Security+ Network Security Fundamentals Chapter 3 & 4
Unlock all answers in this set
Unlock answersquestion
Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.
answer
False
question
Because of the minor role it plays, DNS is never the focus of attacks.
answer
False
question
What language below is used to view and manipulate data that is stored in a relational database?
answer
SQL
question
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
answer
whatever' AND email IS NULL; --
question
Which SQL injection statement example below could be used to discover the name of the table?
answer
whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
question
Choose the SQL injection statement example below that could be used to find specific users
answer
whatever' OR full_name LIKE '%Mia%'
question
Which SQL injection statement can be used to erase an entire database table?
answer
whatever'; DROP TABLE members; --
question
Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.
answer
True
question
HTML uses which option below within embedded brackets () causing a web browser to display text in a specific format?
answer
tags
question
ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies.
answer
False
question
What language below is designed to display data, with a primary focus on how the data looks?
answer
HTML
question
XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.
answer
True
question
What language below is for the transport and storage of data, with the focus on what the data is?
answer
XML
question
To what specific directory are users generally restricted to on a web server?
answer
root
question
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?
answer
C:Inetpub wwwroot
question
Select below the string of characters that can be used to traverse up one directory level from the root directory:
answer
../
question
Attacks that take place against web based services are considered to be what type of attack?
answer
server-side
question
A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?
answer
drive-by-download
question
What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?
answer
HTTP header
question
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
answer
Session hijacking
question
Which type of attack below is similar to a passive man-in-the-middle attack?
answer
replay
question
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
answer
DNS
question
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
answer
DNS poisoning
question
The exchange of information among DNS servers regarding configured zones is known as:
answer
zone transfer
question
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?
answer
Privilege escalation
question
A web browser makes a request for a web page using the ________________.
answer
HTTP - Hypertext Transport Protocol
question
A(n) ____________________ cookie is stored in Random Access Memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting the Web site.
answer
session
question
The predecessor to today's Internet was a network known as ____________________.
answer
ARPRANET
question
Ethernet LAN networks utilize the physical _________________ address to send packets.
answer
MAC
question
A TCP/IP communication begins with a control message, known as a ________________, to initialize the connection.
answer
SYN
question
1. Address Resolution Protocol (ARP) 2. ARP Poisoning 3. Buffer overflow attack 4. Command injection 5. Cross-site scripting (XSS) 6. DNS poisoning 7. Flash cookie 8. Ping flood 9. Session token 10. Smurf attack
answer
Match the following terms to the appropriate definitions. __2__ An attack that corrupts the ARP cache __3__ An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer __4__ Injecting and executing commands to execute on a server __5__ An attack that injects scripts into a web application server to direct attacks at clients. __9__ A form of verification used when accessing a secure web application __8__ An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets. __6__ An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device. __10__ An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim. __1__ Part of the TCP/IP protocol for determining the MAC address based on the IP address. __7__ Another name for locally shared object (LSO)
question
Combination padlocks consist of buttons that must be pushed in the proper sequence in order to be unlocked.
answer
False
question
Cipher locks are sometimes combined with what type of sensor, which uses infrared beams that are aimed across a doorway?
answer
Tailgate sensors
question
Instead of using a key or entering a code to open a door, a user can use an object, such as an ID badge, to identify themselves in order to gain access to a secure area. What term describes this type of object?
answer
physical token
question
Proximity readers utilize a special type of tag that can be affixed to the inside of an ID badge. What is the name for this type of tag?
answer
Radio Frequency Identification tag (RFID)
question
What is the maximum effective range of a typical passive RFID tag?
answer
19
question
Keyed entry locks are much more difficult to defeat than deadbolt locks.
answer
False
question
How can an area be made secure from a non-secured area via two interlocking doors to a small room?
answer
Using a mantrap
question
DLP agent sensors are unable to read inside compressed files and binary files.
answer
False
question
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the surveillance?
answer
CCTV
question
Most portable devices, and some computer monitors, have a special steel bracket security slot built into the case, which can be used in conjunction with a:
answer
cable lock
question
A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology?
answer
Anti-climb
question
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology?
answer
roller barrier
question
What is the name for a standard or checklist against which systems can be evaluated and audited for their level of security (security posture)?
answer
baseline
question
Which of the following is not one of the types of settings that would be included in a Microsoft Windows security template?
answer
Resolution settings
question
What is the name for a cumulative package of all patches and hotfixes as well as additional features up to a given point?
answer
service pack
question
Instead of trying to make a match, modern AV techniques are beginning to use a type of detection that attempts to identify the characteristics of a virus. What is the name for this technique?
answer
heuristic detection
question
What type of device, sometimes called a packet filter, is designed to prevent malicious network packets from entering or leaving computers or networks?
answer
firewall
question
Select the tool below that consists of a system of security tools that is used to recognize and identify data that is critical to an organization and ensure that it is protected:
answer
Data Loss Prevention
question
Most DLP systems make use of what method of security analysis below?
answer
Content inspection
question
Anti-virus products typically utilize what type of virus scanning analysis?
answer
Static analysis
question
What type of filtering utilizes a an analysis of the content of spam messages in comparison to neutral / non-spam messages in order to make intelligent decisions as to what should be considered spam?
answer
Bayesian filtering
question
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs.
answer
True
question
A system such as a printer, smart TV, or HVAC controller, typically uses an operating system on what is called a:
answer
Embedded system
question
What is the best way to prevent data input by a user from having potentially malicious effects on software?
answer
Escaping user responses
question
DLP agent sensors are installed on each host device, and monitor for actions such as printing, copying to a USB flash drive, and burning to a CD or DVD.
answer
True
question
____________________ locks keep a record of when the door was opened and by which code.
answer
Cipher
question
A(n) ____________________ is a record or list of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area.
answer
access list
question
____________________ security is the physical security that specifically involves protecting the hardware of the host system, particularly portable laptops, netbooks, and tablet computers that can easily be stolen.
answer
Hardware
question
____________________ paint is a nontoxic petroleum gel-based paint that is thickly applied and does not harden, making any coated surface very difficult to climb.
answer
Anticlimb
question
A _____________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ in order to keep information secure.
answer
security policy
question
Match the following terms to the appropriate definitions. __3__ An operating system for Google Android smartphones and other devices. __8__ A mobile operating system for Apple iPhones __9__ A nonrelational database that is better tuned for accessing large data sets. __5__ Spam filtering software that analyzes every word in an email and determines how frequently a word occurs in order to determine if it is spam. __1__ A paper or electronic record of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area __10__ Large-scale, industrial control systems. __7__ A software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a computer program. __4__ A structure designed to block the passage of traffic __6__ An attack that uses the user's web browser settings to impersonate the user __2__ Subtypes of security controls, classified as deterrent, preventive, detective, compensation, or corrective.
answer
1. Access list 2. Activity phase controls 3. Android 4. Barricade 5. Bayesian filtering 6. Cross-site request forgery (XSRF) 7. Fuzz testing 8. iOS 9. NoSQL 10. Supervisory control and data acquisition (SCADA)
