cyber security 6
Which device is connected to a port on a switch in order to receive network traffic?
Passive IDS
A mail gateway can have many functions
Which choice is NOT one of those functions?
Require full tunnel
One way to secure data is through Data Loss Prevention (DLP). Which of the choices is not a data type protected by DLP?
Data-to-disclose
Which of the DLP sensor choices requires communication with the DLP server?
DLP agent
Which of the following devices can identify the application that send packets and then make decisions about filtering based on it?
application-based firewall
Which of the following is a multipurpose security device?
Unified Threat
Management (UTM)
Which is the most secure type of firewall?
stateful packet filtering
Which device is easiest for an
attacker to take advantage of to
capture and analyze packets?
hub
Which of these would NOT be a filtering mechanism found in a firewall ACL rule?
date
Which statement regarding a demilitarized zone (DMZ) is NOT true?
It contains servers that are a & used only by internal network users.
Ximena noticed that Sofia had created a network bridge on her new laptop between the unsecured wireless network and the
organization's secure intranet.
Ximena explained to Sofia the problem associated with setting up the bridge. What did Ximena tell Sofia?
A bridge could permit access to the secure wired network from the unsecured wireless network
Which of the following CANNOT be used to hide information about the internal network?
a protocol analyzer
Which of these is NOT used in scheduling a load balancer?
The IP address of the destination packet
Sebastian was explaining to his supervisor why the enterprise needed to implement port security.
His supervisor asked what security action a flood guard could do when a MAC flooding attack occurred.
Which of the following was NOT an answer that was given by Sebastian?
Cause the device to enter a fail-open mode.
Which function does an Internet content filter NOT perform?
intrusion detection
Which device watches for attacks and sounds an alert only when one occurs?
network intrusion
detection system (NIDS)
Isabella is a security support manager for a large enterprise. In a recent meeting, she was asked which of the standard networking devices already present on the network could be configured to supplement the specific network security hardware devices that were recently purchased. Which of these standard networking devices would Isabella recommend?
router
Which statement about network address translation (NAT) is true?
It removes private addresses when the packet leaves the network.
Francisco was asked by a student intern to explain the danger of a MAC flooding attack on a switch.
What would Francisco say?
Once the MAC address table is full the switch functions like a network hub.
Raul was asked to configure the
VPN to preserve bandwidth. Which configuration would he choose?
Split tunnel
In which of the following configurations are all the load balancers always active?
Active-active
How does network address translation (NAT) improve security?
It discards unsolicited packets.
What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?
A NIPS can take actions more quickly to combat an attack.
Francisco was asked by a student intern to explain the danger of a MAC flooding attack on a switch. What would Francisco say?
Once the MAC address table is full the switch functions like a network hub.
What kind of attack is performed by
an attacker who takes advantage of
the inadvertent and unauthorized
access built through three
succeeding systems that all trust one
another?
privilege escalation
substitutes DNS addresses so that the computer is automatically redirected to another device?
DNS poisoning
Which of these is NOT a DoS attack?
push flood
Why are extensions, plug-ins, and add-ons considered to be security risks?
They have introduced vulnerabilities in browsers.
Newton is concerned that attackers could be exploiting a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. What type of attack is he worried about?
Privilege escalation
Which action cannot be performed through a successful SQL injection attack?
reformat the web application server's hard drive
What is the difference between a
DoS and a DDoS attack?
DoS attacks use fewer computers than DDoS
attacks
What type of attack involves manipulating third-party ad networks?
Malvertising
An attacker who manipulates the maximum size of an integer type would be performing what kind of attack?
integer overflow
Which of the following adds new functionality to the web browser so that users can play music, view videos, or display special graphical images within the browser?
Plug-ins
Olivia was asked to protect the system from a DNS poisoning attack.
What are the locations she would need to protect?
Host table and external
DNS server
What is a session token?
a random string assigned
by a web server
A replay attack does what ?
makes a copy of the transmission for use at a
later time
Which statement is correct regarding why traditional network security devices cannot be used to block web application attacks?
Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.
Which of these is not a DoS attack?
push flood
John was explaining about an attack that accepts user input without validating it and uses that input in a response. What type of attack was he describing?
XSS
Which attack intercepts communications between a web
browser and the underlying computer?
man-in-the-browser
(MITB)
What is the basis of an SQL injection attack?
to insert SQL statements through unfiltered user input
Which attack uses the user's web browser settings to impersonate that user?
XSRF
Attackers who register domain names that are similar to legitimate domain names are performing what?
URL hijacking
What type of attack intercepts legitimate communication and forges a fictitious response to the sender?
MITM
What hardware based solutions are measures for fault tolerance?
(Choose all that apply.)
RAID
Clustering
Load balancing
To increase fault-tolerance, the security administrator for Corp.com has installed an active/passive firewall cluster where the second firewall is held in reserve in case of primary firewall failure. Stateful firewall inspection is being used in the firewall implementation.
There have been numerous reports of dropped connections with external clients. Which of the following is MOST likely the cause of this problem?
Inbound packets are traversing the active firewall and return traffic is being sent through the passive firewall