perimeter defense

Question 1

a buffer network that sits between a private network and a untrusted network

Answer 1

DMZ

Question 2

any host that is exposed to attack and has been hardened against those attacks.

Answer 2

bastion or sacrificial host

Question 3

a router that uses ACL;s to do packet filtering is called

Answer 3

screening router

Question 4

a firewall that has 3 network interfaces connected to it; one connected to the Internet, one connected to the public subnet, and one connected to the private network

Answer 4

dual homed gateway

Question 5

a router that resides within the DMZ and requires users to authenticate access to resources within the DMZ

Answer 5

screed host gateway

Question 6

the process of copying records from the primary to the secondary DNS serer is called

Answer 6

zone transfer (in clear text)

Question 7

it is used to perform direct queries on DNS server

Answer 7

nslookup

Question 8

this occurs when a name server receives malicious data that incorrectly maps host name and ip address

Answer 8

DNS poisoning

Question 9

this occurs when spammers exploit domain registration by taking advantage of the 5 day grace period for newly registered domain name.

Answer 9

domain name kitting

Question 10

which windows file, maps IP address to host names

Answer 10

Windows/System32/drivers/etc

Question 11

attacks that impacts the system availability by flooding it with traffic or request by exploiting a system or software flow

Answer 11

denial of service (DoS)

Question 12

a simple DoS attack that overwhelms the victim with ICMP packets

Answer 12

ping flood

Question 13

a DoS attack that uses the ping program to send oversized ICMP packet

Answer 13

ping of death

Question 14

is a form of Distributed Reflective DoS attack that spoofs the source address in ICMP packets

Answer 14

Smurf

Question 15

this DoS TCP attack exploits the TCP three-way handshake

Answer 15

SNY flood

Question 16

this DoS TCP attack is one in which the attacker floods the victim’s system with packets that have forged headers

Answer 16

LAND

Question 17

this DoS TCP attack uses an IP address with every option truned on.on for the protocol being used.

Answer 17

Xmas tree

Question 18

the DoS UDP attack sends larges amount of UDP packets directly to the broadcast address aimed at port 7 and 19 with spoofed sources address

Answer 18

fraggle

Question 19

this DoS UDP attack manipulates UDP fragments number and location

Answer 19

teardrop

Question 20

this IPSec mode is used for end-to end data encryption

Answer 20

transport mode

Question 21

_____ attack occurs when stolen DNS records are used to redirect traffic to fake Web sites for malicious purposes

Answer 21

DNS based

Question 22

a DNS server configured with one primary DNS server that maintains a read/write copy of all the computer names and IP addresses registered in DNS for the domain is called

Answer 22

standard DNS

Question 23

a DNS servers that obtain a read only copy of this data from the primary DNS server is called

Answer 23

secondary DNS

Question 24

The process of copying the records from the primary to the secondary DNS server is called

Answer 24

zone transfer done in clear text

Question 25

in a ______ DoS attack, multiple PCs attack a victim simultaneously.

Answer 25

Distributed

Question 26

in a Distributed DOS, the attacker identifies one of the computers as the

Answer 26

master

Question 27

the master uses ____ to attack

Answer 27

zombies/bots

Question 28

_____ DoD uses an amplification network to increase the severity of the attack.

Answer 28

Distributed Reflective