MOD13-17 EXAM

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

1. What is the significant characteristic of worm malware?

A worm can execute independently of the host system.

43. Once a cyber threat has been verified, the US Cybersecurity Infrastructure and Security Agency (CISA) automatically shares the cybersecurity information with public and private organizations. What is this automated system called?

AIS

9. What is the result of a passive ARP poisoning attack?

Confidential information is stolen.

18. What kind of ICMP message can be used by threat actors to create a man-in-the-middle attack?

ICMP redirects

26. Which devices should be secured to mitigate against MAC address spoofing attacks?

Layer 2 devices

20. Which type of network attack involves randomly opening many Telnet requests to a router and results in a valid network administrator not being able to access the device?

SYN flooding

24. Which technology is a proprietary SIEM system?

Splunk

34. What causes a buffer overflow?

attempting to write more data to a memory location than that location can hold

32. What are two examples of DoS attacks? (Choose two.)

buffer overflow ping of death

45. Which two characteristics describe a worm? (Choose two)

is self-replicating travels to new computers without any intervention or knowledge of the user

16. Which field in the IPv6 header points to optional network layer information that is carried in the IPv6 packet?

next header

4. Which two types of attacks are examples of reconnaissance attacks? (Choose two.)

port scan ping sweep

42. What is the goal of a white hat hacker?

protecting data

44. A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?

social engineering

8. What is the function of a gratuitous ARP sent by a networked device when it boots up?

to advise connected devices of its MAC address

33. Why would a rootkit be used by a hacker?

to gain access to a device without being detected

19. What are two purposes of launching a reconnaissance attack on a network? (Choose two.)

to scan for accessibility to gather information about the network and devices

3. A user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.)

The computer gets increasingly slower to respond. The computer freezes and requires reboots.

35. Which type of security threat would be responsible if a spreadsheet add-on disables the local software firewall?

Trojan horse

7. How can a DNS tunneling attack be mitigated?

by using a filter that inspects DNS traffic

31 Which type of Trojan horse security breach uses the computer of the victim as the source device to launch other attacks?

proxy

17. Which type of attack is carried out by threat actors against a network to determine which IP addresses, protocols, and ports are allowed by ACLs?

reconnaissance

27. A network administrator is checking the system logs and notices unusual connectivity tests to multiple well-known ports on a server. What kind of potential network attack could this indicate?

reconnaissance

49. Why would an attacker want to spoof a MAC address?

so that a switch on the LAN will start forwarding frames to the attacker instead of to the legitimate host

22. Which statement describes an operational characteristic of NetFlow?

NetFlow collects basic information about the packet flow, not the flow data itself.

2. What are the three major components of a worm attack? (Choose three.)

a payload a propagation mechanism an enabling vulnerability

36. Which two types of hackers are typically classified as grey hat hackers? (Choose two.)

hacktivists vulnerability brokers

40. What are two evasion methods used by hackers? (Choose two.)

resource exhaustion encryption

5. An administrator discovers a vulnerability in the network. On analysis of the vulnerability the administrator decides the cost of managing the risk outweighs the cost of the risk itself. The risk is accepted, and no action is taken. What risk management strategy has been adopted?

risk acceptance

29. Which cyber attack involves a coordinated attack from a botnet of zombie computers?

DDoS

6. Which protocol is exploited by cybercriminals who create malicious iFrames?

HTTP

28. What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?

Cross-site scripting

48. The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?

DDoS

46. An attacker is redirecting traffic to a false default gateway in an attempt to intercept the data traffic of a switched network. What type of attack could achieve this?

DHCP spoofing

30. What technique is a security attack that depletes the pool of IP addresses available for legitimate hosts?

DHCP starvation

15. In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services?

DoS

52. Which type of security attack would attempt a buffer overflow?

DoS

25. What are three functionalities provided by SOAR? (Choose three.)

It automates complex incident response procedures and investigations. It uses artificial intelligence to detect incidents and aid in incident analysis and response. It provides case management tools that allow cybersecurity personnel to research and investigate incidents.

39. Which statement describes the function of the SPAN tool used in a Cisco switch?

It copies the traffic from one switch port and sends it to another switch port that is connected to a monitoring device.

21. What functionality is provided by Cisco SPAN in a switched network?

It mirrors traffic that passes through a switch port or VLAN to another port for traffic analysis.

38. Which two functions are provided by NetFlow? (Choose two.)

It provides a complete audit trail of basic information about every IP flow forwarded on a device. It provides 24×7 statistics on packets that flow through a Cisco router or multilayer switch.

51. Which two characteristics describe a virus? (Choose two.)

Malicious code that can remain dormant before executing an unwanted action. Malware that relies on the action of a user or a program to activate.

14. What scenario describes a vulnerability broker?

a threat actor attempting to discover exploits and report them to vendors, sometimes for prizes or rewards

47. What would be the target of an SQL injection attack?

database

10. What are two methods used by cybercriminals to mask DNS attacks? (Choose two.)

domain generation algorithms fast flux

37. A white hat hacker is using a security tool called Skipfish to discover the vulnerabilities of a computer system. What type of tool is this?

fuzzer

41. Which attack involves threat actors positioning themselves between a source and destination with the intent of transparently monitoring, capturing, and controlling the communication?

man-in-the-middle attack


Kaugnay na mga set ng pag-aaral

Chapter 13: Viruses, viroids, and prions

View Set

Advanced Financial Accounting Chapter #3 General

View Set

adult health II final exam review

View Set

Metaphysics: What is Metaphysics?

View Set