Chapter 8

Question 1

Which software below combines known scanning techniques and exploits to allow for hybrid exploits?
A) Nessus
B) metasploit
C) nmap
D) Sub7

Answer 1

B) metasploit

Question 2

What kind of attack involves a flood of broadcast ping messages, with the originating source address being spoofed to appear as a host on the network?
A) amplification attack 
B) smurf attack
C) zombie attack
D) SYN attack

Answer 2

B) smurf attack

Question 3

Botnets often make use of what chat protocol in order to receive commands? 
A) XMPP
B) AIM
C) IRC
D) Skype

Answer 3

C) IRC

Question 4

Which virus below combines polymorphism and stealth techniques to create a very destructive virus?
A) Natas
B) Macro
C) Michelangelo
D) Stoned

Answer 4

A) Natas

Question 5

What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size, and internal instructions) to avoid detection? 
A) encryption
B) stealth
C) polymorphism 
D) time dependence

Answer 5

C) polymorphism

Question 6

What type of virus are dormant until a specific condition is met, such as the changing of a file or a match of the current date? 
A) encrypted virus
B) logic bomb
C) boot sector virus
D) worm

Answer 6

B) logic bomb

Question 7

Programs that run independently and travel between computers and across networks, such as via email attachment or virtually any kind of file transfer, are known as which option below?
A) file-infector viruses
B) worms
C) network viruses
D) macro viruses

Answer 7

B) worms

Question 8

If multiple honeypots are connected to form a larger network, what term is used to describe the network?
A) combolure
B) lurenet
C) honeycomb
D) honeynet

Answer 8

D) honeynet

Question 9

A system that is capable of collecting and analyzing information generated by firewalls, ideas, and IPS systems is known as which term below?
A) event collector architecture 
B) syslog system
C) SIEM system
D) log organizer

Answer 9

C) SIEM system

Question 10

A proxy that provides internet clients access to services on its own network is known as what type of proxy? 
A) reverse proxy
B) cache proxy
C) service proxy
D) inverse proxy

Answer 10

A) reverse proxy

Question 11

At what layer of the OSI model do firewalls operate?
A) Transport
B) Data link
C) Network
D) Application

Answer 11

C) Network

Question 12

Which software below serves as the firewall for Linux systems?
A) ZoneAlarm
B) Comodo
C) iptables
D) ipf

Answer 12

C) iptables

Question 13

A reflective attack can be increased in intensity by combining it with what type of attack?
A) smurf attack
B) SYN ATTACK
C) amplification attack
D) friendly attack

Answer 13

C) amplification attack

Question 14

An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below?
A) banner-grabbing attack
B) reflective attack
C) friendly attack
D) IP spoofing attack

Answer 14

A) banner-grabbing attack

Question 15

An attack at involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack?
A) buffer overflow
B) session hijacking attack
C) man-in-the-middle attack
D) banner-grabbing attack

Answer 15

C) man-in-the-middle attack

Question 16

Which option below is standard created by the NSA that defines protections against radio frequency emanations?
A) EmSec
B) TEMPEST
C) RFGUARD
D) BlockSec

Answer 16

B) TEMPEST

Question 17

The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below?
A) mining
B) phishing
C) hunting
D) doxing

Answer 17

B) phishing

Question 18

What feature on some network switches can be used to detect faked arp messages?
A) DHCP snooping
B) session monitoring 
C) dynamic packet inspection
D) dynamic ARP inspection

Answer 18

D) dynamic ARP inspection

Question 19

In ACL statements, the any key is equivalent to using which wildcard mask?
A) 255.255.255.255
B) 0.0.0.0
C) 0.0.255.255
D) 255.255.0.0

Answer 19

A) 255.255.255.255

Question 20

What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire?
A) transparent wire mode
B) virtual access mode
C) pass-thru mode
D) virtual wire mode

Answer 20

D) virtual wire mode

Question 21

What two types of agents are used to check compliance with network security policies?
A) dissolvable agent
B) temporary agent
C) persistent agent
D) permanent agent

Answer 21

A) dissolvable agent

C) persistent agent

Question 22

What two options below are IDS implementations used to provide additional security on a network?
A) IIDS
B) PIDS
C) HIDS
D) NIDS

Answer 22

C) HIDS

D) NIDS

Question 23

What two terms describe a network of compromised computers that are then used to perform coordinated DDoS attacks without their owners' knowledge or consent?
A) reflectors
B) botnet
C) zombie army
D) repeaters

Answer 23

B) botnet

C) zombie army

Question 24

Which two viruses below are examples of boot sector viruses?
A) Michelangelo
B) Stoned
C) Natas
D) Klez

Answer 24

A) Michelangelo

B) Stoned

Question 25

Which two terms can be used to describe a decoy system that is purposely vulnerable for the sake of attracting attackers?
A) honeypot
B) pandora box
C) trap
D) lure

Answer 25

A) honeypot

D) lure