Network Risk Management

Question 1

the list of statements on a router to permit/deny traffic

Answer 1

ACL (access control list)

Question 2

a myriad of small, simple requests that all result in giant responses

Answer 2

amplification attack

Question 3

the filter takes applications into consideration

Answer 3

application aware

Question 4

gives the firewall application awareness

Answer 4

Application Control

Question 5

software security flaws

Answer 5

backdoor

Question 6

a group of computers in coordinated DDoS attacks without knowledge

Answer 6

botnet

Question 7

a document to make employees aware that their computer and equipment use will be monitored

Answer 7

consent to monitoring

Question 8

A system becomes inundated with service requests and ceases to respond

Answer 8

Denial of Service attack

Question 9

software on a device that allows it to access the network, subsequently uninstalls

Answer 9

dissolvable agent

Question 10

multiple hosts inundate a target with traffic

Answer 10

Distributed attakc

Question 11

a DoS attack bounced off of uninfected computers (reflectors) before arriving at the target.

Answer 11

Distributed reflector attack

Question 12

A switch security feature to monitor ARP messages and detect phony ones

Answer 12

Dynamic ARP inspection

Question 13

Implementation of TEMPEST to protect against RF emanation

Answer 13

emission security

Question 14

causing the target’s computer screen to fill with garbage

Answer 14

flashing

Question 15

An FTP client specifies a different host’s IP address and port number for data destination.

Answer 15

FTP bounce

Question 16

scanning for malware-like behavior

Answer 16

heuristic scanning

Question 17

runs on a single computer, alerts about intrusions

Answer 17

HIDS (host-based intrusion detection system)

Question 18

runs on a single computer, intercepts intrusions

Answer 18

HIPS (host-based intrusion prevention system)

Question 19

dedicated service to monitor traffic and alert

Answer 19

IDS (intrusion detection system)

Question 20

dedicated service to prevent malicious traffic

Answer 20

IPS (intrusion prevention system)

Question 21

a virus in a macro that executes when a program is in use

Answer 21

macro virus

Question 22

a person captures or redirects secure data while in transit

Answer 22

man-in-the-middle attack

Question 23

combines known scanning techniques and exploits to explore potential exploits

Answer 23

metasploit

Question 24

employs network policies to determine a device’s access permissions.

Answer 24

NAC (network access control)

Question 25

some parts of the network have been physically separated in order to protect resources

Answer 25

network segementation

Question 26

A DoS attack rendering a device irreparable

Answer 26

permanent DoS attack

Question 27

a port on a switch that sends a copy of all traffic to a second port

Answer 27

port mirroring

Question 28

the assessment of an organization’s security vulnerabilities

Answer 28

posture assessment

Question 29

a section of the network that a device joins when its configurations do not meet compliance requirements

Answer 29

quarantine network

Question 30

a host that provides services to internet clients from servers on its own network

Answer 30

reverse proxy

Question 31

network hosts are flooded with broadcast messages

Answer 31

smurf attack

Question 32

a firewall that inspects packets to determine if they originate from an active connection

Answer 32

stateful firewall

Question 33

a firewall that inspects packets on a stand-alone basis

Answer 33

stateless firewall

Question 34

An NSA standard to protect against RF emanations

Answer 34

TEMPEST

Question 35

a software vulnerability for a program that has not yet become public.

Answer 35

zero-day attack