Chapter 4

 Question 1
10 out of 10 points

Digital certificate authentication fails if the supplicant ________.

Selected Answer: learns the true party's private key

 Question 2
10 out of 10 points

In distributed DoS attacks, the attacker sends messages directly to ________.

Selected Answer: none of the above

 Question 3
10 out of 10 points

When a packet that is part of an ongoing connection arrives at a stateful inspection

firewall, the firewall usually ________.

Selected Answer: passes the packet

 Question 4
10 out of 10 points

Authentication should generally be ________.

Selected Answer: appropriate for a specific resource

 Question 5
10 out of 10 points

When a packet that is not part of an ongoing connection and that does not attempt to
open a connection arrives at a stateful inspection firewall, the firewall ________.

Selected Answer: drops the packet

 Question 6
10 out of 10 points

In digital certificate authentication, the supplicant encrypts the challenge message

with ________.

Selected Answer: the supplicant's private key

 Question 7
10 out of 10 points

For sensitive assets, reusable passwords ________.

Selected Answer: should not be used

 Question 8
10 out of 10 points

________ look at ________, while ________ mostly look at ________.

Selected Answer: Antivirus programs; files; firewalls; packets
 Question 9
10 out of 10 points

In digital certificate authentication, the verifier decrypts the challenge message with
________.

the true party's public key

Selected Answer:
 Question 10
10 out of 10 points

Compared to NGFWs, IDSs ________.

look for different threats

Selected Answer:
 Question 11
10 out of 10 points

In most encryption, keys must be at least ________ long to be considered safe.

128 bits
Selected Answer:
 Question 12
10 out of 10 points

For reusable passwords, NIST now recommends ________.

that passwords be easy to remember

Selected Answer:
 Question 13
10 out of 10 points

Which type of firewall filtering collects streams of packets to analyze them as a

group?

NGFW
Selected Answer:
 Question 14
10 out of 10 points

How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP
segment that contains an acknowledgement?

pass it if it is part of an approved connection

Selected Answer:
 Question 15
10 out of 10 points

In authentication, the ________ is the party trying to prove his or her identity.

supplicant
Selected Answer:
 Question 16
10 out of 10 points
A specific encryption method is called a ________.

cipher
Selected Answer:
 Question 17
10 out of 10 points

SPI firewalls are attractive because of their ________.

low cost
Selected Answer:
 Question 18
10 out of 10 points

How did the Target attackers obtain the stolen information?

none of the above.

Selected Answer:
 Question 19
10 out of 10 points

If a packet is highly suspicious but not a provable attack packet, an ________ may
drop it.

none of the above

Selected Answer:
 Question 20
10 out of 10 points

SPI firewalls are being replaced in large part because they are limited in their ability
to detect ________.

port spoofing
Selected Answer:
 Question 21
10 out of 10 points

________ is the general name for malware on a user's PC that collects sensitive
information and sends this information to an attacker.

Spyware
Selected Answer:
 Question 22
10 out of 10 points

You click on a link expecting to go to a legitimate website but are directed to a

website that contains information you are not authorized to see. You exit without
looking around. is that hacking?

no
Selected Answer:
 Question 23
10 out of 10 points

The digital certificate provides the ________.

Selected Answer: none of the above

  Question 24
10 out of 10 points

In a DDoS attack, a ________ sends messages directly to the victim.

bot
Selected Answer:
 Question 25
10 out of 10 points

Which of the following is the most frustrating to use?

Selected Answer: IDSs