CMIT312 - Final Exam

The __________ vulnerability is a vulnerability present in some servers that can be exploited by hackers in the browser address window and cause commands to be run on the server.

When an ethical hacker uses nslookup, which protocol are they querying?

Attackers can use a simple test to find out if an application is vulnerable to an OLE DB error. They can fill in the username and password fields with __________.

__________ is a small utility that lists all USB devices currently connected to a computer, as well as all previously used USB devices.

The __________ method appends data in the URL field.

Which of the following password attacks is conducted using nontechnical means?

__________ is a command-line utility provided by Microsoft with SQL Server 2000 (and Microsoft SQL Server 2000 Desktop Engine) that allows users to issue queries to the server.

__________ is a Microsoft-proprietary protocol that authenticates users and computers based on an authentication challenge and response.

__________ is the exploitation of an organization's telephone, dial, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources.

Which of the following attacks would you choose to seize control of a legitimate user's web application session while the session is still in progress?