11.3.7 Practice Questions

Ace your homework & exams now with Quizwiz!

Frank, an attacker, has gained access to your network. He decides to cause an illegal instruction. He watches the timing to handle an illegal instruction. Which of the following is he testing for?

A virtual machine

User-Mode-Linux (UML) is an open-source tool used to create virtual machines. It's efficient for deploying honeypots. One of the big issues with UML is that it doesn't use a real hard disk, but a fake IDE device called /dev/ubd*. How can an attacker find a UML system?

Attackers need to take a look at the /etc/fstab file or execute the mount command.

Which of the following honeypot interaction levels simulate all service and applications and can be completely compromised by attackers to get full access to the system in a controlled area?

High-level

Which of the following best describes a honeypot?

A honeypot's purpose is to look like a legitimate network resource.

An attacker is attempting to determine whether a system is a honeypot. Which of the following actions should the attacker take?

Craft a malicious probe packet to scan for services.

Mark, an ethical hacker, is looking for a honeypot tool that will simulate a mischievous protocol such as devil or mydoom. Which of the following honeypot tools should he use?

HoneyBOT

Ports that show a particular service running but deny a three-way handshake connection indicate the potential presence of which of the following?

Honeypot

Which of the following is a physical or virtual network device set up to masquerade as a legitimate network resource?

Honeypot

Which of the following honeypot interaction levels can't be compromised completely and is generally set to collect information about attacks like network probes and worms?

Low-level

An older technique for defeating honeypots is to use tarpits, which sometimes operate at different levels of the OSI model, depending on their function. Which of the following layers of the OSI model do tarpits work at?

OSI layers 2 (DataLink), 4 (Transport), and 7 (Application)

Julie is looking for a honeypot detection tool that is capable of packet manipulation. Which of the following tools should she use?

Snort inline


Related study sets

Chapter 10: Substance use and addictive disorders

View Set

chapter 4 chemistry test 1. Why do Li, Na, K, Rb, Cs, and Fr all react with Cl in a 1:1 ratio forming sub

View Set

AWS Essentials - Database Essentials.

View Set

Mental Health Nclex style Questions - focus on schizophrenia- EXAM 1

View Set

AI-900: Intro to Azure OpenAI Service

View Set