FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 4: CIW v5 Security Essentials

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Multiple Choice

Review LaterAdd Note

Review Later

Consider the following image: From the information in this image, what type of attack is occurring?

A) A man-in-the-middle attack
B) A brute-force attack
C) A connection-hijacking attackC.A connection-hijacking attack
D) A spoofing attackD.A spoofing attack

Correct Answer

verified

Show Answer

Question 2

Multiple Choice

Review LaterAdd Note

Review Later

At what layer of the OSI/RM does a packet filter operate?

A) Layer 1
B) Layer 3
C) Layer 5
D) Layer 7

Correct Answer

verified

Show Answer

Question 3

Multiple Choice

Review LaterAdd Note

A disgruntled employee has discovered that the company Web server is not protected against a particular buffer overflow vulnerability. The disgruntled employee has created an application to take advantage of this vulnerability and secretly obtain sensitive data from the Web server's hard disk. This application sends a set of packets to the Web server that causes it to present an unauthenticated terminal with root privileges. What is the name for this particular type of attack?

The most popular types of proxy-oriented firewalls operate at which layer of the OSI/RM?

Consider the following series of commands from a Linux system: iptables -A input -p icmp -s 0/0 -d 0/0 -j REJECT Which explanation best describes the impact of the resulting firewall ruleset?

Which of the following errors most commonly occurs when responding to a security breach?

Your organization has made a particularly unpopular policy decision. Your supervisor fears that a series of attacks may occur as a result. You have been assigned to increase automated auditing on a server. When fulfilling this request, which of the following resources should you audit the most aggressively?

Which of the following can help you authoritatively trace a network flooding attack?

Which of the following is a primary weakness of asymmetric-key encryption?

At the beginning of an IPsec session, which activity occurs during the Internet Key Exchange (IKE) ?

Which algorithm can use a 128-bit key, and has been adopted as a standard by various governments and corporations?

Which of the following will best help you ensure a database server can withstand a recently discovered vulnerability?

You are creating an information security policy for your company. Which of the following activities will help you focus on creating policies for the most important resources?

Which of the following details should be included in documentation of an attack?

Which of the following is a primary auditing activity?

Which choice lists typical firewall functions?

Consider the following image of a packet capture: This packet capture has recorded two types of attacks. Which choice lists both attack types?

You have implemented a version of the Kerberos protocol for your network. What service does Kerberos primarily offer?

You have just deployed an application that uses hash-based checksums to monitor changes in the configuration scripts of a database server that is accessible via the Internet. Which of the following is a primary concern for this solution?

Which of the following activities is the most effective at keeping the actions of nae end users from putting the company's physical and logicalWhich of the following activities is the most effective at keeping the actions of na?e end users from putting the company's physical and logical resources at risk?