network defense

Question 1

on a network device, default accounts and passwords should be

Answer 1

changed immediately

Question 2

it allows a user to take advantage of a software bug to gain access to system resources that would typically not be available to the user

Answer 2

privilege escalation

Question 3

an unprotected access method or pathway.

Answer 3

backdoor

Question 4

a network device that detect attacks and suspicious activity.

Answer 4

intrusion detection system (IDS)

Question 5

this variation of IDS monitors, logs, and detects security breaches but takes no action to stop or prevent the attack

Answer 5

passive IDS

Question 6

this variation of IDS performs the functions of an IDS but can also react when security breaches occur.

Answer 6

active IDS

Question 7

this IDS feature looks for patterns in network traffic and compares it to known attack patterns called

Answer 7

signature recognition

Question 8

this IDS feature monitors traffic to define a standard activity pattern as “normal.”

Answer 8

anomaly recognition

Question 9

a IDS is installed on a single host and monitors all traffic it coming in is called

Answer 9

host-based IDS

Question 10

a IDS dedicated device installed on the network

Answer 10

network-based IDS

Question 11

a device or virtual machine that entices intruders by displaying a vulnerable trait or flaw or by appearing to contain valuable data

Answer 11

honeypot

Question 12

a network of honeypots.

Answer 12

honeynet

Question 13

a honeypot that answers connection requests in such a way that the attacking computer is “stuck” for a period of time

Answer 13

tarpit

Question 14

the objectives of using honeypots and tarpits are to

Answer 14

distract an attacker
and
observe the attackers

Question 15

what is a SAN

Answer 15

storage area network

Question 16

SANs use the ______ protocol for communication between servers and hard disk drives.

Answer 16

SCSI

Question 17

The SCSI protocol uses _____ to identify logical devices on the SCSI bus

Answer 17

logical unit numbers (LUNs)

Question 18

SAN information can be protected by

Answer 18

zoning

Question 19

______ zoning fabric naming service is configured such that a SAN host can only “see” the names of storage devices in the same zone.

Answer 19

soft

Question 20

____ zoning configures ACLs to restrict communications between SAN hosts and storage devices

Answer 20

hard

Question 21

______ zoning are defined by assigning SAN switch ports to specific zones

Answer 21

port

Question 22

_____ can be used to divide a SAN into multiple logical SANs in much the same manner as VLANs do on a standard network

Answer 22

virtual SANs

Question 23

_____ can be used to bind specific SAN IDs to specific SAN switch ports.

Answer 23

port locking

Question 24

________ changes the source MAC address on frames sent by the attacker.

Answer 24

MAC spoofing

Question 25

_______ associates the attacker’s MAC address with the IP address of victim devices.

Answer 25

ARP spoofing/poisoning

Question 26

______ overloads the switch’s MAC forwarding table to make the switch function like a hub.

Answer 26

MAC flooding

Question 27

this SAN authentication solution uses passwords for authentication using the Secure Remote Password (SRP) protocol.

Answer 27

Fibre Channel Password Authentication Protocol (FCPAP)

Question 28

this SAN authentication solution uses digital certificates to mutually authenticate SAN hosts.

Answer 28

Fibre Channel Authentication Protocol (FCAP) uses

Question 29

Fibre Channel SAN uses ____ authentication protocol

Answer 29

difie-hellman challenge handshake authentication

DH-CHAP

Question 30

this SAN authentication solution uses a pre-shared key to mutually authenticate SAN hosts.

Answer 30

Fibre Channel SAN