- (Topic 14)
What is the problem with this ASP script (login.asp)?
<%
Set objConn = CreateObject("ADODB.Connection") objConn.Open Application("WebUsersConnection")
sSQL="SELECT * FROM Users where Username=? & Request("user") & _ "?and Password=? & Request("pwd") & "?
Set RS = objConn.Execute(sSQL)
If RS.EOF then Response.Redirect("login.asp?msg=Invalid Login") Else
Session.Authorized = True
Set RS = nothing
Set objConn = nothing Response.Redirect("mainpage.asp") End If
%>
Correct Answer:B
- (Topic 23)
What is War Dialing?
Correct Answer:A
- (Topic 23)
One of the better features of NetWare is the use of packet signature that includes cryptographic signatures. The packet signature mechanism has four levels from 0 to 3.
In the list below which of the choices represent the level that forces NetWare to sign all packets?
Correct Answer:D
0Server does not sign packets (regardless of the client level).
1Server signs packets if the client is capable of signing (client level is 2 or higher). 2Server signs packets if the client is capable of signing (client level is 1 or higher). 3Server signs packets and requires all clients to sign packets or logging in will fail.
- (Topic 8)
SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large number of half-open TCP connections.
The signature for SYN Flood attack is:
Correct Answer:C
A SYN attack occurs when an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. The attacker floods the target system's small "in-process" queue with connection requests, but it does not respond when a target system replies to those requests. This causes the target system to time out while waiting for the proper response, which makes the system crash or become unusable.
- (Topic 10)
Which is the right sequence of packets sent during the initial TCP three way handshake?
Correct Answer:D
A TCP connection always starts with a request for synchronization, a SYN, the reply to that would be another SYN together with a ACK to acknowledge that the last package was delivered successfully and the last part of the three way handshake should be only an ACK to acknowledge that the SYN reply was recived.