User Account

All Pages

Describe two important defensive steps or mechanisms

Assignment Help Computer Networking
Reference no: EM13314365

1. Which of the following is NOT one of the recognized virus or malware phases?

a) Triggering
b) Execution
c) Dormant
d) Stealth

2. Briefly describe what "blended attack" means with regard to malware.

3. Match the following with the words that best describe them.

Rootkit; Social engineering; Spyware; Worm; Malicious mobile code;

Backdoor; Bot/Zombie; Cross-site scripting; Zero-day exploits

a) An injection of malicious code/script into a vulnerable website so that a visitor's browser will execute it ____________________
b) Replicating program that propagates over a network ____________________
c) Lightweight program that is downloaded from a remote system and executed locally with minimal or no user intervention ____________________
d) An attack/activity that takes advantage of a previously unknown vulnerability ____________________
e) Mechanism that bypasses normal security to allow unauthorized access ____________________
f) Program taking over network attached computers to launch hard to trace attacks ____________________

4. Identify and briefly describe the key characteristic of any one of the primary anti-virus software approaches/generations/forms.

5. Which of the following is the advanced characteristic of malware which indicates it uses multiple infection vectors?

a) Polymorphic
b) Multipartite
c) Stealth
d) Metamorphic

6. TRUE / FALSE The graph that a typical worm propagation model creates is a straight, nearly 45o diagonal line similar to this:

7. What are two categories of "resources" that could be attacked/exhausted as the result of a denial of service attack?

8. What type of packets could be used for flooding DoS attacks?

a) ICMP
b) TCP SYN
c) UDP
d) All of the above

9. Identify and briefly describe an important architectural element/feature that is typically used to make a denial of service attack "Distributed."

10. Which of the following most correctly explains the difference between a reflection attack and an amplification attack?

a) A reflection attack is a sub-category of amplification attacks that differs in that it sends packets to hosts instead of servers.
b) Amplification attacks are distributed, and reflection attacks are not.
c) An amplification attack is a variation of a reflection attack that differs in that it generates multiple response packets for each original packet sent.
d) They are essentially the same thing.

11. Identify and briefly describe two important defensive steps or mechanisms that can be used against DDoS attacks.

12. Which of the following is most important in the success of DoS attacks?

a) Stealth
b) Control
c) Message content
d) Volume

13. Briefly define what is meant by an "insider" or "inside threat" AND identify two things an insider might do on your network or system.

14. Which of the following is the best definition of the scanning phase of an attack?

a) Detecting vulnerabilities
b) Finding systems
c) Maintaining access
d) Exploiting vulnerabilities

15. Briefly describe the difference between a "white hat hacker" and a "black hat hacker" in today's environment.

16. Which of the following is NOT a typical IDS component?

a) Analyzers
b) Logger
c) User interface
d) Sensors

17. Match the following terms with the words that best describe them Anomaly Detection; Network based IDS; Host based IDS; Signature Detection

a) Monitors characteristics and events on a single host for suspicious activity ____________________
b) Observation of events on a system and applying a set of rules to decide if intruder activity is involved ____________________
c) Monitors network traffic for suspicious activity ____________________
d) Collection and analysis of data relating to the behavior of legitimate users over a period of time ____________________

18. Identify any of the "measures that may be used for intrusion detection" (things/events that IDS look for) AND discuss how monitoring this measure might lead to a "false alarm" by your IDS. (2 parts)

19. TRUE / FALSE A honeypot or honeynet is a defensive "sticky" area of your network meant to slow the attacker down by filtering their traffic.

20. List three design goals (desired characteristics) for a firewall.

21. Which of the following is NOT true with regard to Packet Filtering firewalls?

a) Monitors the status of TCP connections
b) Examines information in packet headers
c) Can discard or forward inspected packets
d) Examines source and destination addresses

22. Which of the following is TRUE with regard to Stateful Inspection firewalls?

a) Only reviews header information
b) Evaluates the data/content of a packet for legality
c) Does not consider port numbers
d) Tracks TCP sequence numbers in decision making

23. How does Unified Threat Management (UTM) differ from a firewall? (3 pts)

24. Match the following with the words that best describe them.

Bastion Host; Application gateway; Circuit-level gateway;

Personal firewall; UTM; DMZ; SNORT; Sandbox;

a) Network area which provides a protective barrier between external/untrusted sources of traffic and an internal network ____________________
b) An isolated system area used to quarantine code ____________________
c) Middle man for TCP connections between an inside user and an outside host
____________________
d) Controls traffic flow to/from a PC/workstation ____________________
e) Critical strongpoint in network ____________________
f) Acts as a relay of application-level traffic ____________________

25. TRUE / FALSE The ordering of firewall rules does not impact the proper operation of a firewall.

26. In your own layman's words, explain what a buffer overflow is AND identify one (1) possible immediate impact a buffer overflow can result in (in other words, identify something bad that could happen next).

27. Which of the following best describes a key thing that must be identified to successfully implement a buffer overflow attack?

a) Must understand how a program has been fuzzed
b) Must identify exactly how many characters of input are expected
c) Must understand how/where the buffer is stored
d) Must identify the exact sequence of calls to libraries in a program

28. Name three (3) areas of computer memory that overflow attacks can typically target.

29. Which of the following best describes why some high-level programming languages are less vulnerable to buffer overflows?

a) Mandatory use of guard bands in memory
b) Strong notion of type for variables and valid operations
c) The mixing of assembly language and graphical interfaces
d) No buffers are used

30. Which of the following is NOT true with regard to the use of Shellcode in overflow attacks?

a) Can be saved in buffer being overflowed
b) Requires only rudimentary knowledge of scripting
c) Specific to processor and operating system
d) Used to transfer control to a command line/shell

31. Name and very briefly describe two approaches or mechanisms used to defend against buffer overflow attacks.

Reference no: EM13314365

Questions Cloud

Is factory farming morally justifiable : Are corporations obliged to help combat social problems and is factory farming morally justifiable?
Determine the increase in internal energy of the system : The only work interaction between the system and the surroundings is via the paddle wheel. The work done on the system via the paddle wheel is 220 ft*Ibf and the heat interaction can be assumed negligible.
Write a module case study regarding the nextgen air : Write a module case study regarding the NextGen Air Transportation System:
What is the work done on the box : A rope is used to pull a block a horizontal distance of 50 metres. If the rope tension is 120 N, What is the work done on the box
Describe two important defensive steps or mechanisms : Identify any of the "measures that may be used for intrusion detection" (things/events that IDS look for) AND discuss how monitoring this measure might lead to a "false alarm" by your IDS.
Enthalpy of formation data to compute the number of moles : Use enthalpy of formation data to calculate the number of moles of CO2(g) produced per megajoule of heat released from the combustion of each fuel under standard conditions
Determine what is the minimum pipe diameter in the tube : Helium(15 degrees celsius, 1atm) will be transported in a straight horizontal copper tube over a distance of 150 m at a rate of 0.1 m^3/s. If the pressure drop in the tube should exceed 6 in h20, what is the minimum pipe diameter
Analyse and evaluate the major unique human factors : Analyze and evaluate the major unique human factors
Explain the relative molar amounts of the species : Identify the relative molar amounts of the species in 0.10 M NaBr(aq). If equal, place the species in the same box. H2O OH- H30+ Br- Na+ NaBr

Reviews

Write a Review

Computer Networking Questions & Answers

  Computing ip addresses per subnet

How many IP addresses would they have per subnet?

  Explain why select peer-to-peer-server-based for employees

Individual employees also should be able to control resources on their own machines. Would you select peer-to-peer, a server-based, or hybrid network? Explain why?

  Adding four servers to network to share file

Manager would like to add four servers to network so employees can share files. Manager would also like to permit VPN access for her employees so they can work remotely.

  Why does http at the application layer uses tcp

Why does HTTP at the application layer uses TCP while DNS uses UDP when it passes its message packet with overhead to the Transport Layer and then hand it off to the Network Layer?

  Wireless network modulation schemes essential in networking

Describe what wireless network modulation schemes are and why they are essential in wireless networking. Choose one of the modulation schemes and sum-up it.

  Ipsec gives security at network layer

If IPSec gives security at network layer, why is it that security mechanisms are still require at layers above IP?

  Developments in adsl broadband technologies

Show practical and theoretical knowledge of LAN/Internet technologies

  What network hardware needed for networking project

You are to network a ten story building capable of supporting 100 computers on each floor. What network hardware will be needed to accomplish the networking project?

  Use a search engine to identify

Use a search engine to identify the positions of Google and Apple regarding cell phone tracking. What reasons do the give for tracking cell phones? What limitations do you think they might support?

  Use company-s existing lan to replace company-s pbx

Investigate and write down the report on using Internet phone and company's existing LAN to replace company's PBX.

  Time taken by material to be transmitted over t facility

Assume the material is to be transmitted over  T-1 facility (1.544 Mbps). How long will it take, exclusive of overhead, to transmit volume?

  Determine the maximum sustainable data rate

New token is put into bucket every 5 μsec. Each token is good for one cell, which comprises 48 bytes of data. Determine the maximum sustainable data rate?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd