C.

 Mac Flooding

B.

Creating a high number of half-open connections.

Explanation: A SYN attack occurs when an attacker exploits the use of the buffer space
during a Transmission Control Protocol (TCP) session initialization handshake. The
attacker floods the target system's small "in-process" queue with connection requests, but
it does not respond when a target system replies to those requests. This causes the target
system to time out while waiting for the proper response, which makes the system crash or
become unusable.

A.

The command /bin/sh sh –i appearing in the exploit code is actually part of an inetd
configuration file.

Explanation: Whats going on in the above question is the attacker is trying to write to the
unix filed /tm/x (his inetd.conf replacement config) - he is attempting to add a service
called ingresslock (which doesnt exist), which is "apparently" suppose to spawn a shell the
given port specified by /etc/services for the service "ingresslock", ingresslock is a nonexistant
service, and if an attempt were made to respawn inetd, the service would error out
on that line. (he would have to add the service to /etc/services to suppress the error). Now
the question is asking about /bin/sh sh -i which produces an error that should read "sh:
/bin/sh: cannot execute binary file", the -i option places the shell in interactive mode and
cannot be used to respawn itself.

B.

netstat, ps, top

Explanation:
The easiest programs to trojan and the smartest ones to trojan are ones commonly run by
administrators and users, in this case netstat, ps, and top, for a complete list of commonly
trojaned and rootkited software please reference this URL:
http://www.usenix.org/publications/login/1999-9/features/rootkits.html

B.

This is back orifice activity as the scan comes from port 31337.

Explanation: Port 31337 is normally used by Back Orifice. Note that 31337 is hackers
spelling of ‘elite’, meaning ‘elite hackers’.

A.

 Use encryption to protect sensitive data

B.

 Restrict the interactive logon privileges

C.

Run services as unprivileged accounts

E.

 Run users and applications on the least privileges

C.

It is easy and extremely effective to gain information.

Explanation: Social engineering is a collection of techniques used to manipulate people
into performing actions or divulging confidential information. While similar to a confidence
trick or simple fraud, the term typically applies to trickery for information gathering or
computer system access and in most (but not all) cases the attacker never comes face-toface
with the victim. The term has been popularized in recent years by well known
(reformed) computer criminal and security consultant Kevin Mitnick who points out that it's
much easier to trick someone into giving you his or her password for a system than to
spend the effort to hack in. He claims it to be the single most effective method in his
arsenal.

A.

Company web site

Explanation: Whois query would not enable us to find the CGI scripts whereas in the
actual website, some of them will have scripts written to make the website more user
friendly. The EDGAR database would in fact give us a lot of the information requested but
not the location of CGI scripts, as would a simple search engine on the Internet if you have
the time needed.