CH19 - Course Quiz Flashcards
A basic ACL can be thought of as a stateful firewall?
True
False
False
Explanation:
ACL can be considered Stateless.
Which type of malware looks or pretends to do one thing while, at the same time, doing something evil?
macro
rootkit
worm
Trojan
Trojan
Which term refers to any form of potential attack against your Network?
threat
contingency
vulnerability
risk
threat
Which type of firwall packet inspection examines each packet fresh, with no regard to the state of the packet’s relation to any other packet?
port
stateless
stateful
filtered
stateless
Even with the best anti-malware tools, there are times when malware still manages to strike your computer?
True
False
True
A group of computers under the control of one operator is called a zombie?
True
False
False
Which term refers to the administrative account native to Linux?
supervisor
administrator
admin
root
root
A Trojan can appear as a game, like poker?
True
False
True
The first and last bastion of defense for an entire infrastructure’s security is at the individual ____________?
user accounts
hosts
ports
NICs
hosts
Firewalls consider traffic as either ______________?
private or public
encrypted or unencrypted
inbound or outbound
persistent or non-persistent
inbound or outbound
______________ can run on a single computer or within a virtual machine and can look like a simple network or a vast installation?
Demilitarized Zones
Honeynets
Posture Assessments
Access Control Lists
Honeynets
A worm has to wait for someone to use a removable drive to replicate?
True
False
False
What are the most common symptoms of malware on a compromised system?
general sluggishness and random crashes
dropping the Internet connection and intermittent blank screens
random messages and a blank screen
general sluggishness and random messages
general sluggishness and random crashes
One of the first techniquest that malicious users try to probe hosts to identify any ___________ ports?
closed
blocked
locked
open
open
Which type of firewall packet inspection is aware of the packet’s state, as it relates to other packets?
port
filtered
stateful
stateless
stateful
Which term refers to a single computer under the control of an operator?
smurf attack
DDoS
zombie
phishing
zombie
Honeynets can run on a single computer or within a virtual machine?
True
False
True
Which type of attack is a form of social engineering?
denial of service
zombie
logic bomb
phishing
phishing
Which type of malware replicates exclusively through Networks?
Trojan
rootkit
macro
worm
worm
Which term refers to a program that monitors the types of Web Sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows?
Trojan Horse
macro
Spyware
Adware
Adware
Explanation:
Key Word - “…to generate targeted advertisements”
Adware is a program that monitors the types of Web Sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows.
Spyware is a function of any program that sends information about your system or your actions over the Internet. Browsing History, Keystrokes, Email Contacts, etc…
A _____________ host is simply a machine that is fully exposed to the Internet?
external
stateless
bastion
open
bastion
Trojan horses do NOT replicate?
True
False
True
A deauthentication (deauth) attack is a form of ________________ attack?
RF emanation
DoS
DHCP Snooping
Social Engineering
DoS (Denial of Service)
You can use a brute force attack to search for open ports?
True
False
True
Which type of attack involves the attacker tapping into communications between two systems?
malware
phishing
leeching
on-path
on-path
Cisco uses _________________ as one of its tools to implement network access control?
stateless inspection
botnets
persistent queries
posture assessment
posture assessment
What series of standards developed by the US National Security Agency (NSA) defines how to shield symptoms and manifests in a number of different products, such as coverings for individual systems, wall coverings, and special window coating?
leeching
DMZ
HTTPS
TEMPEST
TEMPEST
Social engineering attacks are considered an example of classic hacking?
True
False
False
Some adware actually installs a virus when you click on the ad?
True
False
True
Which term refers to a system with very high network output?
top talker
host
demilitarized zone
honeypot
top talker
Viruses need human action to spread?
True
False
True
ARP poisoning is a common method for ____________________ attacks?
phishing
DDoS
smurf
man-in-the-middle
man-in-the-middle
Most legacy systems need to be regularly patched on a monthly basis?
True
False
False
Anti-malware programs can operate as ___________________ that passively monitors a computer’s activity, checking for viruses only when certain events occur, such as a program executing or a file being downloaded?
virus shield
In the context of a DDoS attack, a group of computers under the control of one operator is called a ______________?
botnet
_________________ access calls for using a unique physical characteristic of a person to permit access to a controlled IT resource?
Biometric
ACLs have a _________________ deny any, or will automatically deny any packets that don’t match a rule?
implicit
ARP cache __________________ attacks target the ARP caches on hosts and MAC address tables on Switches?
poisoning
A _____________ tries to intercept a valid computer session to get authentication information?
Session Hijacking
Explanation:
Keywords “….to get authentication information”
Session Hacking is a type of man-in-the-middle with the sole purpose of gaining Authentication Information.
A ___________________ is an IT specific weakness, like a problem with hardware, software, or a configuration, that a threat takes advantage of to work?
vulnerability
The aspect of a DoS Attack that focuses on sending small requests that trigger large responses reflected at your target is called _______________?
amplification
____________________ inspection firewalls did not consider the state of a packet in relation to any other packets?
Stateless
A _________________ functions at multiple layers of the OSI Model to tackle traffic no traditional firewall can filter alone?
next-generation firewall
A ____________________ is the code pattern of a known virus?
signature
When any form of malware makes you pay to get the malware to go away, we call that malware ______________?
ransomware
The two jobs of a _________________ are to replicate and to activate?
virus
A considerable percentage of attacks against your Network fall under the heading of ______________________ - the process of using or manipulating people inside the Networking environment to gain access to the network from the outside?
social engineering
What should an administrator look for when researching unencrypted channels on a Network?
Using Telnet instead of SSH for Remote Terminal Connections.
Using HTTP instead of HTTPS on Web Sites
Using insecure remote desktops like VNC.
Using any insecure protocol in the clear. Run them through a VPN!
Describe one drawback to physical door access controls?
The access is generally governed by something that is in the possession of someone who has authorization to enter a locked place, like a Key, Badge, Key Fob, or some other Physical Token. These items can be given or taken away, and if not reported in a timely fashion, a huge security gap exists.
Compare Session Hijacking to a Man-in-the-Middle Attack?
Similar to Man-in-the-Middle Attacks, Session Hijacking tries to intercept valid computer sessions, but only for the purpose of trying to grab authentication information, NOT to listen in for any other additional information.
Describe an on-path attack?
Know as Man-in-the-Middle Attack, where an attacker taps into communications between two systems, covertly intercepting traffic throught to only be between those systems, reading or in some cases even changing the data and then sending the data on.
Describe Spyware?
The function of a program that sends information about your system or your actions on that system over the Internet, like browsing history, keystrokes, or even the contacts in your email among other things.
Briefly define malware and identify several examples?
Describes any program or code that’s designed to do something on a system or network that you don’t want to happen.
Comes in many forms: Viruses, Worms, Macros, Trojan Horses, Rootkits, Adware, Spyware.
Discuss how biometric access handles physical access control?
Calls for using a unique physical characteristic of a person to permit access to a controlled resource - Fingerprints, Facial Recognition, Voice Analyzers, Retinal Scanners, and others.
Describe an Unintentional DoS Attack?
When a system is brought down unintentionally - simply a super busy Server, an organization’s infrastructure isn’t powerful enough to keep up with legitimate demand.
Explain how a security guard can assist in physical security?
They get to know everyone’s faces.
They are there to protect assets and can lend a helping hand to the overloaded, but authorized, persons who needs in.
They are multipurpose in that they can secure building access, secure individual rooms/offices and perform facility patrols.
Briefly describe a persistent agent used in posture assessment?
Persistent Agent is a small scanning program that, once installed on the computer, stays installed and runs everytime the computer boots up. They are composed of modules that perform a thorough inventory of each security-oriented element in the computer.
Describe an Access Control List (ACL)?
It’s a clearly defined list of permissions that specifies what an authenticated user may perform on a shared resource.
Define the term Services in the context of a Networked computer’s Operating System?
Services are programs running in the background of an Operating System.
They are the behind-the-scenes and do the grunt work that users don’t need to see or interact with, such as Wireless Network Clients and DHCP Clients, among many others.
What type of Network Threats exist beyond Internet Attacks?
A threat can be a person sneaking into your offices and stealing passwords, or an ignorant employee deleting files they should not have access to in the first place. Natural disasters, like earthquakes, fires, floods, and crazed squirrels, are also threats.
Briefly describe Protocol Abuse?
Anytime you do things with a Protocol that it wasn’t meant to do and that abuse ends up creating a Threat.
