2). Discuss the various types of router attacks and methods to prevent attacks.
3). While you are working the help desk for a corporate network, a user named Leo calls to request access to the files for Trinity, a new classified project. The Trinity files are stored in a shared folder on a file server, which is locked in a secured underground data storage facility in New Mexico. After verifying that he has the appropriate security clearance for the project, you create a new group on the file server called TRINITY_USERS and add Leo’s user account to that group. Then, you add the TRINITY_USER group to the access control list for the Trinity folder on the file server, and assign the group the following NTFS permissions:
Allow Modify, Allow Read & Execute, Allow List Folder Contents, Allow Read, Allow Write
Some time later, Leo calls you to tell you that he is able to access the Trinity folder and read the files stored there, but he has been unable to save changes back to the server. What is the most likely cause of the problem?
4). Adatum, Inc. is a large corporation with an Active Directory network that consists of a headquarters and branch offices in cities throughout the country. The company’s IT department is in the process of deploying a new Web-based application that they have developed in-house, and the IT director is concerned about providing users in the branch offices with secured access to the application.
The director has instructed you to install a certification authority (CA) on one of your Windows Server 2008 servers. The CA must enable Active Directory clients in the branch offices to manually submit enrollment requests for certificates using a Web-based interface. The CA should be able to generate the certificates using a custom template based on settings supplied by the application developers. The director also wants all certificate enrollment requests to be manually approved by an administrator before the CA issues the certificates. Create a list of the tasks you must perform to install and configure the CA the director has requested, along with a reason for performing each task.
This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.I enumerate the following SQL tools: Web Cruiser, Absinthe and Witool.
Web Cruise is a powerful website security auditing tool that supports lots of features, like: SQL Injection, Cross Site Scripting, XPath Injection. It can be run under Windows and MAC OS as well. Besides website scanning, it also can be used for POC (Proof of Concept) scanning and for penetration tests, due its wide range of embedded features. It detects vulnerabilities for all main database systems, like Oracle, DB2, Access and SQL, of course.
Absinthe (known in the past as SQLSqueal) is a free auditing tool that is able to detect blind and verbose SQL injections. It was considered first good automated tool for inference tasks. It runs under all OS versions (Linux included) and has a easy-to-use GUI (Graphical User Interface).
Witool presents the following features:ORACLE Injection, Injection Auto script, Save XML from data, Inquery (View, Function object), SQL SERVER Injection, Error base ,Injection script customizing but also Inquery (Db system info, Auth, Tables, Columns, Data). Even if its GUI is not so attractive like the previous two, it still can be used with accuracy and easiness by someone who is familiar with web scanning in general....