Look at the following SQL query.
SELECT * FROM product WHERE PCategory=’computers’ or 1=1–‘
What will it return? Select the best answer.
A. All computers and all 1’s
B. All computers
C. All computers and everything else
D. Everything except computers
The 1=1 tells the SQL database to return everything,a simplified statement would be SELECT * FROM product WHERE 1=1 (which will always be true for all columns). Thus,this query will return all computers and everything else. The or 1=1 is a common test to see if a web application is vulnerable to a SQL attack.
Sandra is conducting a penetration test for XYZ.com. She knows that XYZ.com is using wireless networking for some of the offices in the building right down the street. Through social engineering she discovers that they are using 802.11g. Sandra knows that 802.11g uses the same 2.4GHz frequency range as 802.11b. Using NetStumbler and her 802.11b wireless NIC, Sandra drives over to the building to map the wireless networks. However, even though she repositions herself around the building several times, Sandra is not able to detect a single AP.
What do you think is the reason behind this?
A. Netstumbler does not work against 802.11g.
B. You can only pick up 802.11g signals with 802.11a wireless cards.
C. The access points probably have WEP enabled so they cannot be detected.
D. The access points probably have disabled broadcasting of the SSID so they cannot be detected.
E. 802.11g uses OFDM while 802.11b uses DSSS so despite the same frequency and 802.11b card cannot see an 802.11g signal.
F. Sandra must be doing something wrong,as there is no reason for her to not see the signals.
WEP is used on 802.11 networks, what was it designed for?
A. WEP is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what it usually expected of a wired LAN.
B. WEP is designed to provide strong encryption to a wireless local area network (WLAN) with a lever of integrity and privacy adequate for sensible but unclassified information.
C. WEP is designed to provide a wireless local area network (WLAN) with a level of availability and privacy comparable to what is usually expected of a wired LAN.
D. WEOP is designed to provide a wireless local area network (WLAN) with a level of privacy comparable to what it usually expected of a wired LAN.
WEP was intended to provide comparable confidentiality to a traditional wired network (in particular it does not protect users of the network from each other),hence the name. Several serious weaknesses were identified by cryptanalysts j any WEP key can be cracked with readily available software in two minutes or less j and WEP was superseded by Wi-Fi Protected Access (WPA) in 2003,and then by the full IEEE 802.11i standard (also known as WPA2) in 2004.
RC4 is known to be a good stream generator. RC4 is used within the WEP standard on wireless LAN. WEP is known to be insecure even if we are using a stream cipher that is known to be secured.
What is the most likely cause behind this?
A. There are some flaws in the implementation.
B. There is no key management.
C. The IV range is too small.
D. All of the above.
E. None of the above.
Because RC4 is a stream cipher,the same traffic key must never be used twice. The purpose of an IV,which is transmitted as plain text,is to prevent any repetition,but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV,there is a 50% probability the same IV will repeat after 5000 packets. Many WEP systems require a key in hexadecimal format. Some users choose keys that spell words in the limited 0-9,A-F hex character set,for example C0DE C0DE C0DE C0DE. Such keys are often easily guessed.
In an attempt to secure his wireless network, Bob implements a VPN to cover the wireless communications. Immediately after the implementation, users begin complaining about how slow the wireless network is. After benchmarking the networkos speed. Bob discovers that throughput has dropped by almost half even though the number of users has remained the same.
Why does this happen in the VPN over wireless implementation?
A. The stronger encryption used by the VPN slows down the network.
B. Using a VPN with wireless doubles the overhead on an access point for all direct client to access point communications.
C. VPNs use larger packets then wireless networks normally do.
D. Using a VPN on wireless automatically enables WEP,which causes additional overhead.
By applying VPN the access point will have to recalculate all headers destined for client and from clients twice.
In an attempt to secure his wireless network, Bob turns off broadcasting of the SSID. He concludes that since his access points require the client computer to have the proper SSID, it would prevent others from connecting to the wireless network. Unfortunately unauthorized users are still able to connect to the wireless network.
Why do you think this is possible?
A. Bob forgot to turn off DHCP.
B. All access points are shipped with a default SSID.
C. The SSID is still sent inside both client and AP packets.
D. Bobos solution only works in ad-hoc mode.
All access points are shipped with a default SSID unique to that manufacturer,for example 3com uses the default ssid comcomcom.
In an attempt to secure his 802.11b wireless network, Ulf decides to use a strategic antenna positioning. He places the antenna for the access points near the center of the building. For those access points near the outer edge of the building he uses semi-directional antennas that face towards the buildingos center. There is a large parking lot and outlying filed surrounding the building that extends out half a mile around the building. Ulf figures that with this and his placement of antennas, his wireless network will be safe from attack.
Which of the following statements is true?
A. With the 300 feet limit of a wireless signal,Ulfos network is safe.
B. Wireless signals can be detected from miles away,Ulfos network is not safe.
C. Ulfos network will be safe but only of he doesnot switch to 802.11a.
D. Ulfos network will not be safe until he also enables WEP.
Which of the following is NOT a reason 802.11 WEP encryption is vulnerable?
A. There is no mutual authentication between wireless clients and access points
B. Automated tools like AirSnort are available to discover WEP keys
C. The standard does not provide for centralized key management
D. The 24 bit Initialization Vector (IV) field is too small
The lack of centralized key management in itself is not a reason that the WEP encryption is vulnerable,it is the people setting the user shared key that makes it unsecure.
Which of the following is true of the wireless Service Set ID (SSID)? (Select all that apply.)
A. Identifies the wireless network
B. Acts as a password for network access
C. Should be left at the factory default setting
D. Not broadcasting the SSID defeats NetStumbler and other wireless discovery tools
Which of the following wireless technologies can be detected by NetStumbler? (Select all that apply)
If you check the website,cards for all three (A,B,G) are supported. See: http://www.stumbler.net/
Download Latest ECCouncil 312-50v8 Real Free Tests , help you to pass exam 100%.