M3 -(Network Security Concepts)

Question 1

What security term is used to describe anything of value to the organization? It includes people, equipment, resources, and data.

Answer 1

Asset

Question 2

What security term is used to describe a weakness in a system, or its design, that couuld be exploited by a threat?

Answer 2

Vulnerability

Question 3

What security term is used to describe a potential danger to a company’s assets, data, or network functionality?

Answer 3

Threat

Question 4

What security term is used to describe a mechanism that takes advantage of a vulnerability?

Answer 4

Exploit

Question 5

What security term is used to describe the counter-measure for a potential threat or risk?

Answer 5

Mitigation

Question 6

What security term is used to describe the likelihood of a threat to exploit the vulnerability of an asset, with the aim of negatively affecting an organization?

Answer 6

Risk

Question 7

Which type of hacker is described in the scenario: After hacking into ATM machines remotely using a laptop, I worked with ATM manufacturers to resolve the security vulnerabilities that I discovered.

Answer 7

Gray Hat

Question 8

Which type of hacker is described in the scenario: From my laptop, I transferred $10 million to my bank account using victim account numbers and PINs after viewing recordings of victims entering the numbers.

Answer 8

Black Hat

Question 9

Which type of hacker is described in the scenario: My job is to identify weaknesses in my company’s network.

Answer 9

White Hat

Question 10

Which type of hacker is described in the scenario: I used malware to compromise several corporate systems to steal credit card information. I then sold that information to the highest bidder.

Answer 10

Black Hat

Question 11

Which type of hacker is described in the scenario: During my research for security exploits, I stumbled across a security vulnerability on a corporate network that I am authorized to access.

Answer 11

White Hat

Question 12

Which type of hacker is described in the scenario It is my job to work with technology companies to fix a flaw with DNS.

Answer 12

White Hat

Question 13

What penetration testing tool uses algorithm schemes to encode the data, which then prevents acccess to the data?

Answer 13

Encrpytion Tools

Question 14

What penetration testing tool is used by black hats to reverse engineer binary files when writing exploits? They are also used by white hats when analyzing malware.

Answer 14

Debuggers

Question 15

What penetration testing tool is used to probe and test a firewall’s robustness?

Answer 15

Packet Crafting Tools

Question 16

What penetration testing tool is used by white hat hackers to sniff out any trace of evidence existing in a computer?

Answer 16

Forensic Tools

Question 17

What penetration testing tool identifies whether a remote host is susceptible to a security attack?

Answer 17

Vulnerability Exploitation Tools

Question 18

What malware executes arbitary code and installs copies of itself in the memory of the infected computer? The main purpose of this malware is to automatically replicate from system to system across the network.

Answer 18

Worm

Question 19

What malware is non-self-replicating type of malware? It often contains malicious code that is designed to look like something else, such as a legitimate application or file. It attacks the device from within.

Answer 19

Trojan Horse

Question 20

What malware is used to gather information about a user and then, without the user’s consent, sends the information to another entity?

Answer 20

Spyware

Question 21

What malware typically displays annoying pop-ups to generate revenue for its author?

Answer 21

Adware

Question 22

What malware is installed on a compromised system and provides privileged access to the threat actor?

Answer 22

Rootkit

Question 23

What malware denies access to the infected computer system and demands payment before the restrictino is removed?

Answer 23

Ransomware

Question 24

What type of attack is tailgating?

Answer 24

Social Engineering

Question 25

What type of attack is a password attack?

Answer 25

Access

Question 26

What type of attack is port scanning?

Answer 26

Reconnaissance

Question 27

What type of attack is man-in-the-middle?

Answer 27

Access

Question 28

What type of attack is address spoofing?

Answer 28

Access

Question 29

What attack is being used when threat actors position themselves between a source and destination to transparently monitor, capture and control the communication?

Answer 29

MiTM Attack (Man-in-The-Middle)

Question 30

What attack is being used when threat actors gain access to the physical network, and then use an MiTM attack to capture and manipulate legitimate user’s traffic?

Answer 30

Session Hijacking

Question 31

What attack is being used when treat actors initiate a simultaneous, coordinated attack from multiple source machines?

Answer 31

Amplification and Reflection Attacks

Question 32

What attack is being used when treat actors use pings to discover subnets and hosts on a protected network, to generate flood attacks, and to alter host routing tables?

Answer 32

ICMP Attack

Question 33

What attack being used is when a threat actor creates packets with false source IP address information to either hide the identity of the sender, or to pose as another legitimate user?

Answer 33

Address Spoofing Attack

Question 34

What attack exploits the three-way handshake?

Answer 34

TCP SYN Flood Attack

Question 35

Two hosts have established a TCP connection and are exchanging data. A threat actor sends a TCP segment with the RST bit set to both hosts informing them to immediately stop using the TCP connection. Which attack is this?

Answer 35

TCP Reset Attack

Question 36

Which attack is being used when the threat actor spoofs the IP address of one host, predicts the next sequence number, and sends an ACK to the other host?

Answer 36

TCP Session Hijacking

Question 37

A program sends a flood of UDP packets from a spoofed host to a server on the subnet sweeping through all the known UDP ports looking for closed ports. This will cause the server to reply with an ICMP port unreachable message. Which attack is this?

Answer 37

UDP Flood Attack

Question 38

What network security device ensures that internal traffica n go out and come back, but external traffic cannot initiate connections to inside hosts?

Answer 38

ASA Firewall

Question 39

What network security device contains a secure database of who is authorized to access and manage network devices?

Answer 39

AAA Server

Question 40

What network security device filters konwn and suspicious internet malware sites?

Answer 40

ESA/WSA

Question 41

What network security device is used to provide secure services with corporate sites and remote access support for remote users using secure encrypted tunnels?

Answer 41

VPN

Question 42

What networking security device monitors incoming and outgoing traffic looking for malware, network attack signatures, and if it recognizes a threat, it can immediately stop it?

Answer 42

IPS

Question 43

What encryption method repeats an algorithm process three times and is considered very trustworthy when implemented using very short key lifetimes?

Answer 43

Triple DES

Question 44

What encryption method encrypts plaintext one byte or one bit at a time?

Answer 44

Stream Cipher

Question 45

What encryption method uses the same key to encrypt and decrypt data?

Answer 45

Symmetric

Question 46

What encryption method is a stream cipher an dis used to secure web traffic in SSL and TLS?

Answer 46

Rivest Cipher

Question 47

A cleaner attempts to enter a computer lab but is denied entry by the receptionist because there is no scheduled cleaning for that day. What type of attack was just prevented?

Answer 47

Social Engineering

Question 48

What is a significant characteristic of virus malware?

A virus is triggered by an event on the host system.

Once installed on a host system, a virus will automatically propagate itself to other systems.

A virus can execute independently of the host system.

Virus malware is only distributed over the Internet.

Answer 48

A virus is triggered by an event on the host system.

Question 49

What two types of hackets are typically classified as grey hat hackers? (Choose two answers.)

State-sponsored hackers

Hacktivists

Script Kiddies

Cyber Criminals

Vulnerability Brokers

Answer 49

Hacktivists and Vulnerability Brokers

Question 50

What type of DNS attack involves the cybercriminal compromising a parent domain and creating multiple subdomains to be used during the attacks?

Answer 50

Shadowing

Question 51

What is the role of an IPS?

To detect patterns of malicious traffic by the use of signature files

To enforce access control policies based on packet content

To filter traffic based on defined rules and connection context

To filter traffic based on Layer 7 information

Answer 51

To detect patterns of malicious traffic by the use of signature files.

Question 52

What category of security attacks does man-in-the-middle belong?

Answer 52

Access

Question 53

What specialized network device is responsible for enforcing access control policies between networks?

Answer 53

Firewall

Question 54

What cyber attack involves a coordinated attack from a botnet of zombie computers?

Answer 54

DDoS

Question 55

What three items are components of the CIA triad? (Choose three answers.)

Access

Integrity

Scalability

Availability

Confidentiality

Intervention

Answer 55

Integrity, Availability and Confidentiality

Question 56

What type of malware has the primary objective of spreading across the network?

Answer 56

Worm

Question 57

What objective of secure communication is achieved by encrypting data?

Answer 57

Confidentiality

Question 58

What cause a buffer overflow?

Launching a security countermeasure to mitigate a Trojan horse

Downloading and installing too many software updates at one time

Attempting to write more data to a memory location than that location can hold

Sending too much information to two or more interfaces of the same device, thereby causing dropped packets

Sending repeated connections such as Telnet to a particular device, thus denying other data sources

Answer 58

Attempting to write more data to a memory location than that location can hold

Question 59

The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?

Answer 59

DDoS (Distributed Denial of Service)