OS Hardening – SEC340 chapter 3

Flashcards

Your page rank:

Total word count: 725
Pages: 3
Get Now

Calculate the Price

- -
275 words
Check Price
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

How does the CVE standard make network security devices and tools more effective?
a. it requires you to use compatible devices from one vendor
b. it warns an attacker that your site is being monitored
c. they can share information about attack signatures
d. the layered approach makes attacks nearly impossible

c. they can share information about attack signatures

In which type of scan does an attacker scan only ports that are commonly used by specific programs?
Select one:
a. vanilla scan
b. strobe scan
c. random scan
d. ping sweep

b. strobe scan

Of what category of attack is a DoS attack an example?
Select one:
a. single-packet attack
b. multiple-packet attack
c. suspicious data payload
d. bad header information

b. multiple-packet attack

Under which attack category does a UNIX Sendmail exploitation fall?
Select one:
a. multiple-packet attack
b. single-packet attack
c. bad header information
d. suspicious data payload

d. suspicious data payload

Under which suspicious traffic signature category would a port scan fall?
Select one:
a. reconnaissance
b. denial of service
c. informational
d. unauthorized access

a. reconnaissance

What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?
Select one:
a. checksum
b. parity bit
c. CRC value
d. fragment offset

a. checksum

What is the packet called where a Web browser sends a request to the Web server for Web page data?
Select one:
a. HTML RELAY
b. HTTP GET
c. HTTP XFER
d. HTML SEND

b. HTTP GET

What is the sequence of packets for a successful three-way handshake?
Select one:
a. SYN, ACK, ACK
b. SYN, SYN ACK, ACK
c. SYN, ACK, FIN
d. SYN, SYN ACK, RST

b. SYN, SYN ACK, ACK

What is the term used when an IDPS doesn’t recognize that an attack is underway?
Select one:
a. negative activity
b. positive signature
c. false negative
d. true positive

c. false negative

What is the typical packet sequence for closing a TCP session?
Select one:
a. FIN, FIN ACK, RST
b. FIN, ACK, FIN ACK, ACK
c. FIN ACK, FIN, ACK, RST
d. FIN, FIN ACK

b. FIN, ACK, FIN ACK, ACK

What type of attack does a remote-access Trojan attempt to perpetrate?
Select one:
a. back door
b. composite attack
c. remote denial of service
d. worm

a. back door

Which element of an ICMP header would indicate that the packet is an ICMP echo request message.
Select one:
a. Identifier
b. Code
c. Data
d. Type

d. Type

Which of the following correctly represents the port used by FTP control traffic and FTP file transfer traffic respectively?
Select one:
a. 21, 20
b. 20, 25
c. 21, 23
d. 20, 23

a. 21, 20

Which of the following is an accurate set of characteristics you would find in an attack signature?
Select one:
a. IP address, attacker’s alias, UDP options
b. IP address, TCP flags, port numbers
c. protocol options, TCP ports, region of origin
d. IP number, MAC address, TCP options

b. IP address, TCP flags, port numbers

Which of the following is an element of the TCP header that can indicate that a connection has been established?
Select one:
a. Flags
b. SEQ/ACK analysis
c. Stream index
d. Sequence number

a. Flags

Which of the following is NOT a category of suspicious TCP/IP packet?
Select one:
a. suspicious data payload
b. suspicious CRC value
c. single-packet attacks
d. bad header information

b. suspicious CRC value

Which of the following is NOT among the items of information that a CVE reference reports?
Select one:
a. attack signature
b. reference in other databases
c. name of the vulnerability
d. description of vulnerability

a. attack signature

Which of the following is the description of a land attack?
Select one:
a. source and destination IP address/port are the same
b. the local host source address occurs in the packet
c. the attacker uses an undefined protocol number
d. an illegal TCP flag is found in the segment header

a. source and destination IP address/port are the same

Which TCP flag can be the default response to a probe on a closed port?
Select one:
a. SYN
b. PSH
c. RST
d. URG

c. RST

Which type of scan has the FIN, PSH, and URG flags set?
Select one:
a. Null scan
b. FIN scan
c. SYN Scan
d. Xmas scan

d. Xmas scan

Share This
Flashcard

Like the Tone?
You can get your paper edited to read like this. Work with our consultant to learn what to alter
Get pro Tips

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending

Click here