To prevent null sessions to an NT/2000 system, which TCP and UDP ports must you filter to check null sessions on your network?
Which of the following relative identifiers (RID) listed below identifies the administrator account on a Windows system?
The contract agreement that describes the terms of service that an outsourcer provides is known as a ________________.
This tool uses the command line to identify and report the protocol statistics of current TCP/IP connections using NBT (NetBIOS over TCP/IP).
________________ trees illustrate who, when, why, how, and with what probability an attacker might strike a system.
Which two commands can be used to enumerate UNIX systems?
What hidden share can be tested for evidence of null-session vulnerabilities?
SNMP uses ___________________ to define the information that a managed system offers.
Which password attack exploits situations in which users change their passwords by adding a number to their old password?
A null session is basically a pseudoaccount that has no username or password but can be used to access information on _______________.
Which of the following methods are considered nontechnical password attacks? (Select all that apply.)
This type of rootkit transforms calls from the legitimate application to output the attacker’s data instead of the genuine data.
________________ has a unique process for discovering and fixing security holes. The entire methodology is controlled through an efficient administrative tool that enables you to compress settings to manipulate a network or conduct a full-hammer assault.
In this type of password attack, the attacker has some information about the password. For example, the attacker knows the password contains a two- or three-digit number.
Many steganography tools use a technique that lets them hide messages inside image files by overwriting the __________________.
IT ________________ are designed to evaluate an organization’s security policies and procedures.
What component makes Kerberos a more secure network authentication system than NTLM or LM authentication schemes?
Where is the password file located on the Windows NT/2000 system?
__________________ are evaluations of a network’s vulnerability to attack through a variety of means.
______________ cache information about a log-in session for a particular user and remain valid until the user logs out or uses another system to access resources.