Question 1

The simplest type of firewall is a content filtering firewall.

Accepted Answer

The simplest type of firewall is actually a packet filtering firewall, which works by analyzing incoming packets and determining if they should be allowed through based on preconfigured rules. Content filtering firewalls, on the other hand, inspect the actual content of data packets to block specific types of websites or content. They are typically more complex and expensive to implement than packet filtering firewalls.

Question 2

A proxy that provides Internet clients access to services on its own network is known as what type of proxy?&#10;A)reverse proxy&#10;B)cache proxy&#10;C)service proxy&#10;D)inverse proxy

Accepted Answer

A reverse proxy acts as an intermediary for its own network's servers, receiving requests from the Internet and forwarding them to servers on its internal network. This is often used for load balancing, web acceleration, or to provide indirect access for external clients to internal services.

Question 3

If multiple honeypots are connected to form a larger network,what term is used to describe the network?&#10;A)combolure&#10;B)lurenet&#10;C)honeycomb&#10;D)honeynet

Accepted Answer

The term used to describe a network of multiple honeypots is a honeynet.

Question 4

Which software below combines known scanning techniques and exploits to allow for hybrid exploits?&#10;A)Nessus&#10;B)metasploit&#10;C)nmap&#10;D)Sub7

Accepted Answer

Metasploit is a software that combines known scanning techniques and exploits to create hybrid exploits. Nessus is a vulnerability scanner that detects vulnerabilities but does not create exploits. Nmap is a network scanner that also does not create exploits. Sub7 is a remote administration tool that does not have any known scanning techniques or exploit creation capabilities.

Question 5

Botnets often make use of what chat protocol in order to receive commands?&#10;A)XMPP&#10;B)AIM&#10;C)IRC&#10;D)Skype

Accepted Answer

IRC (Internet Relay Chat) is commonly used by botnets to receive commands due to its easy-to-use interface and ability to handle a large number of connections. XMPP and AIM are less commonly used, and Skype was once a popular choice for botnets but has since implemented measures to prevent its use in this manner.

Question 6

The term malware is derived from a combination of the words malicious and software.

Accepted Answer

The term malware is indeed derived from a combination of the words malicious and software.

Question 7

An attack that involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack?&#10;A)buffer overflow&#10;B)session hijacking attack&#10;C)man-in-the-middle attack&#10;D)banner-grabbing attack

Accepted Answer

A man-in-the-middle attack involves an attacker intercepting communications between two parties in order to eavesdrop, modify, or inject new content into the communication. This type of attack can be used to capture secure transmissions, such as login credentials or financial information.

Question 8

Which software below serves as the firewall for Linux systems?&#10;A)ZoneAlarm&#10;B)Comodo&#10;C)iptables&#10;D)ipf

Accepted Answer

iptables is the firewall for Linux systems. ZoneAlarm and Comodo are firewalls for Windows systems, and ipf is a firewall for BSD systems.

Question 9

Programs that run independently and travel between computers and across networks,such as by e-mail attachment or virtually any kind of file transfer,are known as which option below?&#10;A)file-infector viruses&#10;B)worms&#10;C)network viruses&#10;D)macro viruses

Accepted Answer

Worms are self-replicating programs that can travel across networks and computers independently by using various methods, such as e-mail attachments, file transfers, and software vulnerabilities. File-infector viruses, on the other hand, infect executable files and rely on users to spread them, while macro viruses infect documents and require the host software to spread. Network viruses are similar to worms, but they propagate by exploiting vulnerabilities in network protocols and can require user interaction to spread. Therefore, the best option for the given description is B (worms).

Question 10

A reflective attack can be increased in intensity by combining it with what type of attack?&#10;A)smurf attack&#10;B)SYN attack&#10;C)amplification attack&#10;D)friendly attack

Accepted Answer

A reflective attack exploits a server and sends a large number of amplified packets to a victim. In this case, an amplification attack can be combined with a reflective attack to increase the intensity of the attack. Amplification attacks involve using vulnerable servers that will allow attackers to send requests with spoofed IP addresses. This will cause the server to respond with a large amount of data, thereby amplifying the attack. Combining this with a reflective attack will result in a greater impact on the victim.

Therefore, choice C is the only valid option.

Question 11

Different types of organizations have similar levels of network security risks.

Accepted Answer

The answer of Different types of organizations have similar levels...

Question 12

What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size,and internal instructions)to avoid detection?&#10;A)encryption&#10;B)stealth&#10;C)polymorphism&#10;D)time dependence

Accepted Answer

The answer of What characteristic of viruses make it possible...

Question 13

A SOHO wireless router typically acts as a firewall and may include packet filtering options.

Accepted Answer

The answer of A SOHO wireless router typically acts as...

Question 14

What type of virus are dormant until a specific condition is met,such as the changing of a file or a match of the current date?&#10;A)encrypted virus&#10;B)logic bomb&#10;C)boot sector virus&#10;D)worm

Accepted Answer

The answer of What type of virus are dormant until...

Question 15

A firewall typically involves a combination of hardware and software.

Accepted Answer

The answer of A firewall typically involves a combination of...

Question 16

A system that is capable of collecting and analyzing information generated by firewalls,IDS,and IPS systems is known as which term below?&#10;A)event collector architecture&#10;B)syslog system&#10;C)SIEM system&#10;D)log organizer

Accepted Answer

The answer of A system that is capable of collecting...

Question 17

At what layer of the OSI model do firewalls operate?&#10;A)Transport&#10;B)Data link&#10;C)Network&#10;D)Application

Accepted Answer

The answer of At what layer of the OSI model...

Question 18

Which virus below combines polymorphism and stealth techniques to create a very destructive virus?&#10;A)Natas&#10;B)Macro&#10;C)Michelangelo&#10;D)Stoned

Accepted Answer

The answer of Which virus below combines polymorphism and stealth...

Question 19

An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below?&#10;A)banner-grabbing attack&#10;B)reflective attack&#10;C)friendly attack&#10;D)IP spoofing attack

Accepted Answer

The answer of An attack in which hackers transmit bogus...

Question 20

What kind of attack involves a flood of broadcast ping messages,with the originating source address being spoofed to appear as a host on the network?&#10;A)amplification attack&#10;B)smurf attack&#10;C)zombie attack&#10;D)SYN attack

Accepted Answer

The answer of What kind of attack involves a flood...

Question 21

Which two terms can be used to describe a decoy system that is purposely vulnerable for the sake of attracting attackers?&#10;A)honeypot&#10;B)pandora box&#10;C)trap&#10;D)lure

Accepted Answer

The answer of Which two terms can be used to...

Question 22

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A type ofintrusion detection that protects an entire network and is situatedat the edge of the network or in a network's protectiveperimeter,known as the DMZ (demilitarized zone).Here,itcan detect many types of suspicious traffic patterns.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 23

A _________________ form is a document that is used to ensure that employees are aware of the fact that their use of company equipment and accounts will be monitored and reviewed as needed for security purposes.

Accepted Answer

The answer of A _________________ form is a document that...

Question 24

In ACL statements,the any keyword is equivalent to using which wildcard mask?&#10;A)255.255.255.255&#10;B)0.0.0.0&#10;C)0.0.255.255&#10;D)255.255.0.0

Accepted Answer

The answer of In ACL statements,the any keyword is equivalent...

Question 25

What two types of agents are used to check compliance with network security policies?&#10;A)dissolvable agent&#10;B)temporary agent&#10;C)persistent agent&#10;D)permanent agent

Accepted Answer

The answer of What two types of agents are used...

Question 26

What two options below are IDS implementations used to provide additional security on a network?&#10;A)IIDS&#10;B)PIDS&#10;C)HIDS&#10;D)NIDS

Accepted Answer

The answer of What two options below are IDS implementations...

Question 27

What two terms describe a network of compromised computers that are then used to perform coordinated DDoS attacks without their owners' knowledge or consent?&#10;A)reflectors&#10;B)botnet&#10;C)zombie army&#10;D)repeaters

Accepted Answer

The answer of What two terms describe a network of...

Question 28

What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire?&#10;A)transparent wire mode&#10;B)virtual access mode&#10;C)pass-thru mode&#10;D)virtual wire mode

Accepted Answer

The answer of What mode setting on a firewall makes...

Question 29

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A portion of the security policythat explains to users what they can and cannot do,andpenalties for violations.It might also describe how thesemeasures protect the network's security.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 30

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A software security flaw that can allow unauthorizedusers to gain access to a system.Legacy systems areparticularly notorious for leaving these kinds of gaps in anetwork's overall security net.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 31

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A type ofintrusion prevention that runs on a single computer,such as aclient or server,to intercept and help prevent attacks againstthat one host.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 32

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A program that runs independently and travelsbetween computers and across networks.Although wormsdo not alter other programs as viruses do,they can carryviruses.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 33

What feature on some network switches can be used to detect faked arp messages?&#10;A)DHCP snooping&#10;B)session monitoring&#10;C)dynamic packet inspection&#10;D)dynamic ARP inspection

Accepted Answer

The answer of What feature on some network switches can...

Question 34

Which two viruses below are examples of boot sector viruses?&#10;A)Michelangelo&#10;B)Stoned&#10;C)Natas&#10;D)Klez

Accepted Answer

The answer of Which two viruses below are examples of...

Question 35

The ________________ utility is a Windows console that is used to control what users do and how the system can be used.

Accepted Answer

The answer of The ________________ utility is a Windows console...

Question 36

Networks that use ________________,such as T-1 or DSL connections to the Internet,are vulnerable to eavesdropping at a building' s demarc (demarcation point),at aremote switching facility,or in a central office.

Accepted Answer

The answer of Networks that use ________________,such as T-1 or...

Question 37

A ______________ on a device attempts to alter management interfaces within the hardware to the point where the device is irreparable.

Accepted Answer

The answer of A ______________ on a device attempts to...

Question 38

Which option below is a standard created by the NSA that defines protections against radio frequency emanations?&#10;A)EmSec&#10;B)TEMPEST&#10;C)RFGUARD&#10;D)BlockSec

Accepted Answer

The answer of Which option below is a standard created...

Question 39

The _____________ proxy server software is available for use on the UNIX / Linux platform.

Accepted Answer

The answer of The _____________ proxy server software is available...

Question 40

The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below?&#10;A)mining&#10;B)phishing&#10;C)hunting&#10;D)doxing

Accepted Answer

The answer of The process in which a person attempts...

Question 41

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A specification created by the NSA to define protectionstandards against RF emanation,which when implementedare called EmSec (emission security).

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 42

Describe some of the characteristics of malware that make it difficult to detect.

Accepted Answer

The answer of Describe some of the characteristics of malware...

Question 43

Describe two different implementations of IDS that can be deployed on a network.

Accepted Answer

The answer of Describe two different implementations of IDS that...

Question 44

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A threat to networked hosts in which the hostis flooded with broadcast ping messages.A smurf attack is atype of denial-of-service attack.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 45

Define what a file-infector virus is.

Accepted Answer

The answer of Define what a file-infector virus is....

Question 46

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A type ofintrusion detection that runs on a single computer,such as aclient or server,to alert about attacks against that one host.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 47

Describe a boot sector virus.

Accepted Answer

The answer of Describe a boot sector virus....

Question 48

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A program that replicates itself to infect more computers,either through network connections when it piggybackson other files or through exchange of external storagedevices,such as USB drives,passed among users.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 49

Matching&#10;Match each correct item with the statement below.&#10;a.acceptable use policy (AUP)&#10;b.backdoor&#10;c.HIDS (host-based intrusion detection system)&#10;d.HIPS (host-based intrusion prevention system)&#10;e.NIDS (network-based intrusion detection system)&#10;f.proxy service&#10;g.smurf attack&#10;h.TEMPEST&#10;i.virus&#10;j.worm&#10;A software application on a network host thatacts as an intermediary between the external and internal networks,screening all incoming and outgoing traffic and providing one address to the outside world,instead of revealing the addresses of internal LAN devices.

Accepted Answer

The answer of Matching&#10;Match each correct item with the statement...

Question 50

List and describe the four different locations in which anti-malware can be installed.

Accepted Answer

The answer of List and describe the four different locations...

Deck 8: Network Risk Management