Digital Forensics CH11

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Zombies

Machines used on a DDoS are known as ____ simply because they have unwittingly become part of the attack.

PCAP

Most packet sniffer tools can read anything captured in ____ format.

Most packet sniffers operate on layer 2 or ____ of the OSI model.

Bootable Linux

Helix operates in two modes:Windows Live (GUI or command line) and ____.

SYN Flood

In a(n) ____ attack, the attacker keeps asking your server to establish a connection.

chntpw

The Knoppix STD tool ____ enables you to reset passwords on a Windows computer, including the administrator password.

PsKill

The PSTools ____ kills processes by name or process ID.

Honeynet

The ____ Project was developed to make information widely available in an attempt to thwart Internet and network hackers.

False

When intruders break into a network, they rarely leave a trail behind.

Honeypot

A ____ is a computer set up to look like any other machine on your network, but it lures the attacker to it.

Tcpdump

A common way of examining network traffic is by running the ____ program.

False

Network forensics is a fast, easy process.

True

PsList from PsTools allows you to list detailed information about processes.

True

With the Knoppix STD tools on a portable CD, you can examine almost any network system.

Packet Sniffers

____ are devices and/or software placed on a network to monitor traffic.

Helix

____ can be used to create a bootable forensic CD and perform a live acquisition.

Network Forensics

____ can help you determine whether a network is truly under attack or a user has inadvertently installed an untested patch or custom program.

Network

____ forensics is the systematic tracking of incoming and outgoing traffic on your network.

Layered Network Defense Strategies

____ hide the most valuable data at the innermost part of the network.

RegMon

____ is a Sysinternals command that shows all Registry data in real time on a Windows computer.

Tcpslice

____ is a good tool for extracting information from large Libpcap files.

Snort

____ is a popular network intrusion detection system that performs packet capture and analysis in real time.

PsTools

____ is a suite of tools created by Sysinternals.

dcfldd

____ is the U.S. DoD computer forensics lab's version of the dd command that comes with Knoppix-STD.

tethereal

____ is the text version of Ethereal, a packet sniffer tool.

Voir tous les ensembles d'études

Digital Forensics CH11

Ensembles d'études connexes

Mid-term exam (through Unit 6)

Chapter 1, Chapter 2, Chapter 3

hh

Sociology Final Exam

3.5 Banking and Finance - Commercial Banking

Chapter 12 International Air Transportation

nclex GU, Pediatric GU questions Nclex, renal gu nclex, Renal & GU- NCLEX, GU NCLEX 3500, NCLEX GU

Safety fundamental concepts terms (Safety health Eng Chapter 3)

AWS Developer Associate Exam Questions

Chapter 3 Additional Government Influence (Class 5)

MGMT 478 Test 3

Medical Terms: Ch. 9 Final Review

Syphilis Testing

Abnormal Psychology Exam #3

PSY 315 Final Exam- Chapter Quizzes (ALL CHAPTERS)

Physiological Psychology Final

Heme Exam

Chapter 24: Management of Patients With Chronic Pulmonary Disease

Chapter 9

Laboratory Animal Care and Use