Network+ Chapter 8 Network Risk Management
The SSH service listens on what TCP port? 20 21 22 23
22
What distinguishes a virus from other types of malware?
A virus can replicate itself with the intent to infect more computers.
What feature of Windows Server allows for agentless authentication? A. Active Directory B. ACL (access control list) C. IDS (intrusion detection system) D. Network-based firewall
A. Active Directory
What wireless attack might a potential hacker execute with a specially configured transmitter? A. Jamming B. Vulnerability C. Evil twin D. Zero-day exploit
A. Jamming
What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack?
ARP performs no authentication.
What's the difference between an IDS and an IPS?
An IDS can only detect and log suspicious activity. An IPS can react when alerted to such activity.
What kind of vulnerability is exploited by a ping of death? A. Zero-day exploit B. Buffer overflow C. Social engineering D. Backdoor
B. Buffer overflow
What kind of firewall blocks traffic based on application data contained within the packets? A. Host-based firewall B. Content-filtering firewall C. Packet-filtering firewall D. Stateless firewall
B. Content-filtering firewall
Which type of DoS attack orchestrates an attack using uninfected computers? A. DDoS (distributed DoS) attack B. Smurf attack C. DRDoS (distributed reflector DoS) attack D. PDoS (permanent DoS) attack
C. DRDoS (distributed reflector DoS) attack
At what layer of the OSI model do proxy servers operate? A. Layer 3 B. Layer 2 C. Layer 7 D. Layer 4
C. Layer 7
What kinds of issues might indicate a misconfigured ACL?
Connectivity and performance issues between two hosts in which some applications or ports can make the connection while others can't
What are the two primary features that give proxy servers an advantage over NAT?
Content filtering, file caching
What software might be installed on a device in order to authenticate it to the network? A. Operating system B. Security policy C. NAC (network access control) D. Agent
D. Agent
What kind of virus runs in place of the computer's normal system files? A. Worms B. Macro viruses C. File-infector viruses D. Boot sector viruses
D. Boot sector viruses
Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct in order to make recommendations for the upgrade priorities? A. Data breach B. Security audit C. Exploitation D. Posture assessment
D. Posture assessment
What of the following features does not distinguish an NGFW from traditional firewalls? A. Application Control B. IDS and/or IPS C. User awareness D. UTM (Unified Threat Management)
D. UTM (Unified Threat Management)
What causes most firewall failures?
Firewall misconfiguration
A system that is capable of collecting and analyzing information generated by firewalls, IDS, and IPS systems is known as which term below? event collector architecture syslog system SIEM system log organizer
SIEM system
A neighbor hacks into your secured wireless network on a regular basis, but you didn't give him the password. What loophole was most likely left open?
The default password was not changed.
What unique characteristic of zero-day exploits make them so dangerous?
The vulnerability is exploited before the software developer has the opportunity to provide a solution for it.
Regarding managing security levels, why do network administrators create domain groups?
To simplify the process of granting rights to users
An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below? banner-grabbing attack reflective attack friendly attack IP spoofing attack
banner-grabbing
Any traffic that is not explicitly permitted in the ACL is _______________, which is called the _____________________.
denied, implicit deny rule
If multiple honeypots are connected to form a larger network, what term is used to describe the network? combolure lurenet honeycomb honeynet
honeynet
An attack that involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack? buffer overflow session hijacking attack man-in-the-middle-attack banner-grabbing attack
man-in-the-middle-attack
Which software below combines known scanning techniques and exploits to allow for hybrid exploits? Nessus metasploit nmap Sub7
metasploit
The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below? mining phishing hunting doxing
phishing
A proxy that provides Internet clients access to services on its own network is known as what type of proxy? reverse proxy cache proxy service proxy inverse proxy
reverse proxy
What kind of attack involves a flood of broadcast ping messages, with the originating source address being spoofed to appear as a host on the network? amplification attack smurf attack zombie attack SYN attack
smurf attack
What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire? transparent wire mode virtual access mode pass-thru mode virtual wire mode
virtual wire mode