Professional Documents
Culture Documents
port redirection
reconnaissance
trust exploitation
12. What occurs during the persist phase of a worm attack?
identification of vulnerable targets
modification of system files and registry settings to ensure that the attack code is
running
transfer
er of exploit code through an attack vector
extension of the attack to vulnerable neighboring targets
13. What are the three major components of a worm attack? (Choose three.)
enabling vulnerability
infecting vulnerability
payload
penetration mechanism
probing mechanism
propagation mechanism
14. A network administrator detects unknown sessions involving port 21 on the
network. What could be causing this security breach?
An FTP Trojan Horse is executing.
A reconnaissance attack is occurring.
A denial of service attack is occurring.
Cisco Security Agent is testing the network.
15. What are three goals of a port scan attack? (Choose three.)
disable used ports and services
determine potential vulnerabilities
identify active services
identify peripheral configurations
identify operating systems
discover system passwords
16. How is a Smurf attack conducted?
by sending a large number of packets, overflowing the allocated buffer memory
of the target device
by sending an echo request in an IP packet larger than the maximum packet size
of 65,535 bytes
by sending a large number of ICMP requests to directed broadcast addresses
from a spoofed source address on the
t same network
by sending a large number of TCP SYN packets to a target device from a
spoofed source address
17. Which access attack method involves a software program attempting to discover a
system password by using an electronic dictionary?
buffer overflow attack
port redirection attack
Denial of Service attack
brute-force
force attack
IP spoofing attack
tack
packet sniffer attack
18 Which two network security solutions can be used to mitigate DoS attacks? (Choose
two.)
virus scanning
data encryption
anti-spoofing
spoofing technologies
intrusion protection systems
applying user authentication
19. Which phase of worm mitigation involves terminating the worm process, removing
modified files or system settings that the worm introduced, and patching the
vulnerability that the worm used to exploit the system?
containment
inoculation
quarantine
treatment
20. Which characteristic best describes the network security Compliance domain as
specified by the ISO/IEC?
the integration of security into applications
an inventory and classification scheme for information assets
the restriction of access rights to networks, systems, applications, functions, and
data
the process of ensuring conformance with
with security information policies,
standards, and regulations
21. Which statement describes phone freaking?
A hacker uses password-cracking
password cracking programs to gain access to a computer via a
dialup account.
A hacker gains unauthorized access to networks via wireless access points.
A hacker mimics a tone using a whistle to make free long-distance
long distance calls on an
analog telephone network.
A hacker uses a program
gram that automatically scans telephone numbers within a
local area, dialing each one in search of computers, bulletin board systems, and
fax machines.