7532990
Descrição
Quiz por Paul Anstall, atualizado more than 1 year ago
|
Criado por Paul Anstall
quase 8 anos atrás
|
|
Questão 1
Questão
Which of the following doesn’t define a method of transmitting data that violates a security policy?
Responda
-
Backdoor channel
-
Session hijacking
-
Covert channel
-
Overt channel
Questão 2
Questão
Which virus type is only executed when a specific condition is met?
Responda
-
Sparse infector
-
Multipartite
-
Metamorphic
-
Cavity
Questão 3
Questão
Which of the following propagates without human interaction?
Responda
-
Trojan
-
Worm
-
Virus
-
MITM
Questão 4
Questão
Which of the following don’t use ICMP in the attack? (Choose two.)
Responda
-
SYN flood
-
Ping of Death
-
Smurf
-
Peer to peer
Questão 5
Questão
Which of the following is not a recommended step in recovering from a malware infection?
Responda
-
Delete system restore points.
-
Back up the hard drive.
-
Remove the system from the network.
-
Reinstall from original media.
Questão 6
Questão
Which of the following is a recommendation to protect against session hijacking? (Choose two.)
Responda
-
Use only nonroutable protocols.
-
Use unpredictable sequence numbers.
-
Use a file verification application, such as Tripwire.
-
Use a good password policy.
-
Implement ICMP throughout the environment.
Questão 7
Questão
Which of the following attacks an already-authenticated connection?
Responda
-
Smurf
-
Denial of service
-
Session hijacking
-
Phishing
Questão 8
Questão
How does Tripwire (and programs like it) help against Trojan attacks?
Responda
-
Tripwire is an AV application that quarantines and removes malware immediately.
-
Tripwire is an AV application that quarantines and removes malware after a scan.
-
Tripwire is a file-integrity-checking application that rejects malware packets intended for the kernel.
-
Tripwire is a file-integrity-checking application that notifies you when a system file has been altered, potentially indicating malware.
Questão 9
Questão
Which of the following DoS categories consume all available bandwidth for the system or service?
Responda
-
Fragmentation attacks
-
Volumetric attacks
-
Application attacks
-
TCP state-exhaustion attacks
Questão 10
Questão
During a TCP data exchange, the client has offered a sequence number of 100, and the server has offered 500. During acknowledgments, the packet shows 101 and 501, respectively, as the agreed-upon sequence numbers. With a window size of 5, which sequence numbers would the server willingly accept as part of this session?
Responda
-
102 through 104
-
102 through 501
-
102 through 502
-
Anything above 501
Questão 11
Questão
Which of the following is the proper syntax on Windows systems for spawning a command shell on port 56 using Netcat?
Responda
-
nc -r 56 -c cmd.exe
-
nc -p 56 -o cmd.exe
-
nc -L 56 -t -e cmd.exe
-
nc -port 56 -s -o cmd.exe
Questão 12
Questão
Which of the following best describes a DRDoS?
Responda
-
Multiple intermediary machines send the attack at the behest of the attacker.
-
The attacker sends thousands upon thousands of SYN packets to the machine with a false source IP address.
-
The attacker sends thousands of SYN packets to the target but never responds to any of the return SYN/ACK packets.
-
The attack involves sending a large number of garbled IP fragments with overlapping, oversized payloads to the target machine.
Questão 13
Questão
Which of the following best describes a teardrop attack?
Responda
-
The attacker sends a packet with the same source and destination address.
-
The attacker sends several overlapping, extremely large IP fragments.
-
The attacker sends UDP Echo packets with a spoofed address.
-
The attacker uses ICMP broadcast to DoS targets.
Quer criar seus próprios Quizzes gratuitos com a GoConqr? Saiba mais.