IS5403 Week 3 All Quizezz

2

Question

What can be deployed to intercept and log network traffic passing through the network?

protocol analyzers

NIPSs

proxy catchers

event viewers

NIDSs

Correct

 

2 of 5

3

Question

What attack involves impersonating another device?

Spoofing

Spearing

Spimming

Pharming

Phishing

Correct

 

3 of 5

4

Question

Packet sniffing can be helpful in detecting rogues.

False

True

Correct

 

4 of 5

5

Question

Which of the following is NOT a means used by an attacker to do reconnaissance on a network?

DNS footprinting

Smurf attack

TCP/IP Stack fingerprinting

Port scan attack

Banner grabbing

Christmas tree attack

Correct

What is a session token?

• another name for a third-party cookie
• a unique identifier that includes the user's email address
• XML code used in an XML injection attack
• a random string assigned by a web server

CORRECT

Which attack uses the user's web browser settings to impersonate that user?

• Session hijacking
• XDD
• XSRF
• Domain hijacking

CORRECT

John was explaining about an attack that accepts user input without validating it and uses that input in a response. What type of attack was he describing?

• XSS
• SQL
• XSRF
• DDoS DNS

CORRECT

What is the basis of an SQL injection attack?

• to expose SQL code so that it can be examined
• to insert SQL statements through unfiltered user input
• to have the SQL server attack client web browsers
• to link SQL servers into a botnet

CORRECT

Which attack intercepts communications between a web browser and the underlying computer?

• replay
• man-in-the-middle (MITM)
• man-in-the-browser (MITB)
• ARP poisoning

CORRECT

What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through three succeeding systems that all trust one another?

• privilege escalation
• transverse attack
• cross-site attack
• horizontal access attack

CORRECT

Attackers who register domain names that are similar to legitimate domain names are performing _____.

• HTML squatting
• Address resolution
• URL hijacking
• HTTP manipulation

CORRECT

What type of attack intercepts legitimate communication and forges a fictitious response to the sender?

• SIDS
• MITM
• SQL intrusion
• interceptor

CORRECT

A replay attack _____.

• makes a copy of the transmission for use at a later time
• replays the attack over and over to flood the server
• can be prevented by patching the web browser
• is considered to be a type of DoS attack

CORRECT

An attacker who manipulates the maximum size of an integer type would be performing what kind of attack?

• buffer overflow
• heap overflow
• number overflow
• integer overflow

CORRECT

Which of these is NOT a DoS attack?

• DNS amplification
• smurf attack
• push flood
• SYN flood

CORRECT

What is the difference between a DoS and a DDoS attack?

• DoS attacks use fewer computers than DDoS attacks
• DoS attacks are faster than DDoS attacks
• DoS attacks do not use DNS servers as DDoS attacks do
• DoS attacks use more memory than a DDoS attack

CORRECT

Olivia was asked to protect the system from a DNS poisoning attack. What are the locations she would need to protect?

• Web server buffer and host DNS server
• Web browser and browser add-on
• Reply referrer and domain buffer
• Host table and external DNS server

CORRECT

DNS poisoning _____.

• is rarely found today due to the use of host tables
• floods a DNS server with requests until it can no longer respond
• is the same as ARP poisoning
• substitutes DNS addresses so that the computer is automatically redirected to another device

CORRECT

Why are extensions, plug-ins, and add-ons considered to be security risks?

• They have introduced vulnerabilities in browsers.
• They are written in Java, which is a weak language.
• They cannot be uninstalled.
• They use bitcode.

CORRECT

Which statement is correct regarding why traditional network security devices cannot be used to block web application attacks?

• Network security devices cannot prevent attacks from web resources.
• Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.
• Web application attacks use web browsers that cannot be controlled on a local computer.
• The complex nature of TCP/IP allows for too many ping sweeps to be blocked.

CORRECT

Which action cannot be performed through a successful SQL injection attack?

• reformat the web application server's hard drive
• discover the names of different fields in a table
• erase a database table
• display a list of customer telephone numbers

CORRECT

What type of attack involves manipulating third-party ad networks?

• Clickjacking
• Malvertising
• Session advertising
• Directory traversal

CORRECT

Newton is concerned that attackers could be exploiting a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. What type of attack is he worried about?

• Amplification
• Privilege escalation
• Session replay
• Scaling exploit

CORRECT

Which of the following adds new functionality to the web browser so that users can play music, view videos, or display special graphical images within the browser?

• Add-ons
• Plug-ins
• Extensions
• Scripts

CORRECT

How does network address translation (NAT) improve security?

• It filters based on protocol.
• It masks the IP address of the NAT device.
• It discards unsolicited packets.
• NATs do not improve security.

CORRECT

Which statement regarding a demilitarized zone (DMZ) is NOT true?

• It can be configured to have one or two firewalls.
• It typically includes an email or a web server.
• It contains servers that are used only by internal network users.
• It provides an extra degree of security.

CORRECT

Raul was asked to configure the VPN to preserve bandwidth. Which configuration would he choose?

• Narrow tunnel
• Full tunnel
• Split tunnel
• Wide tunnel

CORRECT

Which device intercepts internal user requests and then processes those requests on behalf of the users?

• Reverse proxy server
• Forward proxy server
• Host detection server
• Intrusion prevention device

CORRECT

Ximena noticed that Sofia had created a network bridge on her new laptop between the unsecured wireless network and the organization's secure intranet. Ximena explained to Sofia the problem associated with setting up the bridge. What did Ximena tell Sofia?

• A bridge will block packets between two different types of networks.
• A bridge could permit access to the secure wired network from the unsecured wireless network.
• A bridge cannot be used on any Internet connection.
• A bridge would block packets from reaching the Internet.

CORRECT

In which of the following configurations are all the load balancers always active?

• Active-passive
• Active-load-passive-load
• Passive-active-passive
• Active-active

CORRECT

Which device watches for attacks and sounds an alert only when one occurs?

• network intrusion prevention system (NIPS)
• network intrusion detection system (NIDS)
• proxy intrusion device
• firewall

CORRECT

Which of the following is a multipurpose security device?

• Media gateway
• Intrusion Detection/Prevention (ID/P)
• Unified Threat Management (UTM)
• Hardware security module

CORRECT

Sebastian was explaining to his supervisor why the enterprise needed to implement port security. His supervisor asked what security action a flood guard could do when a MAC flooding attack occurred. Which of the following was NOT an answer that was given by Sebastian?

• Block the port entirely
• Cause the device to enter a fail-open mode
• Ignore the new MAC addresses while allowing normal traffic from the single pre-approved MAC address
• Record new MAC addresses up to a specific limit

CORRECT

Which function does an Internet content filter NOT perform?

• URL filtering
• intrusion detection
• malware inspection
• content inspection

CORRECT

Which of the following devices can identify the application that sends packets and then makes decisions about filtering based on it?

• application-based firewall
• Internet content filter
• web security gateway
• reverse proxy

CORRECT

Which of the following CANNOT be used to hide information about the internal network?

• a subnetter
• a protocol analyzer
• network address translation (NAT)
• a proxy server

CORRECT

Which statement about network address translation (NAT) is true?

• It can be stateful or stateless.
• It can be found only on core routers.
• It removes private addresses when the packet leaves the network.
• It substitutes MAC addresses for IP addresses.

CORRECT

Which device is easiest for an attacker to take advantage of to capture and analyze packets?

• hub
• switch
• load balancer
• router

CORRECT

Which of these would NOT be a filtering mechanism found in a firewall ACL rule?

• protocol
• direction
• source address
• date

CORRECT

Which of these is NOT used in scheduling a load balancer?

• The IP address of the destination packet
• Round-robin
• Data within the application message itself
• Affinity

CORRECT

Which is the most secure type of firewall?

• reverse proxy analysis
• stateful packet filtering
• network intrusion detection system replay
• stateless packet filtering

CORRECT

Isabella is a security support manager for a large enterprise. In a recent meeting, she was asked which of the standard networking devices already present on the network could be configured to supplement the specific network security hardware devices that were recently purchased. Which of these standard networking devices would Isabella recommend?

• router
• SIEM device
• hub
• virtual private network

CORRECT

Francisco was asked by a student intern to explain the danger of a MAC flooding attack on a switch. What would Francisco say?

• A MAC flooding attack will prevent load balances from identifying the correct VIP of the servers.
• In a defense of a MAC flooding attack network routers will freeze and not permit any incoming traffic.
• A MAC flooding attack with filter to the local host computer's MAC-to-IP address tables and prevent these hosts from reaching the network.
• Once the MAC address table is full the switch functions like a network hub.

CORRECT

What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?

• A NIPS can take actions more quickly to combat an attack.
• A NIDS provides more valuable information about attacks.
• There is no difference; a NIDS and a NIPS are equal.
• A NIPS is much slower because it uses protocol analysis.

CORRECT