HOD401 Chapter 17

Ace your homework & exams now with Quizwiz!

13. A firewall is used to separate which of the following? A. Networks B. Hosts C. Permissions D. ACL

7. A method for overwhelming an IDS using packets with incorrect TTL values or flags is known as what? A. Session splicing B. Insertion C. Fragmenting D. ACK scanning

10. An anomaly-based NIDS is designed to look for what? A. Patterns of known attacks B. Deviations from known traffic patterns C. Log alterations D. False positives

12. A DMZ is created with which of the following? A. A firewall and a router B. A multihomed firewall C. Two routers D. A multihomed router

20. What can be used instead of a URL to evade some firewalls? A. IP address B. Encryption C. Stateful inspection D. NIDS

5. Altering a checksum of a packet can be used to do what? A. Send an RST. B. Send a URG. C. Reset a connection. D. Evade an NIDS.

6. Firewalking is done to accomplish which of the following? A. Find the configuration of an NIDS. B. Find the configuration of an HIDS. C. Uncover a honeypot. D. Analyze a firewall.

8. How does a fragmentation attack, which takes a packet, breaks it into fragments, and sends only some of the fragments to the target, cause a DoS? A. By consuming processor power on the IDS B. By overwhelming the IDS with too many fragments C. By exhausting memory by caching the fragments D. By filling virtual memory with too much data

9. Which of the following uses a database of known attacks? A. Signature file B. Anomaly C. Behavior D. Shellcode

16. HTTP is typically open on which port in a firewall? A. 25 B. 443 C. 80 D. 110

3. An NIDS is based on technology similar to which of the following? A. Packet sniffing B. Privilege escalation C. Enumeration D. Backdoor

4. Which of the following can be used to evade an IDS? A. Packet sniffing B. Port scanning C. Enumeration D. Encryption

1. An HIDS is used to monitor activity on which of the following? A. Network B. Application C. Log file D. Host

11. Multihomed firewall has a minimum of how many network connections? A. Two B. Three C. Four D. Five

14. In practice a honeypot will be configured how? A. As an unpatched system B. As a decoy server C. As a duplicate of a real system D. As an analysis tool

15. Which ports does SNMP use to function? A. 160 and 161 B. 160 and 162 C. 389 and 160 D. 161 and 162

17. What is a system used as a chokepoint for traffic? A. IDS B. DMZ C. Bastion host D. SNMP host

18. At which layer of the OSI model does a packet-filtering firewall work? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4

19. What type of firewall analyzes the status of traffic? A. Circuit level B. Packet filtering C. Stateful inspection D. NIDS

2. Which of the following can be used to identify a firewall? A. Search engines B. Email C. Port scanning D. Google hacking

See all study sets

HOD401 Chapter 17

Related study sets

econ 380 - exam 2 ch 6-10 labor economics Mcgann

APUSH Chapter 27-28 Notecards JSerra

Series 63 exam

Comm 1200 Public Speaking Midterm

AP Bio Unit 3: cellular respiration and photosynthesis practice questions

PS 103 Exam 1

11, 12, and 13 micro

ATI Questions for Review

Chapter 3: Challenges in the Late 1800s Topic Review

ACC403 Accumulated Questions

MAN3025 Chapter 12

coms 1010 final

Kinesiology Final

supply chain chapter 9-12 quizzes

Sherpath Death and Dying

Clinical lab operations Ch 1 Review Questions

Stats Final Exam Review

hi

psych 2010-605 chapter 5a (Introduction to Learning and Classical Conditions) learning curve

BIO 206W (CH 6,7,)