There are two types of honeypots- high and low interaction. Which of these describes a low interaction honeypot? Select the best answers.
Answer : A, C, D, E
An Evil Cracker is attempting to penetrate your private network security. To do this, he must not be seen by your IDS, as it may take action to stop him. What tool might he use to bypass the IDS?
Select the best answer.
Answer : C
What is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detection System?
Answer : B
Study the following exploit code taken from a Linux machine and answer the questions below:
echo ''ingreslock stream tcp nowait root /bin/sh sh --I" > /tmp/x;
/usr/sbin/inetd --s /tmp/x;
/bin/ rm --f /tmp/x AAAA...AAA
In the above exploit code, the command ''/bin/sh sh --I" is given.
What is the purpose, and why is 'sh' shown twice?
Answer : A
The programmers on your team are analyzing the free, open source software being used to run FTP services on a server. They notice that there is an excessive number of fgets() and gets() on the source code. These C++ functions do not check bounds.What kind of attack is this program susceptible to?
Answer : A