Look at the following SQL query.
SELECT * FROM product WHERE PCategory=’computers’ or 1=1–’
What will it return? Select the best answer.
A. All computers and all 1′s
B. All computers
C. All computers and everything else
D. Everything except computers
The 1=1 tells the SQL database to return everything,a simplified statement would be SELECT * FROM product WHERE 1=1 (which will always be true for all columns). Thus,this query will return all computers and everything else. The or 1=1 is a common test to see if a web application is vulnerable to a SQL attack.
Sandra is conducting a penetration test for XYZ.com. She knows that XYZ.com is using wireless networking for some of the offices in the building right down the street. Through social engineering she discovers that they are using 802.11g. Sandra knows that 802.11g uses the same 2.4GHz frequency range as 802.11b. Using NetStumbler and her 802.11b wireless NIC, Sandra drives over to the building to map the wireless networks. However, even though she repositions herself around the building several times, Sandra is not able to detect a single AP.
What do you think is the reason behind this?
A. Netstumbler does not work against 802.11g.
B. You can only pick up 802.11g signals with 802.11a wireless cards.
C. The access points probably have WEP enabled so they cannot be detected.
D. The access points probably have disabled broadcasting of the SSID so they cannot be detected.
E. 802.11g uses OFDM while 802.11b uses DSSS so despite the same frequency and 802.11b card cannot see an 802.11g signal.
F. Sandra must be doing something wrong,as there is no reason for her to not see the signals.
WEP is used on 802.11 networks, what was it designed for?
A. WEP is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what it usually expected of a wired LAN.
B. WEP is designed to provide strong encryption to a wireless local area network (WLAN) with a lever of integrity and privacy adequate for sensible but unclassified information.
C. WEP is designed to provide a wireless local area network (WLAN) with a level of availability and privacy comparable to what is usually expected of a wired LAN.
D. WEOP is designed to provide a wireless local area network (WLAN) with a level of privacy comparable to what it usually expected of a wired LAN.