You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?
Each correct answer represents a part of the solution. Choose all that apply.

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He
is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation
between two employees of the company through session hijacking. Which of the following tools will John use to
accomplish the task?

The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?

You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?

Which of the following statements about buffer overflow are true?
Each correct answer represents a complete solution. Choose two.