- (Topic 8)
Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in which also he remains unsuccessful. What is the probable cause of Bill's problem?
Correct Answer:C
- (Topic 2)
A digital signature is simply a message that is encrypted with the public key instead of the private key.
Correct Answer:B
- (Topic 8)
Tess King is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication?
Correct Answer:B
Digest access authentication is one of the agreed methods a web page can use to negotiate credentials with a web user (using the HTTP protocol). This method builds upon (and obsoletes) the basic authentication scheme, allowing user identity to be established without having to send a password in plaintext over the network.
- (Topic 1)
How does traceroute map the route a packet travels from point A to point B?
Correct Answer:B
Traceroute works by increasing the "time-to-live" value of each successive batch of packets sent. The first three packets have a time-to-live (TTL) value of one (implying that they make a single hop). The next three packets have a TTL value of 2, and so on. When a packet passes through a host, normally the host decrements the TTL value by one, and forwards the packet to the next host. When a packet with a TTL of one reaches a host, the host discards the packet and sends an ICMP time exceeded (type 11) packet to the sender. The traceroute utility uses these returning packets to produce a list of hosts that the packets have traversed en route to the destination.
- (Topic 4)
Which of the following is an application that requires a host application for replication?
Correct Answer:D