Quiz 9 Computer Security

Ace your homework & exams now with Quizwiz!

The three main categories of network security risk are reconnaissance, eavesdropping, and denial of service.

1) True

Henry would like to create a different firewall rule that allows encrypted web traffic to reach a web server. What port is used for that communication?

443

What program, released in 2013, is an example of ransomware?

Crypt0L0cker

A simple network has two primary parts: hosts and computers.

False

A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

False

Network address translation (NAT) prevents hosts on a LAN from sharing the global IP address assigned by the ISP.

False

Unused network jacks are commonplace and pose no danger to security.

False

What is NOT a common motivation for attackers?

Fear

Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database?

SQL injection

What firewall approach is shown in the figure?

Screened subnet

What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?

Switch

A network attacker wants to know IP addresses used on a network, remote access procedures, and weaknesses in network systems.

True

Star Network connects three or more endpoints through a central mode.

True

The OSI Reference Model is a theoretical model of networking with interchangeable layers.

True

The goal of a command injection is to execute commands on a host operating system.

True

The star topology requires an addressing scheme to distinguish between the different connections.

True

Val would like to limit the websites that her users visit to those on an approved list of pre-cleared sites. What type of approach is Val advocating?

Whitelisting

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?

Whois

What wireless security technology contains significant flaws and should never be used?

Wired Equivalent Privacy (WEP)


Related study sets

Chapter 5: Motivation and Engagement

View Set

AP Euro Midterm Review, AP Euro Midterm Review, AP Euro Midterm/Exam Review, Ap Euro Midterm Review, AP European History Midterm Study Guide, AP Euro - 9.41, Palmer Sections 41/42, Palmer Sections 41/42/43, Palmer and Colton Sections 43-44, Palmer Se...

View Set

MIDTERM, ISM3011 - Chapter 2 key terms, ISM 3011 - Chapter 1 key terms, Information Systems Chapter 13, IT Test 1, WEEK 5:: SYSTEM HARDENING, CSC Chpt 2 Exam Questions, CTS 115 Fall 2017 Information Systems Unit 1, IT

View Set

Human Communication final exam Chap. 7,8,10,11

View Set

Money and Banking Final Exam Multiple Choice

View Set

BUSINESS 101 CHAPTER 8:Producing Quality Goods & Services

View Set