Ch. 8 quiz
packet-filtering
A firewall is a router (or a computer installed with software that enables it to act as a router) that examines the header of every packet of data it receives to determine whether that type of packet is authorized to continue to its destination.
Acceptable use policy
A portion of the security policy that explains to users what they can and cannot do, and penalties for violations. It might also describe how these measures protect the network's security.
Reverse Proxy
A proxy that provides Internet clients access to services on its own network is known as what type of proxy?
transmission and hardware
A router that is not configured to drop packets that match certain or suspicious characteristics is an example of a risk associated with
proxy service
A software application on a network host that acts as an intermediary between the external and internal networks, screening all incoming and outgoing traffic and providing one address to the outside world, instead of revealing the addresses of internal LAN devices
backdoor
A software security flaw that can allow unauthorized users to gain access to a system. Legacy systems are particularly notorious for leaving these kinds of gaps in a network's overall security net.
SIEM System
A system that is capable of collecting and analyzing information generated by firewalls, IDS, and IPS systems is known as which term below?
NIDS
A type of intrusion detection that protects an entire network and is situated at the edge of the network or in a network's protective perimeter, known as the DMZ (demilitarized zone). Here, it can detect many types of suspicious traffic patterns
HIDS
A type of intrusion detection that runs on a single computer, such as a client or server, to alert about attacks against that one host.
HIPS
A type of intrusion prevention that runs on a single computer, such as a client or server, to intercept and help prevent attacks against that one host.
banner-grabbing attack
An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below?
Network
At what layer of the OSI model do firewalls operate?
Layer 7
At what layer of the OSI model do proxy servers operate?
IRC
Botnets often make use of what chat protocol in order to receive commands?
worms
Programs that run independently and travel between computers and across networks, such as by e-mail attachment or virtually any kind of file transfer, are known as which option below?
phishing
The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below?
Polymorphism
What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size, and internal instructions) to avoid detection?
Smurf attack
What kind of attack involves a flood of broadcast ping messages, with the originating source address being spoofed to appear as a host on the network?
content-filtering
What kind of firewall blocks traffic based on application data contained within the packets?
butter overflow
What kind of vulnerability is exploited by a ping of death?
Jamming
What wireless attack might a potential hacker execute with a specially configured transmitter?
DRDoS
Which type of DoS attack orchestrates an attack using uninfected computers?
denial of service attack
You are alerted that suddenly 100% of the resources on your two core routers are being used and no legitimate traffic can travel into or out of your network. What kind of security attack are you most likely experiencing?
Allow incoming TCP message to port 80
You work for a retailer that sells household goods online. The company has decided to redesign its network for better security. Included in this redesign is the addition of a new firewall. Assuming the firewall is placed between the Internet connection and the Web server, which of the following should be included in the firewall's configuration so that customers can still reach the Web site?
0.0.0.0.0
n ACL statements, the any keyword is equivalent to using what wildcard mask below?
port scanner
software searches a node for open ports.
man in the middle attack
An attack that involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack?
honeynet
If multiple honeypots are connected to form a larger network, what term is used to describe the network?
Stoned
Which virus below combines polymorphism and stealth techniques to create a very destructive virus?