HOD401 Chapter 17

Ace your homework & exams now with Quizwiz!

A

13. A firewall is used to separate which of the following? A. Networks B. Hosts C. Permissions D. ACL

B

7. A method for overwhelming an IDS using packets with incorrect TTL values or flags is known as what? A. Session splicing B. Insertion C. Fragmenting D. ACK scanning

B

10. An anomaly-based NIDS is designed to look for what? A. Patterns of known attacks B. Deviations from known traffic patterns C. Log alterations D. False positives

B

12. A DMZ is created with which of the following? A. A firewall and a router B. A multihomed firewall C. Two routers D. A multihomed router

A

20. What can be used instead of a URL to evade some firewalls? A. IP address B. Encryption C. Stateful inspection D. NIDS

D

5. Altering a checksum of a packet can be used to do what? A. Send an RST. B. Send a URG. C. Reset a connection. D. Evade an NIDS.

D

6. Firewalking is done to accomplish which of the following? A. Find the configuration of an NIDS. B. Find the configuration of an HIDS. C. Uncover a honeypot. D. Analyze a firewall.

C

8. How does a fragmentation attack, which takes a packet, breaks it into fragments, and sends only some of the fragments to the target, cause a DoS? A. By consuming processor power on the IDS B. By overwhelming the IDS with too many fragments C. By exhausting memory by caching the fragments D. By filling virtual memory with too much data

A

9. Which of the following uses a database of known attacks? A. Signature file B. Anomaly C. Behavior D. Shellcode

C

16. HTTP is typically open on which port in a firewall? A. 25 B. 443 C. 80 D. 110

A

3. An NIDS is based on technology similar to which of the following? A. Packet sniffing B. Privilege escalation C. Enumeration D. Backdoor

D

4. Which of the following can be used to evade an IDS? A. Packet sniffing B. Port scanning C. Enumeration D. Encryption

D

1. An HIDS is used to monitor activity on which of the following? A. Network B. Application C. Log file D. Host

B

11. Multihomed firewall has a minimum of how many network connections? A. Two B. Three C. Four D. Five

C

14. In practice a honeypot will be configured how? A. As an unpatched system B. As a decoy server C. As a duplicate of a real system D. As an analysis tool

D

15. Which ports does SNMP use to function? A. 160 and 161 B. 160 and 162 C. 389 and 160 D. 161 and 162

C

17. What is a system used as a chokepoint for traffic? A. IDS B. DMZ C. Bastion host D. SNMP host

C

18. At which layer of the OSI model does a packet-filtering firewall work? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4

C

19. What type of firewall analyzes the status of traffic? A. Circuit level B. Packet filtering C. Stateful inspection D. NIDS

C

2. Which of the following can be used to identify a firewall? A. Search engines B. Email C. Port scanning D. Google hacking


Related study sets

econ 380 - exam 2 ch 6-10 labor economics Mcgann

View Set

APUSH Chapter 27-28 Notecards JSerra

View Set

Comm 1200 Public Speaking Midterm

View Set

AP Bio Unit 3: cellular respiration and photosynthesis practice questions

View Set

Chapter 3: Challenges in the Late 1800s Topic Review

View Set

supply chain chapter 9-12 quizzes

View Set

Clinical lab operations Ch 1 Review Questions

View Set

psych 2010-605 chapter 5a (Introduction to Learning and Classical Conditions) learning curve

View Set