 2 options:

 

Remove unused application mappings.

 

Enable remote administration.

 

Apply service packs and hotfixes.

 

Check for malicious input in forms and query strings.

Save

Question 3 (5 points)

 

IP spoofing is not difficult and can be used in a variety of attacks. However, the attacker will not see the packets that are returned to the spoofed IP address. In this case, the attacker uses ______________ and then sniffs the traffic as it passes.

Question 3 options:

alternate data streams

source routing

session hijacking

a redirect

Save

Question 4 (5 points)

Which of the following is the best countermeasure against hijacking? (Select all that apply.)

Question 4 options:

Use unpredictable sequence numbers.

Do not use the TCP protocol.

Use encryption.

Limit the unique sessions token to each browser’s instance.

Save

Question 5 (5 points)

This IIS 7 component allows clients to publish, locks and manages resources on the web, and should be disabled on a dedicated server.

Question 5 options:

WebDAV Publishing

Remote Administration

Active Server pages

Internet Data Connector

Save

 

Question 6 (5 points)

 

Which of the following components help defend against session hijacking? (Select all that apply.)

Question 6 options:

 

per-packet integrity checking

 

source routing

 

PPTP

 

SSL

Save

Question 7 (5 points)

 

_____________ is the US government's repository of standards-based vulnerability-management data that includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics.

Question 7 options:

 

National Vulnerability Database (NVD)

 

US Cyber Security Database

 

National SQL Database

 

US Vulnerability Database

Save

Question 8 (5 points)

 

Which type of attack allows an attacker to change the DNS table of a server so that requests for sites redirect to an IP address of the attacker's choosing?

Question 8 options:

 

cache redirect

 

buffer overflow

 

cache poisoning

 

Unicode directory traversal vulnerability

Save

Question 9 (5 points)

 

An attacker sends packets to a target host using a spoofed IP address of a trusted host on a different network. What kind of packets will be returned to the attacker? 

Question 9 options:

 

ACK packets

 

RST packets

 

ISNs incremented by 1

 

No packets will be returned to the attacker.

Save

Question 10 (5 points)

 

What tool could an attacker use to capture sequence and acknowledgment numbers from a victim in order to track a network session?

Question 10 options:

 

Traceroute

 

Netstat

 

Network Sniffer

 

Nslookup

Save

Question 11 (5 points)

 

Once an initial sequence number (ISN) has been agreed to, all the packets that follow will be the ____________. This makes it possible to inject data into a communication stream.

Question 11 options:

 

ISN-1

 

ISN-2

 

ISN+1

 

ISN+2

Save

Question 12 (5 points)

 

Which of the following tools automates and takes advantage of directory traversal exploits in IIS?

Question 12 options:

 

Msw3prt IPP Vulnerability

 

IIS_Traversal

 

ServerMask

 

IIS Xploit

Save

Question 13 (5 points)

 

The Privileged Command Execution Vulnerability is executed with _______________ permissions and allows an attacker to execute arbitrary code in a section of memory not reserved for the particular application.

Question 13 options:

 

root

 

administrator

 

SYSTEM

 

guest

Save

Question 14 (5 points)

  });