What is a dictionary attack (brute force attack)?Answer: Repeatedly generating passwords to attempt to guess a passw...
What command turns off DNS?
What command turns off DNS?Answer: no ip domain-loo...
What command explicitly sets the name server addresses?
What command explicitly sets the name server addresses?Answer: ip name-server addres...
What are the 2 main vulnerabilities of DNS?
What are the 2 main vulnerabilities of DNS?Answer: (1) Offers no authentication or integrity assurance (2) By default, name queries are sent to the...
What is the vulnerability of NTP?
What is the vulnerability of NTP?Answer: NTP leaves listening ports open and vulnera...
What is the vulnerability of SNMP?
What is the vulnerability of SNMP?Answer: Version 1 and Version 2 pass management information and community strings (passwords) in clear t...
Between Disrupt of peers and falsification of routing information, which one is worse and why?
Between Disrupt of peers and falsification of routing information, which one is worse and why?Answer: Disruption of peers is less critical because...
What are the consequences of falsifying routing information?
What are the consequences of falsifying routing information?Answer: (1) Redirect traffic to create routing loops (2) Redirect traffic so it can be...
What is a payload?
What is a payload?Answer: The data piece of a frame (IPv4 Pack...
Routing Systems can be attacked in what 2 ways?
Routing Systems can be attacked in what 2 ways?Answer: (1) Disruption of peers (2) Falsification of routing informat...
What is the problem with Simple Network Management Protocol version 1 (SNMPv1)?
What is the problem with Simple Network Management Protocol version 1 (SNMPv1)?Answer: It sends data in plaint...
What are the three steps to secure RIPv2 updates?
What are the three steps to secure RIPv2 updates?(1) Prevent RIP routing update propagation (2) Prevent Unauthorized Reception of RIP updates (3) Verify...
What are two common uses of Eavesdropping?
What are two common uses of Eavesdropping?Answer: (1) Info Gathering (2) Info th...
What uses a single command to disable non-essential system processes and services, eliminating potential security threats
What uses a single command to disable non-essential system processes and services, eliminating potential security threatsAnswer: AutoSec...
What mode automatically executes the auto secure command with the recommended Cisco default settings. This mode is enabled with the no-interact command option.
What mode automatically executes the auto secure command with the recommended Cisco default settings. This mode is enabled with the no-interact command...
What mode prompts you with options to enable and disable services and other security features?
What mode prompts you with options to enable and disable services and other security features?Answer: Interactive M...
What two modes can you use auto secure in?
What two modes can you use auto secure in?Answer: (1) Interactive mode (2) Non-interface m...
You can configure Auto Secure in privileged EXEC mode using what command ?
You can configure Auto Secure in privileged EXEC mode using what command ?Answer: auto sec...
What 5 factors will the cisco autoscecure ask you to number?
What 5 factors will the cisco autoscecure ask you to number?Answer: (1) Interface (2) Banners (3) Passwords (4) SSH (5) IOS Firewall FEatu...
Misconfiguring a router traffic filter can expose what?
Misconfiguring a router traffic filter can expose what?Answer: internal network components to scans and attacks, making it easier for attackers to...
A compromised route table can do what?
A compromised route table can do what?Answer: reduce performance, deny network communication services and expose sensitive da...
A compromised Access control list can expose what?
A compromised Access control list can expose what?Answer: network configuration details, thereby facilitating attacks against other network comp...
What security policies can be used specifically for remote access?
What security policies can be used specifically for remote access?Answer: (1) Dial-in Access Policy (2) Remote Access Policy (3) VPN Security Po...
What security policies can be used specifically for email?
What security policies can be used specifically for email?Answer: (1) Automatically Forward E-mail Policy (2) E-mail Policy (3) Spam Pol...
What are the 14 general security policies that an organization may invoke?
What are the 14 general security policies that an organization may invoke?(1) Statement of Authority and Scope (2) Acceptable Use Policy (AUP) (3) Identification...
A comprehensive security policy has what 4 characteristics?
A comprehensive security policy has what 4 characteristics?Answer: (1) Protects people and information (2) Sets the rules for expected behavior by...
A security policy benefits an organization in what 7 ways?
A security policy benefits an organization in what 7 ways?Answer: (1) Provides a means to audit existing network security and compare the requirements...
What part of the network security wheel is defined as the information collected from the monitoring and testing phases, IDSs can be used to develop and implement improvement mechanisms that augment the security policy and results in adding items to step 1
What part of the network security wheel is defined as the information collected from the monitoring and testing phases, IDSs can be used to develop and...
What part of the network security wheel is defined as the functionality of the security solutions implemented in step 1 and the system auditing and intrusion detection methods implemented in step 2 are verified.
What part of the network security wheel is defined as the functionality of the security solutions implemented in step 1 and the system auditing and intrusion...
What is considered to be a passive method in detecting security violations?
What is considered to be a passive method in detecting security violations?Answer: IDS devices to detect intrus...
What is considered to be an active method in detecting security violations?
What is considered to be an active method in detecting security violations?Answer: Audit host-level log fi...
In Step 2 of the network security wheel, what two types of methods are used to detect security violations?
In Step 2 of the network security wheel, what two types of methods are used to detect security violations?Answer: (1) Active Method (2) Passive ...
In step 1 of the network security wheel, what 2 security solutions must be implemented?
In step 1 of the network security wheel, what 2 security solutions must be implemented?Answer: (1) Threat Defense (2) Stateful inspection and packet...
What 4 factors does the security policy include?
What 4 factors does the security policy include?Answer: (1) Identifies the security objectives of the organization (2) Documents the resources to...
What does the Network Security Wheel Promote?
What does the Network Security Wheel Promote?Answer: Retesting and reapplying updated security measures on a continuous ba...
What are the four steps of the Network Security Wheel?
What are the four steps of the Network Security Wheel?Answer: (1) Secure (2) Monitor (3) Test (4) Impr...
What are the 3 types of technologies typically used for security?
What are the 3 types of technologies typically used for security?Answer: (1) Firewall (2) Intrusion Prevention (3) ...
What are the three building blocks that are apart of the integrated approach to security appliances and applications?
What are the three building blocks that are apart of the integrated approach to security appliances and applications?Answer: (1) Threat Control (1a)...
How are agents typically installed?
How are agents typically installed?Answer: On publicly accessible servers and corporate mail and application servers. Agent reports events to a central...
How does SICO provide HIPS?
How does SICO provide HIPS?Answer: Security Agent Softw...
What is an inline technology; it stops the attack, prevents damage and blocks the propagation of worms and viruses and can be set to shut down the network connection or to stop impacted services automatically. Corrective action can be taken immediately
What is an inline technology; it stops the attack, prevents damage and blocks the propagation of worms and viruses and can be set to shut down the network...
What is a passive technology; it sends logs to a management console after the attack has occurred and the damage is done
What is a passive technology; it sends logs to a management console after the attack has occurred and the damage is doneAnswer: Host-Based Intrusion...
Can both Prevention and Reaction active defenses be implemented simultaneously in Intrusion Prevention Systems?
Can both Prevention and Reaction active defenses be implemented simultaneously in Intrusion Prevention Systems?Answer: ...
What two active defenses does Intrusion Prevention systems provide?
What two active defenses does Intrusion Prevention systems provide?Answer: (1) Prevention (1a) Stops the detected attack from executing (2) Reaction...
What detects attacks and sends logs to a management console?
What detects attacks and sends logs to a management console?Answer: Intrusion Detection Sys...
What is a solution to the problem of downloading security updates and patching vulnerable systems with uncontrolled systems in a local network or systems remotely connected via VPN and RAS
What is a solution to the problem of downloading security updates and patching vulnerable systems with uncontrolled systems in a local network or systems...
What is the most effective way to mitigate a worm and its variants?
What is the most effective way to mitigate a worm and its variants?Answer: Download security updates and patch all vulnerable syst...
What are 2 examples of Host and Server based security (Device Hardening)
What are 2 examples of Host and Server based security (Device Hardening)Answer: (1) Antivirus Software (2) Personal Firewa...
What are the three simple steps that should be taken when a new operating system is installed on a computer?
What are the three simple steps that should be taken when a new operating system is installed on a computer?Answer: (1) Default usernames and passwords...
What is classified as an entire application being written to look like something else, when in fact it is an attack tool.
What is classified as an entire application being written to look like something else, when in fact it is an attack tool.Answer: Trojan Ho...
What is the key element that distinguishes a computer worm from a computer virus?
What is the key element that distinguishes a computer worm from a computer virus?Answer: Human interaction is required to facilitate the spread of...
What normally requires a delivery mechanism-a vector-such as a zip file or some other executable file attached to an e-mail, to carry the virus code from one system to another.
What normally requires a delivery mechanism-a vector-such as a zip file or some other executable file attached to an e-mail, to carry the virus code from...
What is malicious software that is attached to another program for the purpose of executing a particular unwanted function on a workstation.
What is malicious software that is attached to another program for the purpose of executing a particular unwanted function on a workstation.Answer:&n...
What part of the worm anatomy is classified as when once a host is infected with a worm, the attacker has access to the host, often as a privileged user. Attackers could use a local exploit to escalate their privilege level to administrator
What part of the worm anatomy is classified as when once a host is infected with a worm, the attacker has access to the host, often as a privileged user....
What part of the worm anatomy is classified as when after gaining access to a host, a worm copies itself to that host and then selects new targets
What part of the worm anatomy is classified as when after gaining access to a host, a worm copies itself to that host and then selects new targetsAnswer: Propagation...
What part of the worm anatomy is classified as when the worm installs itself by exploiting known vulnerabilities in systems, such as naïve end users who open unverified executable attachments in e-mails
What part of the worm anatomy is classified as when the worm installs itself by exploiting known vulnerabilities in systems, such as naïve end users who...
What are the three anatomy parts the worm attack?
What are the three anatomy parts the worm attack?Answer: (1) The enabling vulnerability (2) Propagation Mechanism (3) Payl...
What is the primary form of attack on end-user workstations?
What is the primary form of attack on end-user workstations?Answer: Worm, Virus, and Trojan Horse Atta...
What are 4 examples of Distributed Denial of Service Attacks?
What are 4 examples of Distributed Denial of Service Attacks?Answer: (1) SMURF Attack (2) Tribe Flood Network (TFN) (3) Stacheldraht (4) MyD...
What attacks are designed to saturate network links with illegitimate data
What attacks are designed to saturate network links with illegitimate dataAnswer: Distributed Denial of Service Atta...
What are programs send bulk e-mails monopolizing services.
What are programs send bulk e-mails monopolizing services.Answer: e-mail bo...
These attacks are Java, JavaScript, or ActiveX that cause destruction or tie up computer resources
These attacks are Java, JavaScript, or ActiveX that cause destruction or tie up computer resourcesAnswer: Malicious appl...
What are the four most common types of DoS Attacks?
What are the four most common types of DoS Attacks?Answer: (1) Ping of Death (2) SYN Flood (3) E-mail Bombs (4) Malicious Appl...
What can be used to mitigate LAN Man in the middle attacks?
What can be used to mitigate LAN Man in the middle attacks?Answer: Port Security on LAN switc...
What 2 software solutions are used in LAN Man in the middle attacks?
What 2 software solutions are used in LAN Man in the middle attacks?Answer: (1) ettercap (2) ARP poison...
WAN Man-in-the-middle attacks can be mitigated using what?
WAN Man-in-the-middle attacks can be mitigated using what?Answer: VPN tunn...
What type of attack is carried out by attackers that position themselves between two hosts.
What type of attack is carried out by attackers that position themselves between two hosts.Answer: Man-in-the-mid...
Port redirection can be mitigated through the use a host-based what?
Port redirection can be mitigated through the use a host-based what?Answer: Intrusion Detection System (I...
What utility provides the port redirection attack?
What utility provides the port redirection attack?Answer: net...
What type of trust exploitation attack uses a compromised host to pass traffic through a firewall that would otherwise be blocked.
What type of trust exploitation attack uses a compromised host to pass traffic through a firewall that would otherwise be blocked.Answer: Port R...
What type of attack is to compromise a trusted host, using it to stage attacks on other hosts in a network.If a host in a network of a company is protected by a firewall (inside host), but is accessible to a trusted host outside the firewall (outside host), the inside host can be attacked through the trusted outside host.
What type of attack is to compromise a trusted host, using it to stage attacks on other hosts in a network.If a host in a network of a company is protected...
What are the two types of vulnerabilities exploited in an access attack?
What are the two types of vulnerabilities exploited in an access attack?Answer: (1) Passwords (2) Trust Exploitat...
What type of attack exploits vulnerabilities in authentication, FTP, and Web services to gain entry to Web accounts, confidential databases and sensitive information
What type of attack exploits vulnerabilities in authentication, FTP, and Web services to gain entry to Web accounts, confidential databases and sensitive...
What are the three most effect methods for counteracting eavesdropping?
What are the three most effect methods for counteracting eavesdropping?Answer: (1) Using switched networks instead of hubs (2) Using encryption that...
What is classified as Internal attackers attempting to "eavesdrop" on network traffic.
What is classified as Internal attackers attempting to "eavesdrop" on network traffic.Answer: Packet Sniff...
What are 4 examples of Reconnaissance Attacks?
What are 4 examples of Reconnaissance Attacks?Answer: (1) Internet Information Queries (2) Ping Sweeps (3) Port Scans (4) Packet Sniff...
What is the most feared type of network attack?
What is the most feared type of network attack?Answer: Denial of Serv...
What are 2 examples of port scanners?
What are 2 examples of port scanners?Answer: (1) Nmap (2) Supers...
What is when the active IP addresses are identified, the intruder uses a port scanner to determine which network services or ports are active on the live IP addresses?
What is when the active IP addresses are identified, the intruder uses a port scanner to determine which network services or ports are active on the live...
What are 2 examples of ping sweep tools?
What are 2 examples of ping sweep tools?Answer: (1) fping (2) gp...
What is when After the IP address space is determined, an attacker can then ping the publicly available IP addresses to identify the addresses that are active.
What is when After the IP address space is determined, an attacker can then ping the publicly available IP addresses to identify the addresses that are...
What are the 4 types of Network Attacks?
What are the 4 types of Network Attacks?(1) Recon Attacks (2) Access Attacks (3) Denial of Service Attacks (4) Works, Viruses, and Trojan Hor...
What is when an External attackers can use Internet tools, such as the nslookup and whois utilities, to easily determine the IP address space assigned to a given corporation or entity.
What is when an External attackers can use Internet tools, such as the nslookup and whois utilities, to easily determine the IP address space assigned...
What is when malicious software is inserted onto a host to damage or corrupt a system, replicate itself, or deny access to networks, systems, or services.
What is when malicious software is inserted onto a host to damage or corrupt a system, replicate itself, or deny access to networks, systems, or services.Answer: Worms,...
What is when an attacker disables or corrupts networks, systems, with the intent to deny services to intended users?
What is when an attacker disables or corrupts networks, systems, with the intent to deny services to intended users?Answer: Denial of Serv...
What is the ability for an intruder to gain access to a device for which the intruder does not have password?
What is the ability for an intruder to gain access to a device for which the intruder does not have password?Answer: System Acc...
What is the unauthorized discovery and mapping of systems, services, or vulnerabilities?
What is the unauthorized discovery and mapping of systems, services, or vulnerabilities?Answer: Reconnaissa...
What is a type of social engineering attack that involves using e-mail in an attempt to trick others into providing sensitive information, such as credit card numbers or passwords.
What is a type of social engineering attack that involves using e-mail in an attempt to trick others into providing sensitive information, such as credit...
____ occur when someone has authorized access to the network with either an account or physical access.
____ occur when someone has authorized access to the network with either an account or physical access.Answer: Internal Thre...
___ can arise from individuals or organizations working outside of a company who do not have authorized access to the computer systems or network.
___ can arise from individuals or organizations working outside of a company who do not have authorized access to the computer systems or network.Answer: External...
What are threats that consist of come from individuals or groups that are more highly motivated and technically competent. They break into business computers to commit fraud, destroy or alter records, or simply to create havoc
What are threats that consist of come from individuals or groups that are more highly motivated and technically competent. They break into business computers...
What are threats that consist of mostly inexperienced individuals using easily available hacking tools, such as shell scripts and password crackers
What are threats that consist of mostly inexperienced individuals using easily available hacking tools, such as shell scripts and password crackersAnswer: Unstructured...
What are the 4 primary classes of threats of networks
What are the 4 primary classes of threats of networks(1) Unstructured Threats (2) Structured Threats (3) External Threats (4) Internal Thre...
What 5 things can you do to prevent maintenance damage?
What 5 things can you do to prevent maintenance damage?(1) Use neat cable runs (2) Label critical cables and components (3) Use electrostatic discharge...
What 5 things can you do to prevent electrical damage?
What 5 things can you do to prevent electrical damage?(1) Install UPS systems (2) Install generate sets (3) Fallow a preventative maintenance plan (4)...
What 3 things can you do to prevent Environmental damage?
What 3 things can you do to prevent Environmental damage?(1) Temperature control (2) Humidity control (3) Positive air flow (4) Remote environmental alarming...
What 3 things can you do to prevent hardware damage?
What 3 things can you do to prevent hardware damage?(1) Lock up Equipment to prevent unauthorized access from the doors, ceiling, raised floor, etc (2)...
Temperature extremes or humidity extremes are examples of what?
Temperature extremes or humidity extremes are examples of what?Answer: Environmental Thre...
What is physical damage to servers, routers, swithces, cabling plant, and workstations?
What is physical damage to servers, routers, swithces, cabling plant, and workstations?Answer: Hardware Thre...
What are the 4 classes of physical threats?
What are the 4 classes of physical threats?(1) Hardware (2) Environment (3) Electrical (4) Maintena...
What are five examples of security policy weaknesses?
What are five examples of security policy weaknesses?(1) Lack of written security policy (2) Politics (3) Lack of Continuity (4) Logical access controls...
Subscribe to:
Posts (Atom)