7532990
Description
Quiz by Paul Anstall, updated more than 1 year ago
|
Created by Paul Anstall
almost 8 years ago
|
|
Question 1
Question
Which of the following doesn’t define a method of transmitting data that violates a security policy?
Answer
-
Backdoor channel
-
Session hijacking
-
Covert channel
-
Overt channel
Question 2
Question
Which virus type is only executed when a specific condition is met?
Answer
-
Sparse infector
-
Multipartite
-
Metamorphic
-
Cavity
Question 3
Question
Which of the following propagates without human interaction?
Answer
-
Trojan
-
Worm
-
Virus
-
MITM
Question 4
Question
Which of the following don’t use ICMP in the attack? (Choose two.)
Answer
-
SYN flood
-
Ping of Death
-
Smurf
-
Peer to peer
Question 5
Question
Which of the following is not a recommended step in recovering from a malware infection?
Answer
-
Delete system restore points.
-
Back up the hard drive.
-
Remove the system from the network.
-
Reinstall from original media.
Question 6
Question
Which of the following is a recommendation to protect against session hijacking? (Choose two.)
Answer
-
Use only nonroutable protocols.
-
Use unpredictable sequence numbers.
-
Use a file verification application, such as Tripwire.
-
Use a good password policy.
-
Implement ICMP throughout the environment.
Question 7
Question
Which of the following attacks an already-authenticated connection?
Answer
-
Smurf
-
Denial of service
-
Session hijacking
-
Phishing
Question 8
Question
How does Tripwire (and programs like it) help against Trojan attacks?
Answer
-
Tripwire is an AV application that quarantines and removes malware immediately.
-
Tripwire is an AV application that quarantines and removes malware after a scan.
-
Tripwire is a file-integrity-checking application that rejects malware packets intended for the kernel.
-
Tripwire is a file-integrity-checking application that notifies you when a system file has been altered, potentially indicating malware.
Question 9
Question
Which of the following DoS categories consume all available bandwidth for the system or service?
Answer
-
Fragmentation attacks
-
Volumetric attacks
-
Application attacks
-
TCP state-exhaustion attacks
Question 10
Question
During a TCP data exchange, the client has offered a sequence number of 100, and the server has offered 500. During acknowledgments, the packet shows 101 and 501, respectively, as the agreed-upon sequence numbers. With a window size of 5, which sequence numbers would the server willingly accept as part of this session?
Answer
-
102 through 104
-
102 through 501
-
102 through 502
-
Anything above 501
Question 11
Question
Which of the following is the proper syntax on Windows systems for spawning a command shell on port 56 using Netcat?
Answer
-
nc -r 56 -c cmd.exe
-
nc -p 56 -o cmd.exe
-
nc -L 56 -t -e cmd.exe
-
nc -port 56 -s -o cmd.exe
Question 12
Question
Which of the following best describes a DRDoS?
Answer
-
Multiple intermediary machines send the attack at the behest of the attacker.
-
The attacker sends thousands upon thousands of SYN packets to the machine with a false source IP address.
-
The attacker sends thousands of SYN packets to the target but never responds to any of the return SYN/ACK packets.
-
The attack involves sending a large number of garbled IP fragments with overlapping, oversized payloads to the target machine.
Question 13
Question
Which of the following best describes a teardrop attack?
Answer
-
The attacker sends a packet with the same source and destination address.
-
The attacker sends several overlapping, extremely large IP fragments.
-
The attacker sends UDP Echo packets with a spoofed address.
-
The attacker uses ICMP broadcast to DoS targets.
Want to create your own Quizzes for free with GoConqr? Learn more.