Chapter 8 Flashcards
1
Q
Which software below combines known scanning techniques and exploits to allow for hybrid exploits? A) Nessus B) metasploit C) nmap D) Sub7
A
B) metasploit
2
Q
What kind of attack involves a flood of broadcast ping messages, with the originating source address being spoofed to appear as a host on the network? A) amplification attack B) smurf attack C) zombie attack D) SYN attack
A
B) smurf attack
3
Q
Botnets often make use of what chat protocol in order to receive commands? A) XMPP B) AIM C) IRC D) Skype
A
C) IRC
4
Q
Which virus below combines polymorphism and stealth techniques to create a very destructive virus? A) Natas B) Macro C) Michelangelo D) Stoned
A
A) Natas
5
Q
What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size, and internal instructions) to avoid detection? A) encryption B) stealth C) polymorphism D) time dependence
A
C) polymorphism
6
Q
What type of virus are dormant until a specific condition is met, such as the changing of a file or a match of the current date? A) encrypted virus B) logic bomb C) boot sector virus D) worm
A
B) logic bomb
7
Q
Programs that run independently and travel between computers and across networks, such as via email attachment or virtually any kind of file transfer, are known as which option below? A) file-infector viruses B) worms C) network viruses D) macro viruses
A
B) worms
8
Q
If multiple honeypots are connected to form a larger network, what term is used to describe the network? A) combolure B) lurenet C) honeycomb D) honeynet
A
D) honeynet
9
Q
A system that is capable of collecting and analyzing information generated by firewalls, ideas, and IPS systems is known as which term below? A) event collector architecture B) syslog system C) SIEM system D) log organizer
A
C) SIEM system
10
Q
A proxy that provides internet clients access to services on its own network is known as what type of proxy? A) reverse proxy B) cache proxy C) service proxy D) inverse proxy
A
A) reverse proxy
11
Q
At what layer of the OSI model do firewalls operate? A) Transport B) Data link C) Network D) Application
A
C) Network
12
Q
Which software below serves as the firewall for Linux systems? A) ZoneAlarm B) Comodo C) iptables D) ipf
A
C) iptables
13
Q
A reflective attack can be increased in intensity by combining it with what type of attack? A) smurf attack B) SYN ATTACK C) amplification attack D) friendly attack
A
C) amplification attack
14
Q
An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below? A) banner-grabbing attack B) reflective attack C) friendly attack D) IP spoofing attack
A
A) banner-grabbing attack
15
Q
An attack at involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack? A) buffer overflow B) session hijacking attack C) man-in-the-middle attack D) banner-grabbing attack
A
C) man-in-the-middle attack
16
Q
Which option below is standard created by the NSA that defines protections against radio frequency emanations? A) EmSec B) TEMPEST C) RFGUARD D) BlockSec
A
B) TEMPEST
17
Q
The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below? A) mining B) phishing C) hunting D) doxing
A
B) phishing
18
Q
What feature on some network switches can be used to detect faked arp messages? A) DHCP snooping B) session monitoring C) dynamic packet inspection D) dynamic ARP inspection
A
D) dynamic ARP inspection
19
Q
In ACL statements, the any key is equivalent to using which wildcard mask? A) 255.255.255.255 B) 0.0.0.0 C) 0.0.255.255 D) 255.255.0.0
A
A) 255.255.255.255
20
Q
What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire? A) transparent wire mode B) virtual access mode C) pass-thru mode D) virtual wire mode
A
D) virtual wire mode
21
Q
What two types of agents are used to check compliance with network security policies? A) dissolvable agent B) temporary agent C) persistent agent D) permanent agent
A
A) dissolvable agent
C) persistent agent
22
Q
What two options below are IDS implementations used to provide additional security on a network? A) IIDS B) PIDS C) HIDS D) NIDS
A
C) HIDS
D) NIDS
23
Q
What two terms describe a network of compromised computers that are then used to perform coordinated DDoS attacks without their owners' knowledge or consent? A) reflectors B) botnet C) zombie army D) repeaters
A
B) botnet
C) zombie army
24
Q
Which two viruses below are examples of boot sector viruses? A) Michelangelo B) Stoned C) Natas D) Klez
A
A) Michelangelo
B) Stoned
25
Q
Which two terms can be used to describe a decoy system that is purposely vulnerable for the sake of attracting attackers? A) honeypot B) pandora box C) trap D) lure
A
A) honeypot
D) lure
