Security Design Final
Sender Policy Framework (SPF) validates the receiving address of the e-mail.
False
Targeted attacks are easier and take less time and effort than attacks on targets of opportunity.
False
What term refers to the process of establishing a system's operational state?
Hardening
Which term defines a collection of two or more honeypots?
Honeynet
What is a firewall condition in which any traffic not specifically permitted by a previous rule in the rule set is denied?
Implicit Deny
A __________ is a more formal, larger software update that can address several or many software problems.
Patch
What is the primary security concern for a system administrator?
Physical breach
Which term refers to a process by which the user escalates their privilege level, bypassing the operating system's controls and limitations?
Privilege escalation attack
Which term refers to a system or application that acts as a go-between for clients' requests for network services?
Proxy Server
__________ relies on lies and misrepresentation, which an attacker uses to trick an authorized user into providing information or access the attacker would not normally be entitled to.
Social Engineering
Which term refers to the quarantine or isolation of a system from its surroundings?
Sandboxing
The _______________ is a set of tools that can be used to target attacks at the people using systems; it has applets that can be used to create phishing e-mails, Java attack code, and other social engineering-type attacks.
Social-Engineering Toolkit
What term is used for unsolicited commercial e-mail?
Spam
To prevent loops, what technology is employed by virtually all switches?
Spanning Tree Protocol
The traditional ROM-BIOS has been replaced with __________.
UEFI/BIOS
The term __________ refers the unauthorized scanning for and connecting to wireless access points, frequently done while driving near a facility.
War-Driving
In a Linux system, permissions are modified using the __________ command.
chmod
A honeypot is sometimes called a(n) __________.
digital sandbox
Defense against attack begins by eliminating threats.
false
E-mail security is ultimately the responsibility of __________.
the user
The most common tools for an attacker to use against wireless technology are reception-based programs.
true
The process of securing an operating system is called hardening.
true
Snapshots are instantaneous save points in time on virtual machines.
True
MAC filtering can be bypassed by attackers observing allowed MAC addresses and spoofing the allowed MAC address for the wireless card.
True
Most e-mail is sent in plaintext, providing no privacy in its default form.
True
Which command is used to monitor network connections to and from a system?
Netstat
Which term refers to the collection, analysis, and escalation of indications and warnings to detect and respond to intrusions?
Network Security Monitoring
To examine a DNS query for a specific address, you can use the _______________ command.
Nslookup
S/MIME is a secure implementation of the MIME protocol specification.
True
What is one difference between the misuse and anomaly IDS models?
Anomaly models require knowledge of normal activity, whereas misuse models don't.
Which term refers to a specific technique of using an HTTP client to handle authentication on a wireless network?
Captive Portal
SYN flooding is an example of a __________.
Denial of service attack
Which statement describes a common attack mechanism implemented within the ICMP protocol?
Launching denial-of-service (DoS) attacks
What term refers to a piece of code that sits dormant for a period of time until some event invokes its malicious payload?
Logic Bomb
__________ is a general term that refers to a variety of types of software that have been designed for some nefarious purpose.
Malware
Which attack involves an attacker placing themselves in the middle of two other hosts that are communicating?
Man-in-the-Middle
What is an advantage of a network-based IDS?
This type of IDS coverage requires fewer systems.
What kind of an attack involves a piece of software that appears to do one thing (and may, in fact, actually do that thing), but hides some other functionality?
Trojan
Firewalls can act as flood guards, detecting and mitigating specific types of DoS/DDoS attacks.
True
