CSSLP Question #216: Real Exam Question with Answer & Explanation

The correct answer is B: IIS buffer overflow. Removing IPP printing capability from a server, especially an IIS server, is a common countermeasure against vulnerabilities like buffer overflows that can be exploited through web-based services.

Secure Software Testing

Question

John works as a professional Ethical Hacker. He has been assigned the project of testing the attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

Options

ASNMP enumeration
BIIS buffer overflow
CNetBIOS NULL session
DDNS zone transfer

Explanation

Removing IPP printing capability from a server, especially an IIS server, is a common countermeasure against vulnerabilities like buffer overflows that can be exploited through web-based services.

Common mistakes.

A. SNMP enumeration involves gathering information about a network by querying the Simple Network Management Protocol agent, which is unrelated to IPP printing.
C. NetBIOS NULL sessions are used to access network shares and gather information without authentication, separate from printing services.
D. DNS zone transfer is a process where a DNS server transfers a copy of part of its database to another DNS server, which is unrelated to IPP printing.

Concept tested. IIS buffer overflow countermeasures

Topics

#Buffer overflow#Vulnerability assessment#Security countermeasures#IIS security

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions