SECFND: Understanding Network Applications

¡Supera tus tareas y exámenes ahora con Quizwiz!

The web server's certificate

What is presented from the web server to the client browser in order for the browser to authenticate the web server?

The attacker waits until after a communication session is established.

What is the key to the success of an MITM attack?

provides basic Layer 3 functions for the Layer 2 switch ports assigned to a VLAN

What is the purpose of the switched virtual interface on a multilayer switch?

referral message

What kind of response message can a root name server send to the DNS recursor to inform it to ask the gTLD name servers for the .com domain name space?

IMAP

What protocol uses TCP port 143:

IMAP, POP, MAPI

What three protocols are used to retrieve email?

Sender and recipients

What two options are contained in the SMTP envelope?

HTTP Headers, & HTTP cookies

What two types of information are encrypted by the HTTPS protocol?

drive-by-download

What type of attack describes malicious JavaScript, which redirects an unsuspecting user to download malware from a remote website?

ACK or RST

Which TCP flag(s) must be set in a packet in order for the packet to match an ACL entry that contains the established keyword?

HTTP/HTTPS

Which of the following protocols is typically used as the communication channel between the client and the DDNS provider?

HELO, QUIT, DATA

Which three are SMTP commands?

Cookie information is sent in the response header, cookie information is sent in the request header, & cookie information is stored on the client's browser

Which three are important distinctions of HTTP?

to encrypt the data that is sent between the browser and the web server, to ensure the identity, trust, and validity of the web server, and to avoid detection when used to transport the attack CnC traffic

Which three are reasons for using HTTPS?

GET, PUT, HEAD

Which three are valid HTTP request methods?

SELECT, UPDATE, ALTER

Which three are valid SQL commands?

Expires, Domain, Path

Which three are valid fields in the Set-Cookie HTTP header?

MX maps a domain name to a list of mail servers for that domain

MX record:

AAAA is used to map hostnames to the IPv6 address of the host

AAAA record:

The CAM table is the primary table that is used to make Layer 2 forwarding decisions. The table is built by recording the source MAC address and inbound port of all incoming frames

CAM table

A CNAME record is used to specify that a domain name is an alias for another domain name, which is the "canonical" domain name

CNAME record:

VBscript, Javascript

Common client-side scripting languages are:

A record

DNS A record:

The RR defines the DNS data types that are stored in the DNS database

DNS Resource record:

Request was successful

HTTP server response code 200:

Resource moved permanently

HTTP server response code 301:

Requires authentication with server

HTTP server response code 401:

Access Denied

HTTP server response code 403:

proxy authentication required

HTTP server response code 407:

to permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted network

How can the established keyword in an ACL entry be used?

An NS record identifies the DNS servers that are responsible (authoritative) for a zone.

NS record:

A PTR points to a canonical name. The most common use is for implementing reverse DNS lookups, mapping an IP address to the hostname

PTR record:

A TXT record is used to associate any arbitrary text with a hostname. This record type is only used in specific cases such as Domain Keys Identified Mail, used as a method to detect email spoofing.

TXT record:

named anchor

Referring to the sample URL below, #section1 is which part of the URL? http://www.example.com/document/?docid=123456#section1

The plus (+) signs are used to represent the space character.

Referring to the sample URL below, what statement is correct? http://www.test.example.com/tags/html_form_submit.asp?text=Hello+C+C+N+A

Ne=292 and N=461 are the URL parameters.

Referring to the sample URL below, what statement is correct? http://www.example.com/hotel-search-results.jsp?Ne=292&N=461

Success

SMTP client reply code 2xx:

OK so far

SMTP client reply code 3xx:

Temporary failure

SMTP client reply code 4xx:

Permanent failure

SMTP client reply code 5xx:

Each zone contains an SOA record. The SOA record identifies the name server that is the best source of information for the data within the zone.

SOA record:

The web script may deliver malware without the user's knowledge.

What is a threat to the end user regarding web scripting?

The TCAM table stores ACL, QoS, and other information that is generally associated with upper-layer processing.

TCAM table

Traffic is encrypted between the client and the server

What is an advantage to using HTTPS?

VLANs define broadcast domains in a Layer 2 network. A broadcast domain is the set of all devices that will receive broadcast frames originating from any device within the set. Broadcast domains are typically bounded by routers because routers do not forward broadcast frames.

VLANS define what?

HTTP cookie

What HTTP feature is a small piece of data that is sent from the web server and stored in the user's web browser while the user is browsing?

HEAD

What HTTP method is used to request a response without the response body?

RDATA, TTL, CLASS

What are three valid fields in a DNS resource record?

data modification, theft or extraction of data

What are two main goals of SQL injection attacks?

authoritative

What is a DNS server that is responsible for the RRs for its zones considered to be?

SQL is used to query, operate, and administer a relational database

What is a characteristic of SQL?

Multilayer switches (also known as Layer 3 switches) not only perform Layer 2 switching, but also forward frames that are based on Layer 3 and 4 information. Multilayer switches use ASIC hardware to perform header rewrites and forwarding.

What is a multilayer switch?

recursive resolution

What uses the most resources on the DNS resolver?

a logically defined broadcast domain on one or more switches

Which one of the following options best describes a VLAN?

POP

Which protocol uses the well-known TCP port 110?

DDNS is a popular choice for home users who wish to host a website, & DDNS is often used by attackers for CnC servers.

Which two statements are true about DDNS?

because they are exposed to the Internet

Why are open DNS resolvers vulnerable to attacks?

A DNS zone:

a contiguous portion of the domain name space in the DNS for which the administrative responsibility has been delegated to a single manager

query DNS servers for A records, display the default DNS server , & display all mail servers for a domain

nslookup does:


Conjuntos de estudio relacionados

SIE Exam - Section 5 Municipal Bonds

View Set

Legal Issues: Whistleblowing Obligation to Report

View Set

NUR3010: Chapter 6- PrepU Quizzes

View Set

Chapter 59: Dementia and Delirium (NCLEX)

View Set