Checkpoint Exam: Network Security 1-6
DoS
A cyber criminal sends a series of maliciously formatted packets to the database server. The server cannot parse the packets and the event causes the server to crash. What is the type of attack the cyber criminal launches?
reconnaissance
A disgruntled employee is using Wireshark to discover administrative Telnet usernames and passwords. What type of network attack does this describe?
a key that matches the key on the AP
A network administrator of a small advertising company is configuring WLAN security by using the WPA2 PSK method. Which credential do office users need in order to connect their laptops to the WLAN?
improper access control
A security service company is conducting an audit in several risk areas within a major corporate client. What attack or data loss vector term would be used to describe providing access to corporate data by gaining access to stolen or weak passwords?
A weakness in a system or its design that could be exploited by a threat.
A social media site is describing a security breach in a sensitive branch of a national bank. In the post, it refers to a vulnerability. What statement describes that term?
rogue access point
A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation?
The iFrame allows the browser to load a web page from another source.
How do cybercriminals make use of a malicious iFrame?
What is an IPS signature?
It is a set of rules used to detect typical intrusive activity.
What is a characteristic of the WLAN passive discover mode?
The AP periodically sends beacon frames containing the SSID.
It is a hoax.
The employees in a company receive an email stating that the account password will expire immediately and requires a password reset within 5 minutes. Which statement would classify this email?
Which statement describes a VPN?
VPNs use virtual connections to create a private network through a public network.
Cross-site scripting
What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?
passwords
What is the first line of defense to protect a device from improper access control?
ICMP redirects
What kind of ICMP message can be used by threat actors to create a man-in-the-middle attack?
-Resist the urge to click on enticing website links. -Educate employees regarding policies. -Do not provide password resets in a chat window.
What three best practices can help defend against social engineering attacks?
SQL injection
What type of attack targets an SQL database using the input field of a user?
WPA2 and AES
Which combination of WLAN authentication and encryption is recommended as a best practice for home users?
By default, traffic is allowed to flow among interfaces that are members of the same zone.
Which statement describes one of the rules that govern interface behavior in the context of implementing a zone-based policy firewall configuration?
identification. flag. fragment offset.
Which three IPv4 header fields have no equivalent in an IPv6 header?
SYN flooding
Which type of network attack involves randomly opening many Telnet requests to a router and results in a valid network administrator not being able to access the device?
cache poisoning
attacker sends falsified information to redirect users to malicious sites
resource utilization attack
attacker sends multiple packets that consume server resources
amplification and reflection
attacker uses open resolvers to increase the volume of attacks and mask the true source of the attack
vulnerability brokers
discover exploits and report them to vendors
state-sponsored attackers
gather intelligence or commit sabotage on specific goals on behalf of their government
hacktivists
make political statements in order to create an awareness of issues that are important to them
What is a function of SNMP?
provides a message format for communication between network device managers and agents
