Network Defense Chapter 9

What type of malicious code could be installed in a system's flash memory to allow an attacker to access the system at a later date? embedded browser unclassified kernel BIOS-based rootkit patch

BIOS-based rootkit

What programming languages are vulnerable to buffer overflow attacks? Assembly and C++ Perl and Python C and C++ C and Python

C and C++

What type of viruses and code has been created by security researchers and attackers that could infect phones running Google's Android, Windows Mobile, and the Apple iPhone OS? Python Perl C++ Java-based

Java-based

Which of the following is a common Linux rootkit? Back Orifice Kill Trojans Packet Storm Security Linux Rootkit 5

Linux Rootkit 5

A device that performs more than one function, such as printing and faxing is called which of the following? MILS ASA RTOS MFD

MFD

Which of the following is an SELinux OS security mechanism that enforces access rules based on privileges for interactions between processes, files, and users? Mandatory Access Control Mandatory Control Access Control SE Access Control

Mandatory Access Control

What is the current file system that Windows utilizes that has strong security features? ADS FAT32 FAT NTFS

NTFS

Which of the following systems should be used when equipment monitoring and automation is critical? CAD VoIP SCADA GUI

SCADA

When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share? NT level security User-level security CIF level security Share-level security

Share-level security

Embedded OSs are usually designed to be small and efficient so they do not have some of the functions that general-purpose OSs have. True False

True

When using the Common Internet File System (CIFS), which security model will require network users to have a user name and password to access a specific resource? NT level security User-level security CIF level security Share-level security

User-level security

Which of the following if often found within an embedded OS that can cause a potential vulnerability to an attack? RAM PCB Web server USB port

Web server

Which of the following source code is now available to the public and was considered a trimmed down version of the Windows desktop OS? VxWorks Windows 10 IoT Windows Embedded 8 Windows CE

Windows CE

SCADA systems controlling critical infrastructure are usually completely separated from the Internet by which of the following? firewall router air gap Vlan

air gap

Ubuntu and Debian Linux use what command to update and manage their RPM packages? yum dir apt-get get

apt-get

Rootkits that pose the biggest threat to any OS are those that infect what part of the targeted device? middleware fireware firmware testware

firmware

What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system? no ACL support no Linux support no SMTP support no SUS support

no ACL support

Which of the following is considered to be the most critical SQL vulnerability? SQL password SQL scanning null SA password null SA hash

null SA password

Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources? router host driver rootkit

router