First Flashcards
An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just
performed?
Tailgating
Which of the following is the best countermeasure to encrypting ransomwares?
Keep some generation of off-line backup
If an attacker uses the command SELECT * FROM USER WHERE name=’x’ AND userid IS NULL; –’; which type of SQL injection attack is the attacker performing?
End of line comment
Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?
Full disk encryption
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to “www.MyPersonalBank.com”, that the user is directed to a phishing site. Which file does the attacker need to modify?
Hosts
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over signature-IDS?
Can identify unknown attacks
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line. Which command would you use?
c:\compmgmt.msc
Which of the following act requires employer’s standard national numbers to identify them on standard transactions?
HIPAA
In wireshark, the packet bytes panes show the data of the current packet in which format?
Hexadecimal
_______is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
DNSSEC
PGP, SSL and IKE are all examples of which type of cryptography?
Public key
Which of the following is considered as one of the most reliable forms of TCP scanning?
TCP Connect/Full Open Scan
Which of the following scanning method splits the TCPheader into several packets and makes it difficult for packet filters to detect the purpose of the packet?
SYN/FIN scanning using IP fragments
Which of the following is the BEST way to defend against network sniffing?
Using encryption protocols to secure network communications
You have successfully gained access to Linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by Network-Based Intrusion Detection Systems (NIDS). What is the BEST way to evade the NIDS?
Encryption