User Account

All Pages

Describe two important defensive steps or mechanisms

Assignment Help Computer Networking
Reference no: EM13314365

1. Which of the following is NOT one of the recognized virus or malware phases?

a) Triggering
b) Execution
c) Dormant
d) Stealth

2. Briefly describe what "blended attack" means with regard to malware.

3. Match the following with the words that best describe them.

Rootkit; Social engineering; Spyware; Worm; Malicious mobile code;

Backdoor; Bot/Zombie; Cross-site scripting; Zero-day exploits

a) An injection of malicious code/script into a vulnerable website so that a visitor's browser will execute it ____________________
b) Replicating program that propagates over a network ____________________
c) Lightweight program that is downloaded from a remote system and executed locally with minimal or no user intervention ____________________
d) An attack/activity that takes advantage of a previously unknown vulnerability ____________________
e) Mechanism that bypasses normal security to allow unauthorized access ____________________
f) Program taking over network attached computers to launch hard to trace attacks ____________________

4. Identify and briefly describe the key characteristic of any one of the primary anti-virus software approaches/generations/forms.

5. Which of the following is the advanced characteristic of malware which indicates it uses multiple infection vectors?

a) Polymorphic
b) Multipartite
c) Stealth
d) Metamorphic

6. TRUE / FALSE The graph that a typical worm propagation model creates is a straight, nearly 45o diagonal line similar to this:

7. What are two categories of "resources" that could be attacked/exhausted as the result of a denial of service attack?

8. What type of packets could be used for flooding DoS attacks?

a) ICMP
b) TCP SYN
c) UDP
d) All of the above

9. Identify and briefly describe an important architectural element/feature that is typically used to make a denial of service attack "Distributed."

10. Which of the following most correctly explains the difference between a reflection attack and an amplification attack?

a) A reflection attack is a sub-category of amplification attacks that differs in that it sends packets to hosts instead of servers.
b) Amplification attacks are distributed, and reflection attacks are not.
c) An amplification attack is a variation of a reflection attack that differs in that it generates multiple response packets for each original packet sent.
d) They are essentially the same thing.

11. Identify and briefly describe two important defensive steps or mechanisms that can be used against DDoS attacks.

12. Which of the following is most important in the success of DoS attacks?

a) Stealth
b) Control
c) Message content
d) Volume

13. Briefly define what is meant by an "insider" or "inside threat" AND identify two things an insider might do on your network or system.

14. Which of the following is the best definition of the scanning phase of an attack?

a) Detecting vulnerabilities
b) Finding systems
c) Maintaining access
d) Exploiting vulnerabilities

15. Briefly describe the difference between a "white hat hacker" and a "black hat hacker" in today's environment.

16. Which of the following is NOT a typical IDS component?

a) Analyzers
b) Logger
c) User interface
d) Sensors

17. Match the following terms with the words that best describe them Anomaly Detection; Network based IDS; Host based IDS; Signature Detection

a) Monitors characteristics and events on a single host for suspicious activity ____________________
b) Observation of events on a system and applying a set of rules to decide if intruder activity is involved ____________________
c) Monitors network traffic for suspicious activity ____________________
d) Collection and analysis of data relating to the behavior of legitimate users over a period of time ____________________

18. Identify any of the "measures that may be used for intrusion detection" (things/events that IDS look for) AND discuss how monitoring this measure might lead to a "false alarm" by your IDS. (2 parts)

19. TRUE / FALSE A honeypot or honeynet is a defensive "sticky" area of your network meant to slow the attacker down by filtering their traffic.

20. List three design goals (desired characteristics) for a firewall.

21. Which of the following is NOT true with regard to Packet Filtering firewalls?

a) Monitors the status of TCP connections
b) Examines information in packet headers
c) Can discard or forward inspected packets
d) Examines source and destination addresses

22. Which of the following is TRUE with regard to Stateful Inspection firewalls?

a) Only reviews header information
b) Evaluates the data/content of a packet for legality
c) Does not consider port numbers
d) Tracks TCP sequence numbers in decision making

23. How does Unified Threat Management (UTM) differ from a firewall? (3 pts)

24. Match the following with the words that best describe them.

Bastion Host; Application gateway; Circuit-level gateway;

Personal firewall; UTM; DMZ; SNORT; Sandbox;

a) Network area which provides a protective barrier between external/untrusted sources of traffic and an internal network ____________________
b) An isolated system area used to quarantine code ____________________
c) Middle man for TCP connections between an inside user and an outside host
____________________
d) Controls traffic flow to/from a PC/workstation ____________________
e) Critical strongpoint in network ____________________
f) Acts as a relay of application-level traffic ____________________

25. TRUE / FALSE The ordering of firewall rules does not impact the proper operation of a firewall.

26. In your own layman's words, explain what a buffer overflow is AND identify one (1) possible immediate impact a buffer overflow can result in (in other words, identify something bad that could happen next).

27. Which of the following best describes a key thing that must be identified to successfully implement a buffer overflow attack?

a) Must understand how a program has been fuzzed
b) Must identify exactly how many characters of input are expected
c) Must understand how/where the buffer is stored
d) Must identify the exact sequence of calls to libraries in a program

28. Name three (3) areas of computer memory that overflow attacks can typically target.

29. Which of the following best describes why some high-level programming languages are less vulnerable to buffer overflows?

a) Mandatory use of guard bands in memory
b) Strong notion of type for variables and valid operations
c) The mixing of assembly language and graphical interfaces
d) No buffers are used

30. Which of the following is NOT true with regard to the use of Shellcode in overflow attacks?

a) Can be saved in buffer being overflowed
b) Requires only rudimentary knowledge of scripting
c) Specific to processor and operating system
d) Used to transfer control to a command line/shell

31. Name and very briefly describe two approaches or mechanisms used to defend against buffer overflow attacks.

Reference no: EM13314365

Questions Cloud

Is factory farming morally justifiable : Are corporations obliged to help combat social problems and is factory farming morally justifiable?
Determine the increase in internal energy of the system : The only work interaction between the system and the surroundings is via the paddle wheel. The work done on the system via the paddle wheel is 220 ft*Ibf and the heat interaction can be assumed negligible.
Write a module case study regarding the nextgen air : Write a module case study regarding the NextGen Air Transportation System:
What is the work done on the box : A rope is used to pull a block a horizontal distance of 50 metres. If the rope tension is 120 N, What is the work done on the box
Describe two important defensive steps or mechanisms : Identify any of the "measures that may be used for intrusion detection" (things/events that IDS look for) AND discuss how monitoring this measure might lead to a "false alarm" by your IDS.
Enthalpy of formation data to compute the number of moles : Use enthalpy of formation data to calculate the number of moles of CO2(g) produced per megajoule of heat released from the combustion of each fuel under standard conditions
Determine what is the minimum pipe diameter in the tube : Helium(15 degrees celsius, 1atm) will be transported in a straight horizontal copper tube over a distance of 150 m at a rate of 0.1 m^3/s. If the pressure drop in the tube should exceed 6 in h20, what is the minimum pipe diameter
Analyse and evaluate the major unique human factors : Analyze and evaluate the major unique human factors
Explain the relative molar amounts of the species : Identify the relative molar amounts of the species in 0.10 M NaBr(aq). If equal, place the species in the same box. H2O OH- H30+ Br- Na+ NaBr

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd