1. What methods does a social engineering hacker use to gain information about a user's login id and password? How would this method differ if it were targeted towards an administrator's assistant versus a data-entry clerk?
2. What is a buffer overflow, and how is it used against a Web server?