Chapter 7 Flashcards
Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name?
A. DNS forwarding
B. DNS Masking
C. DNS replay
D. DNS Poisoning
D. DNS Poisoning (hacker technique that manipulates known vulnerabilities within the domain name system (DNS)
Aideen sent an email to her supervisor explaining the Domain Name System Security Extensions (DNSSEC). Which of the following statements would Aideen have NOT included in her email?
A. It can prevent a DNS transfer attack.
B. It is fully supported in BIND9.
C. It adds message header information.
D. It adds additional resource records.
A. It can prevent a DNS transfer attack.
What functions of a switch does a software defined network separate?
A. Host and virtual
B. Control plane and physical plane
C. Network level and resource level
D. RAM and hard drive
B. Control plane and physical plane
DNSSEC adds additional _____ and message header information, which can be used to verify that the requested data has not been altered in transmission.
A. resource records
B. hash sequences
C. zone transfers
D. field flags
A. resource records
Which of the following TCP/IP protocols do not relate to security?
A. IP
B. HTTPS
C. FTP
D. SNMP
A. IP
Which of these is NOT correct about an SSL/TLS accelerator?
A. It is a separate hardware card that inserts into a web server.
B. It contains one or more co-processors to handle SSL/TLS processing.
C. It can be installed as a “virtual SSL/TLS server” alongside a forward proxy server.
D. It replaces FTP using Secure Sockets Layer (FTPS) as a file transport layer resting “on top” of SSL/TLS.
D. It replaces FTP using Secure Sockets Layer (FTPS) as a file transport layer resting “on top” of SSL/TLS.
What is the most secure protocol for transferring files?
D. SFTP (SSH File Tranfer Protocol)
What can be used to prevent a buffer overflow attack?
A. DEP (Date Execution Prevention) protects certain pages or regions of memory from executing malicious code
Which type of device log contains the most beneficial security data?
B. firewall log
Which of the following is NOT a security concern of virtualized environments?
A. Physical security appliances are not always designed to protect virtual systems.
B. Virtual machines must be protected from both the outside world and from other virtual machines on the same physical computer.
C. Virtual servers are less expensive than their physical counterparts.
D. Live migration can immediately move one virtualized server to another hypervisor.
C. Virtual servers are less expensive than their physical counterparts.
Which type of cloud is offered to specific organizations that have common concerns?
C. community cloud
Which type of log can provide details regarding requests for specific files on a system?
C. access log
Which application stores the user’s desktop inside a virtual machine that resides on a server and is accessible from multiple locations?
A. Application cell
B. VDI
C. Container
D. VDE
B. VDI ( virtual desktop infrastructure)
What is the recommended secure protocol for voice and video applications?
C. Secure Real-time Transport Protocol (SRTP)
Catriona needed to monitor network traffic. She did not have the resources to install an additional device on the network. Which of the following solutions would meet her needs?
A. Correlation engine
B. Aggregation switch
C. Port mirroring
D. Network tap
C. Port mirroring
