Quiz 12 Flashcards
he Internet backbone is connected to regional ISPs via which of the following?
Question 1 options:
carrier network points
network service points
network access points
POP ISPs
network access points
How many root servers are in the DNS infrastructure?
Question 2 options:
11
14
10
13
13
Attackers can exploit routing information updates to do which of the following? (Choose all that apply.)
Question 3 options:
A) Poison DNS caches.
B) Use IP spoofing to intercept packets.
C) Launch DoS attacks.
D) Launch man-in-the-middle attacks.
B) Use IP spoofing to intercept packets.
C) Launch DoS attacks.
D) Launch man-in-the-middle attacks.
Attackers often use DNS cache poisoning to do which of the following?
Question 4 options:
Query systems on a network one by one.
Steer unsuspecting users to a server of their choice instead of the Web site where users intended to go.
Flood the network with packets and cause it to crash.
Install a virus on the network.
Steer unsuspecting users to a server of their choice instead of the Web site where users intended to go.
Which of the following is caused by a flaw in how a running process allocates memory
to a variable?
Question 5 options:
buffer overflow
broken authentication
unsecured cryptographic storage
SQL injection
buffer overflow
Which of the following is a common type of SQL injection attack? (Choose all that apply.)
Question 6 options:
A) system tray attack
B) query string attack
C) browser executable attack
D) Web form attack
B) query string attack
D) Web form attack
In a SQL injection attack, which character is an attacker most likely to use?
Question 7 options:
single quotation mark
exclamation mark
double quotation mark
asterisk
single quotation mark
Which of the following attack methods target Web users? (Choose all that apply.)
Question 8 options:
A) phishing
B) pharming
C) SQL injection
D) social engineering
A) phishing
B) pharming
What is a requirement for a successful file attachment attack?
Question 9 options:
The user must reply to the e-mail that contains the attachment.
The user must open the file attachment.
The user must delete the file attachment immediately.
The attachment must be an image file.
The user must open the file attachment.
Which of the following factors enables attackers to program ActiveX controls to run malicious code on a user’s Web browser? (Choose all that apply.)
Question 10 options:
A) ActiveX controls do not require user action to be activated.
B) ActiveX controls run in a sandbox that allows interaction with the OS.
C) ActiveX controls have almost full access to the Windows OS.
D) ActiveX controls run automatically when the browser loads the Web page that contains them.
A) ActiveX controls do not require user action to be activated.
C) ActiveX controls have almost full access to the Windows OS.
D) ActiveX controls run automatically when the browser loads the Web page that contains them.
A Web server can be hardened just by configuring the Web application correctly.
Question 11 options:
True
False
False
For optimum efficiency, configure a domain controller to function also as an IIS Web
server.
Question 12 options:
True
False
False
When securing an Apache Web server, which of the following tasks is not necessary?
Question 13 options:
deleting unneeded or default Apache files and sample code
disabling processing of server-side includes (SSIs)
creating a privileged user ID for the Apache Web User account with root access
installing the latest Apache patches
creating a privileged user ID for the Apache Web User account with root access
In a DNS zone transfer, what is actually transferred?
Question 14 options:
fully qualified domain names and IP addresses
server MAC addresses
usernames and passwords
UDP and ICMP messages
fully qualified domain names and IP addresses
To keep log files organized, store them on the server you are monitoring.
Question 15 options:
True
False
False
