12_RQs

¡Supera tus tareas y exámenes ahora con Quizwiz!

What is the most common step attackers take to attempt to escape detection after a successful break-in? >> Reconfigure the system to give themselves administrative privileges. >> Delete log files to remove all traces of the attack. >> Reformat all hard drives to destroy any potential evidence. >> Copy all password files for other systems.

Delete log files to remove all traces of the attack.

Which of the following types of attack is the least likely to result in damage or loss of data? a. IP service attack b. man-in-the-middle attack c. DoS or DDoS attack d. virus e. buffer overflow

DoS or DDoS attack

Which of the following is NOT a recognized principle of IP security? >> Avoid unnecessary exposure. >> Block all unused ports. >> Enable access by default, deny access by exception. >> Prevent address spoofing.

Enable access by default, deny access by exception.

By default, which of the following IP services send(s) accounts and passwords in clear text when authenticating users? > FTP > Telnet > Stelnet > Web access using SSL

FTP and Telnet

A recognized principle of IP security is enabling access by default, deny access by exception. True or False?

False

Applying patches and fixes is an important part of general system and application maintenance. This explains the importance of applying system and application patches and fixes. True or False?

False

It's necessary to apply only patches and fixes that are relevant to actual, ongoing security problems. This explains the importance of applying system and application patches and fixes. True or False?

False

More than 70 percent of all network or system break-ins originate outside an organization's network boundary. True or False?

False

TCP/IP implements a pessimistic security policy. True or False?

False

The following statement best explains the importance of applying system and application patches and fixes: "It's a good idea to wait until a patch or fix has been around for a while to see if it works appropriately." True or False?

False

IPSec provides enhanced security features at which layer? a. IP layer b. ground layer c. data link layer d. physical layer

IP layer

Which of the following statements best explains why physical security for network and system components and devices is so important? >> Any good security policy must address physical security concerns. >> Physical access to components and devices makes it possible for a knowledgeable intruder to break into such systems. >> Physical access to components and devices is necessary for successful penetration of hardened systems. >> Physical security is not an important concern.

Physical access to components and devices makes it possible for a knowledgeable intruder to break into such systems.

DNS functions on which UDP and/or TCP ports? (Choose all that apply.) > TCP 53 > TCP 21 > UDP 21 > UDP 53

TCP 53 and UDP 53

A recognized principle of IP security is avoiding unnecessary exposure. True or False?

True

A recognized principle of IP security is to block all unused ports. True or False?

True

A recognized principle of IP security is to do unto yourself before others do unto you. True or False?

True

A recognized principle of IP security is to prevent address spoofing. True or False?

True

As vulnerabilities or exploits are exposed, system and application vendors provide patches and fixes to repair, defeat, or mitigate potential attacks. Thus, it's usually a good idea to apply them. This explains the importance of applying system and application patches and fixes. True or False?

True

Which of the following tools are candidates for an attack toolkit? a. Wireshark b. nmap c. tcpdump d. footprinting tools

Wireshark, nmap, tcpdump, footprinting tools

Which of the following definitions best describes a BACK DOOR? >> an alternate, but legitimate, means of entry into a system or application >> a weak spot or known point of attack on any common operating system >> an undocumented and illicit point of entry into a system or application >> any protocol, service, or system facility known to be susceptible to attack

an undocumented and illicit point of entry into a system or application

What makes both FTP and HTTP (Web) vulnerable IP services?

anonymous login

Which of the following best describes a VULNERABILITY? >> an undocumented and illicit point of entry into a system or application >> a weak spot or known point of attack on any common operating system >> any protocol, service, or system facility known to be susceptible to attack >> an alternate, but legitimate, means of entry into a system or application

any protocol, service, or system facility known to be susceptible to attack

Which of the four main elements in a DDoS attack is least likely to be actively engaged when an attack occurs?

attacker

What type of computer should be used to house firewall and/or proxy server software? a. secure host b. bastion host c. screening host d. screening router

bastion host

When an attacker systematically tries all conceivable passwords for an account, what is this attack called?

brute force password attack

Which of the following document types is an attacker most likely to use when attempting to break into a system or network? > attack profile > exploit > security policy > password hash

exploit

Which of the four main elements in a DDoS attack coordinate and excute the actual attack?

handler and agent

Which of the following could be examples of the desired affect of a DoS attack? >> interrupting operations >> powering down operations >> completely disrupting operations >> upgrading operations

interrupting operations and completely disrupting operations

What technique might an attacker use to forge replies to senders and receivers? a. IP service attack b. back door attack c. DDoS and DoS attack d. man-in-the-middle attack

man-in-the-middle attack

What are the three legs of network security?

physical, personnel, system and network security

Which of the following does NOT account for the vast majority of losses of data or services from systems and networks? > viruses > power outages > internal security breaches > external security breaches

power outages

What technique might an attacker use to hide or deflect interest in attack behaviors or activities? a. user impersonation b. spoofing c. man-in-the-middle attack d. reconnaissance

spoofing

Which of the following are examples of malicious code? (Choose all that apply.) > virus > worm > Trojan horse > Windows 7

virus, worm, Trojan horse


Conjuntos de estudio relacionados

Chapter 21 - Orthopedic Surgery Quiz Answers

View Set

Autorretratos - Preguntas y Respuestas

View Set

Securities Registration Quiz #4 Missed Questions

View Set

Townsend Warner History Quiz 2020

View Set

OM 300 Module 1:What is Operations Management?

View Set