Module 8 Textbook & Quiz | ITE-249-02 Networking Threats, Assessments, and Defenses
1. Choose which statement is wrong by applying your knowledge from the reading. a. A session ID is a unique number that a web browser assigns for the duration of that user's visit. b. The goal of an MITM attack is to either eavesdrop on the conversation or impersonate one or both of the parties. c. In a MAC cloning attack, a threat actor will discover a valid MAC address of a device connected to a switch, spoof that MAC address on his device, and send a packet onto the network.
a. A session ID is a unique number that a web browser assigns for the duration of that user's visit.
3. Choose which statement is wrong by applying your knowledge from the reading. a. A DMZ is also called a physical air gap. b. A barricade is a short but sturdy vertical post that is used to as a vehicular traffic barricade to prevent a car from "ramming" into a secured area. c. An electronic lock is a combination lock that uses buttons that must be pushed in the proper sequence to open the door.
b. A barricade is a short but sturdy vertical post that is used to as a vehicular traffic barricade to prevent a car from "ramming" into a secured area.
2. Choose which statement is wrong by applying your knowledge from the reading. a. The Linux text file manipulation tool logger adds content to the syslog file. b. Nessus is from Kali Linux. c. The tools tracert (Windows) and traceroute (Linux) show the details about the path a packet takes from a computer or device to a destination.
b. Nessus is from Kali Linux.
17. Which of the following is a tool for editing packets and then putting the packets back onto the network to observe their behavior? a. Packetdump b. Tcpreplay c. Tcpdump d. Wireshark
b. Tcpreplay
20. Which of the following does NOT describe an area that separates threat actors from defenders? a. Air gap b. DMZ c. Containment space d. Secure area
c. Containment space
1. Which attack intercepts communications between a web browser and the underlying OS? a. DIG b. ARP poisoning c. Man-in-the-browser (MITB) d. Interception
c. Man-in-the-browser (MITB)
18. Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing? a. Dual observation protocol (DOP) b. Compromise mitigation assessment (CMA) c. Two-person integrity/control d. Multiplayer recognition
c. Two-person integrity/control
9. Which of the following is NOT true about VBA? a. It is built into most Microsoft Office applications. b. It is included in select non-Microsoft products. c. It is commonly used to create macros. d. It is being phased out and replaced by PowerShell.
d. It is being phased out and replaced by PowerShell.
14. Which utility sends custom TCP/IP packets? a. curl b. shape c. pingpacket d. hping
d. hping
19. Which of the following sensors can detect an object that enters the sensor's field? a. Proximity b. Object recognition c. Field detection d. IR verification
a. Proximity
3. What is the result of an ARP poisoning attack? a. The ARP cache is compromised. b. Users cannot reach a DNS server. c. MAC addresses are altered. d. An internal DNS must be used instead of an external DNS.
a. The ARP cache is compromised.
10. Which of the following is NOT a Microsoft defense against macros? a. Trusted domain b. Trusted documents c. Protected View d. Trusted location
a. Trusted domain
8. What is the difference between a DoS and a DDoS attack? a. DoS attacks are faster than DDoS attacks. b. DoS attacks use fewer computers than DDoS attacks. c. DoS attacks do not use DNS servers as DDoS attacks do. d. DoS attacks use more memory than DDoS attacks.
b. DoS attacks use fewer computers than DDoS attacks.
2. Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect? a. Reply referrer and domain buffer b. Host table and external DNS server c. Web browser and browser add-on d. Web server buffer and host DNS server
b. Host table and external DNS server
7. Which of the following is NOT a reason that threat actors use PowerShell for attacks? a. It cannot be detected by antimalware running on the computer. b. It can be invoked prior to system boot. c. Most applications flag it as a trusted application. d. It leaves behind no evidence on a hard drive.
b. It can be invoked prior to system boot.
11. Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use? a. Use the latest version of Python. b. Download only vetted libraries. c. Only use compiled and not interpreted Python code. d. Use caution when formatting strings.
c. Only use compiled and not interpreted Python code.
16. Eros wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use? a. display b. show c. cat d. head
c. cat
13. Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use? a. tracert b. tracepacket c. traceroute d. trace
c. traceroute
5. Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user? a. DNS overflow attack b. DNS resource attack c. DNS hijack attack d. DNS poisoning attack
d. DNS poisoning attack
4. Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this? a. MAC cloning attack b. MAC spoofing attack c. MAC overflow attack d. MAC flooding attack
d. MAC flooding attack
6. Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack? a. IoT b. Network c. Application d. Operational Technology
d. Operational Technology
12. What is Bash? a. The open source scripting language that contains many vulnerabilities b. The underlying platform on which macOS is built c. A substitute for SSH d. The command-language interpreter for Linux/UNIX OSs
d. The command-language interpreter for Linux/UNIX OSs
15. Which of the following is a third-party OS penetration testing tool? a. scanless b. Nessus c. theHarvester d. sn1per
d. sn1per
