Network and Security Practice 4
what is IP spoofing?
A type of attack where the hacker's IP address appears to be a trusted IP address.
What is a proxy server?
A server that authenticates and makes request on behalf of another system on the network
In the context of IT security, wiretapping is considered:
A type of passive attack
What type of attack involves modifying network tables to associate the attacker's MAC address with the IP address of a legitimate user?
ARP Poisoning
A company needs to secure the network using a security system that can inspect the network traffic's payload to prevent attacks. What type of firewall would you recommend?
Application Firewall
An organization is deploying a sophisticated firewall that examines both individual packets and their collective grouping. What type of access control does this represent?
Context-based
The Presentation layer of the OSI model:
Data encryption, decryption, and formatting
What attack involves sending disassociation frames to wireless devices, thus disconnecting clients from the wireless network?
Deauthentication attack
ARP Poisoning allows an attacker to
Eavesdrop on the traffic sent through the Switch
Which of the following is a key benefit of SaaS?
Elimination of the need for installations and updates on individual computers
A person who enjoys the challenge of breaching networks and bypassing security measures for the thrill, without malicious intent and sometimes pointing out flaws to the affected parties, can be termed a:
Grey Hat Hacker
What is a Type 2 hypervisor?
Hypervisor software that must be installed as an application running on a host OS. A Type 1 (or bare metal) hypervisor is installed directly to the host hardware.
Which wireless infrastructure mode uses a central wireless device, such as a wireless router or wireless access point?
Infrastructure
Upon discovering a malware infection on a computer, what is the FIRST action that should be taken?
Isolate the infected computer from the network
Which cloud service model is best for software development companies that want to develop and test software applications without managing the underlying infrastructure?
PaaS
What does IaaS provide to the consumer?
Physical computing resources, virtualized and delivered over the internet
What type of deployment is most likely to use dedicated hardware for cloud services?
Private Cloud
Sam was just hired to work on the security team that will be attempting to compromise the company's network to discover what vulnerability exist. Which team did he get hired to?
Red
Which risk management strategy is illustrated by continuing to use a network device with a known risk without implementing any mitigating security measures?
Risk Acceptance
.Which risk management approach entails removing the threat or vulnerability altogether to entirely negate the related risk?
Risk Avoidance
Which risk management strategy involves implementing security measures to decrease the probability of a risk happening or to lessen its effects should it occur?
Risk Mitigation
A network firewall analyzes each packet against a set of security criteria before deciding to allow or block. This approach is known as:
Rule-Based Access Control
What type of attack floods a network with ICMP echo request packets, amplifying the attack by using a large number of hosts?
Smurf Attack
In a DAC (Discretionary Access Control) system, who typically has the authority to set or change permissions?
The owner of the resource
Due to its location in a coastal area, a data center's operational continuity is at risk from hurricanes. This natural event is categorized as a:
Threat
What is the primary function of a router in a network?
To connect multiple networks and route data packets between them
How can organizations reduce the risk associated with port scanning attacks?
Using firewalls to block unnecessary ports
What is a Type 1 hypervisor?
Virtualization software that runs directly on the host's hardware to control the hardware and to manage VM guest operating systems
While setting up a Wi-Fi network, the network administrator decides to use a wireless encryption method that includes each device using a unique encryption key.Which protocol is the administrator choosing?
WPA3
If a network admin needs to see if a TCP connection is active on a Windows computer, what command should they use?
netstat
