Ch12 Review Questions Communications II

By default, which of the following IP services send(s) accounts and passwords in clear text when authenticating users? (Choose all that apply.)

A=FTP B=TELNET

Which of the following could be examples of the desired affect of a DoS attack? (Choose all that apply.)

A=INTERRUPTING OPERATIONS C=COMPLETELY DISRUPTING OPERATIONS

DNS functions on which UDP and/or TCP ports? (Choose all that apply.)

A=TCP 53 D=UDP 53

Which of the following are examples of malicious code? (Choose all that apply.)

A=VIRUS B=WORM C=TROJAN HORSE

Which of the following tools are candidates for an attack toolkit? (Choose all that apply.)

A=WIRESHARK B=NMAP C=TCPDUMP D=FOOTPRINTING TOOLS

Which of the following statements best explains the importance of applying system and application patches and fixes?

As vulnerabilities or exploits are exposed, system and application vendors provide patches and fixes to repair, defeat, or mitigate potential attacks. Thus, it's usually a good idea to apply them.

Which of the four main elements in a DDoS attack is least likely to be actively engaged when an attack occurs?

Attacker

Which two of the four main elements in a DDoS attack coordinate and execute the actual attack? (Choose two.)

B=HANDLER C=AGENT

When an attacker systematically tries all conceivable passwords for an account, what is this attack called?

Brute force password attack

What is the most common step that attackers take to attempt to escape detection after a successful break-in?

Delete log files to remove all traces of the attack.

Which of the following types of attack is the least likely to result in damage or loss of data?

DoS or DDoS attack

Which of the following is not a recognized principle of IP security?

Enable access by default, deny access by exception.

Which of the following document types is an attacker most likely to use when attempting to break into a system or network?

Exploit

More than 70 percent of all network or system break-ins originate outside an organiza- tion's network boundary.

False

TCP/IP implements a pessimistic security policy.

False

IPSec provides enhanced security features at which layer?

IP layer

Which of the following statements best explains why physical security for network and system components and devices is so important?

Physical access to components and devices makes it possible for a knowledgeable intruder to break into such systems.

Which of the following does not account for the vast majority of losses of data or services from systems and networks?

Power Outages

Which of the following definitions best describes a back door?

an undocumented and illicit point of entry into a system or application

Which one of the following common characteristics makes both FTP and HTTP (Web) vulnerable IP services?

anonymous login

Which of the following best describes a vulnerability?

any protocol, service, or system facility known to be susceptible to attack

What type of computer should be used to house firewall and/or proxy server software?

bastion host

What technique might an attacker use to forge replies to senders and receivers?

man-in-the-middle attack

Which of the following correctly lists the three legs of network security?

physical, personnel, system and network security.

What technique might an attacker use to hide or deflect interest in attack behaviors or activities?

spoofing