Chapter 14 - Network Threats and Mitigation Flashcards

1
Q

Which of the following is a type of denial of service attack?

A. Ping of Death
B. Stacheldraht
C. SYN flood
D. All of the above

A
  1. D. A denial of service (DoS) attack prevents users from accessing the system. All of the options are possible denial-of-service attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In which attack does the attacker set the session ID ahead of time by sending a link to the victim with the ID preset?

A. Session fixation
B. Cross-site scripting
C. Session sidejacking
D. Session seeding

A
  1. A. Session fixation is an attack in which the attacker sets the session ID ahead of time by sending a link to the victim with the ID preset. Then when the user connects, the attacker waits for the authentication to complete and takes over the session by disconnecting the user and using the ID to reconnect.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which type of virus impacts files with the filename extensions .com, .exe, and .dll?

A. File viruses
B. SYN flood
C. Smurf
D. Tribe Flood Network

A
  1. A. Options B, C, and D are all DoS attacks, so the only real answer is a file virus. A file virus attacks executable application and system program files scanning for networks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In which type of attack does the attacker scan for networks using a high-powered antenna connected to a wireless laptop?

A. War driving
B. Evil twin
C. WEP cracking
D. WPA cracking

A
  1. A. In war driving, the attacker simply drives around with a high-powered antenna connected to a wireless laptop.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Monkey B, Michelangelo, Stoned, and Stealth Boot are examples of which type of virus?

A. IP spoofing
B. Multipartite
C .Macro
D. Boot sector

A
  1. D. These are all examples of boot-sector viruses that get into the master boot record. A boot-sector virus will overwrite the boot sector, thereby making it look as if there is no pointer to your operating system. When you power up the computer, you will see a Missing Operating System or Hard Disk Not Found error message.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which type of virus affects both the boot sector and files on a computer?

A. Mulipartite
B. Macro
C. Tribe Flood Network 2000 (TFN2K)
D. Smurf

A
  1. A. A multipartite virus is one that affects both the boot sector and files on your computer.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the main difference between a worm and a virus?

A. Worms require user action for replication; viruses do not.
B. Worms can be spread by email and viruses cannot.
C. Worms can replicate without user intervention; viruses cannot.
D. None of the above.

A
  1. C. A worm can actively replicate itself without user intervention, whereas a virus can be activated and spread only if a user opens an application.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What kind of attack involves the hacker attempting all combinations of characters for a password to gain access?

A. Packet sniffers
B. Brute force attack
C. Worm
D. Backdoor

A
  1. B. A brute force attack is a software-related attack that employs a program that is running on a targeted network to log in to some type of shared network resource like a server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What type of security threat allows an attacker to learn your password through the use of an email or phone call?

A. Phishing
B. Trust-exploration attack
C. Man-in-the-middle attack
D. Rogue access point

A
  1. A. Social engineering, or phishing, refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source. Phishing usually takes one of two forms: an email or a phone call.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which type of policy should be implemented to secure important company documents and materials when employees leave their workstations?

A. Clean housekeeping
B. Clean desk
C. Security audit
D. Proactive defense

A
  1. B. A clean-desk policy means that all important documents, such as books, schematics, confidential letters, and the like, are removed from the desk (and locked away) when employees leave their workstations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If you implement a set of policies and procedures that define corporate information as confidential and then train employees on these procedures, what type of attack can you prevent?

A. DoS
B. Man-in-the-middle attacks
C. Smurf
D. Social engineering

A
  1. D. It is important to train all employees by informing them that people may try to call and email them to gather information to attack the company. This is called phishing or social engineering.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What type of wireless frame populates the display when someone is scanning for wireless networks?

A. Probe response
B. Beacon
C. SSID
D. Discovery

A
  1. B. When you set the AP to not broadcast the SSID, it will remove the SSID from packets called beacons (these are the packets that populate the display when you scan for networks) but the SSID will still be present in many other packet types.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What defines the appropriate response to a security event on a network?

A. Implementing security procedures
B. Installing a new router
C. Turning off the network
D. Implementing an HR policy for dress code

A
  1. A. A security procedure defines the appropriate response to a security event on your network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following security mechanisms has been compromised?

A. WEP
B. 802.11i
C. WPA2 Enterprise
D. RADIUS

A
  1. A. Soon after WEP’s adoption as a security measure, it was discovered that due to a weakness in the way the algorithm was employed, programs that became widely available on the Internet could be used to crack the WEP key.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What process allows you to update your Windows-based operating system?

A. Technet
B. Windows Update
C. Text message
D. Hotfix

A
  1. B. Windows Update is a utility that is typically automatically installed when you install Windows. The update engine will periodically scan your system for the version of Windows components you have installed and compare them to the most current versions available from Microsoft. If your software is out-of-date, a Windows Update dialog box will appear, asking if you want to install the software updates.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why is it important to keep your system patched and up-to-date?

A. To completely stop your need for security

B. To increase the functionality of your applications

C. To fix system vulnerabilities

D. To make Windows completely safe and worry free

A
  1. C. With so much code written for applications and operating systems, developers go back after the initial release to fix any problems that are uncovered. These fixes are released as hotfixes or patches.
17
Q

Who is responsible for securing a crime scene and protecting the evidence from corruption?

A. First responder
B. CIO
C. Police
D. User

A
  1. A. The first responder is responsible for securing the crime scene and protecting the evidence from corruption.
18
Q

Which type of scanning allows an antivirus program to search for a virus even if there is no definition for it?

A. Update scan
B. Signature-file scan
C. Database scan
D. Heuristic scan

A
  1. D. Heuristic scanning allows for this type of scanning. The engine looks for suspicious activity that might indicate a virus.
19
Q

What type of files need to be updated in order for your antivirus program to have the latest information about attacks and viruses?

A. Definition files
B. Email files
C. DOC (.doc) files
D. EXE (.exe) files

A
  1. A. Every week, you need to update your list of known viruses—called the virus definition files. You can do this manually or automatically through the manufacturer’s website. You can use a staging server within your company to download and then distribute the updates, or you can set up each computer to download updates.
20
Q

What type of scan can be done by an antivirus program?

A. Emergency
B. On-demand
C. On-access
D. All of the above

A
  1. D. An antivirus program examines the computer suspected of being infected and eradicates any viruses it finds using any of these methods.