CH19 - Course Quiz Flashcards

1
Q

A basic ACL can be thought of as a stateful firewall?

True
False

A

False

Explanation:
ACL can be considered Stateless.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which type of malware looks or pretends to do one thing while, at the same time, doing something evil?

macro
rootkit
worm
Trojan

A

Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which term refers to any form of potential attack against your Network?

threat
contingency
vulnerability
risk

A

threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which type of firwall packet inspection examines each packet fresh, with no regard to the state of the packet’s relation to any other packet?

port
stateless
stateful
filtered

A

stateless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Even with the best anti-malware tools, there are times when malware still manages to strike your computer?

True
False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A group of computers under the control of one operator is called a zombie?

True
False

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which term refers to the administrative account native to Linux?

supervisor
administrator
admin
root

A

root

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A Trojan can appear as a game, like poker?

True
False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The first and last bastion of defense for an entire infrastructure’s security is at the individual ____________?

user accounts
hosts
ports
NICs

A

hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Firewalls consider traffic as either ______________?

private or public
encrypted or unencrypted
inbound or outbound
persistent or non-persistent

A

inbound or outbound

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

______________ can run on a single computer or within a virtual machine and can look like a simple network or a vast installation?

Demilitarized Zones
Honeynets
Posture Assessments
Access Control Lists

A

Honeynets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A worm has to wait for someone to use a removable drive to replicate?

True
False

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the most common symptoms of malware on a compromised system?

general sluggishness and random crashes
dropping the Internet connection and intermittent blank screens
random messages and a blank screen
general sluggishness and random messages

A

general sluggishness and random crashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

One of the first techniquest that malicious users try to probe hosts to identify any ___________ ports?

closed
blocked
locked
open

A

open

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which type of firewall packet inspection is aware of the packet’s state, as it relates to other packets?

port
filtered
stateful
stateless

A

stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which term refers to a single computer under the control of an operator?

smurf attack
DDoS
zombie
phishing

A

zombie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Honeynets can run on a single computer or within a virtual machine?

True
False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which type of attack is a form of social engineering?

denial of service
zombie
logic bomb
phishing

A

phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which type of malware replicates exclusively through Networks?

Trojan
rootkit
macro
worm

A

worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which term refers to a program that monitors the types of Web Sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows?

Trojan Horse
macro
Spyware
Adware

A

Adware

Explanation:
Key Word - “…to generate targeted advertisements”

Adware is a program that monitors the types of Web Sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows.

Spyware is a function of any program that sends information about your system or your actions over the Internet. Browsing History, Keystrokes, Email Contacts, etc…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A _____________ host is simply a machine that is fully exposed to the Internet?

external
stateless
bastion
open

A

bastion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Trojan horses do NOT replicate?

True
False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A deauthentication (deauth) attack is a form of ________________ attack?

RF emanation
DoS
DHCP Snooping
Social Engineering

A

DoS (Denial of Service)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You can use a brute force attack to search for open ports?

True
False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which type of attack involves the attacker tapping into communications between two systems?

malware
phishing
leeching
on-path

A

on-path

26
Q

Cisco uses _________________ as one of its tools to implement network access control?

stateless inspection
botnets
persistent queries
posture assessment

A

posture assessment

27
Q

What series of standards developed by the US National Security Agency (NSA) defines how to shield symptoms and manifests in a number of different products, such as coverings for individual systems, wall coverings, and special window coating?

leeching
DMZ
HTTPS
TEMPEST

A

TEMPEST

28
Q

Social engineering attacks are considered an example of classic hacking?

True
False

A

False

29
Q

Some adware actually installs a virus when you click on the ad?

True
False

A

True

30
Q

Which term refers to a system with very high network output?

top talker
host
demilitarized zone
honeypot

A

top talker

31
Q

Viruses need human action to spread?

True
False

A

True

32
Q

ARP poisoning is a common method for ____________________ attacks?

phishing
DDoS
smurf
man-in-the-middle

A

man-in-the-middle

33
Q

Most legacy systems need to be regularly patched on a monthly basis?

True
False

A

False

34
Q

Anti-malware programs can operate as ___________________ that passively monitors a computer’s activity, checking for viruses only when certain events occur, such as a program executing or a file being downloaded?

A

virus shield

35
Q

In the context of a DDoS attack, a group of computers under the control of one operator is called a ______________?

A

botnet

36
Q

_________________ access calls for using a unique physical characteristic of a person to permit access to a controlled IT resource?

A

Biometric

37
Q

ACLs have a _________________ deny any, or will automatically deny any packets that don’t match a rule?

A

implicit

38
Q

ARP cache __________________ attacks target the ARP caches on hosts and MAC address tables on Switches?

A

poisoning

39
Q

A _____________ tries to intercept a valid computer session to get authentication information?

A

Session Hijacking

Explanation:
Keywords “….to get authentication information”
Session Hacking is a type of man-in-the-middle with the sole purpose of gaining Authentication Information.

40
Q

A ___________________ is an IT specific weakness, like a problem with hardware, software, or a configuration, that a threat takes advantage of to work?

A

vulnerability

41
Q

The aspect of a DoS Attack that focuses on sending small requests that trigger large responses reflected at your target is called _______________?

A

amplification

42
Q

____________________ inspection firewalls did not consider the state of a packet in relation to any other packets?

A

Stateless

43
Q

A _________________ functions at multiple layers of the OSI Model to tackle traffic no traditional firewall can filter alone?

A

next-generation firewall

44
Q

A ____________________ is the code pattern of a known virus?

A

signature

45
Q

When any form of malware makes you pay to get the malware to go away, we call that malware ______________?

A

ransomware

46
Q

The two jobs of a _________________ are to replicate and to activate?

A

virus

47
Q

A considerable percentage of attacks against your Network fall under the heading of ______________________ - the process of using or manipulating people inside the Networking environment to gain access to the network from the outside?

A

social engineering

48
Q

What should an administrator look for when researching unencrypted channels on a Network?

A

Using Telnet instead of SSH for Remote Terminal Connections.

Using HTTP instead of HTTPS on Web Sites

Using insecure remote desktops like VNC.

Using any insecure protocol in the clear. Run them through a VPN!

49
Q

Describe one drawback to physical door access controls?

A

The access is generally governed by something that is in the possession of someone who has authorization to enter a locked place, like a Key, Badge, Key Fob, or some other Physical Token. These items can be given or taken away, and if not reported in a timely fashion, a huge security gap exists.

50
Q

Compare Session Hijacking to a Man-in-the-Middle Attack?

A

Similar to Man-in-the-Middle Attacks, Session Hijacking tries to intercept valid computer sessions, but only for the purpose of trying to grab authentication information, NOT to listen in for any other additional information.

51
Q

Describe an on-path attack?

A

Know as Man-in-the-Middle Attack, where an attacker taps into communications between two systems, covertly intercepting traffic throught to only be between those systems, reading or in some cases even changing the data and then sending the data on.

52
Q

Describe Spyware?

A

The function of a program that sends information about your system or your actions on that system over the Internet, like browsing history, keystrokes, or even the contacts in your email among other things.

53
Q

Briefly define malware and identify several examples?

A

Describes any program or code that’s designed to do something on a system or network that you don’t want to happen.
Comes in many forms: Viruses, Worms, Macros, Trojan Horses, Rootkits, Adware, Spyware.

54
Q

Discuss how biometric access handles physical access control?

A

Calls for using a unique physical characteristic of a person to permit access to a controlled resource - Fingerprints, Facial Recognition, Voice Analyzers, Retinal Scanners, and others.

55
Q

Describe an Unintentional DoS Attack?

A

When a system is brought down unintentionally - simply a super busy Server, an organization’s infrastructure isn’t powerful enough to keep up with legitimate demand.

56
Q

Explain how a security guard can assist in physical security?

A

They get to know everyone’s faces.
They are there to protect assets and can lend a helping hand to the overloaded, but authorized, persons who needs in.
They are multipurpose in that they can secure building access, secure individual rooms/offices and perform facility patrols.

57
Q

Briefly describe a persistent agent used in posture assessment?

A

Persistent Agent is a small scanning program that, once installed on the computer, stays installed and runs everytime the computer boots up. They are composed of modules that perform a thorough inventory of each security-oriented element in the computer.

58
Q

Describe an Access Control List (ACL)?

A

It’s a clearly defined list of permissions that specifies what an authenticated user may perform on a shared resource.

59
Q

Define the term Services in the context of a Networked computer’s Operating System?

A

Services are programs running in the background of an Operating System.
They are the behind-the-scenes and do the grunt work that users don’t need to see or interact with, such as Wireless Network Clients and DHCP Clients, among many others.

60
Q

What type of Network Threats exist beyond Internet Attacks?

A

A threat can be a person sneaking into your offices and stealing passwords, or an ignorant employee deleting files they should not have access to in the first place. Natural disasters, like earthquakes, fires, floods, and crazed squirrels, are also threats.

61
Q

Briefly describe Protocol Abuse?

A

Anytime you do things with a Protocol that it wasn’t meant to do and that abuse ends up creating a Threat.