7532990
Descripción
Test por Paul Anstall, actualizado hace más de 1 año
|
Creado por Paul Anstall
hace alrededor de 7 años
|
|
Pregunta 1
Pregunta
Which of the following doesn’t define a method of transmitting data that violates a security policy?
Respuesta
-
Backdoor channel
-
Session hijacking
-
Covert channel
-
Overt channel
Pregunta 2
Pregunta
Which virus type is only executed when a specific condition is met?
Respuesta
-
Sparse infector
-
Multipartite
-
Metamorphic
-
Cavity
Pregunta 3
Pregunta
Which of the following propagates without human interaction?
Respuesta
-
Trojan
-
Worm
-
Virus
-
MITM
Pregunta 4
Pregunta
Which of the following don’t use ICMP in the attack? (Choose two.)
Respuesta
-
SYN flood
-
Ping of Death
-
Smurf
-
Peer to peer
Pregunta 5
Pregunta
Which of the following is not a recommended step in recovering from a malware infection?
Respuesta
-
Delete system restore points.
-
Back up the hard drive.
-
Remove the system from the network.
-
Reinstall from original media.
Pregunta 6
Pregunta
Which of the following is a recommendation to protect against session hijacking? (Choose two.)
Respuesta
-
Use only nonroutable protocols.
-
Use unpredictable sequence numbers.
-
Use a file verification application, such as Tripwire.
-
Use a good password policy.
-
Implement ICMP throughout the environment.
Pregunta 7
Pregunta
Which of the following attacks an already-authenticated connection?
Respuesta
-
Smurf
-
Denial of service
-
Session hijacking
-
Phishing
Pregunta 8
Pregunta
How does Tripwire (and programs like it) help against Trojan attacks?
Respuesta
-
Tripwire is an AV application that quarantines and removes malware immediately.
-
Tripwire is an AV application that quarantines and removes malware after a scan.
-
Tripwire is a file-integrity-checking application that rejects malware packets intended for the kernel.
-
Tripwire is a file-integrity-checking application that notifies you when a system file has been altered, potentially indicating malware.
Pregunta 9
Pregunta
Which of the following DoS categories consume all available bandwidth for the system or service?
Respuesta
-
Fragmentation attacks
-
Volumetric attacks
-
Application attacks
-
TCP state-exhaustion attacks
Pregunta 10
Pregunta
During a TCP data exchange, the client has offered a sequence number of 100, and the server has offered 500. During acknowledgments, the packet shows 101 and 501, respectively, as the agreed-upon sequence numbers. With a window size of 5, which sequence numbers would the server willingly accept as part of this session?
Respuesta
-
102 through 104
-
102 through 501
-
102 through 502
-
Anything above 501
Pregunta 11
Pregunta
Which of the following is the proper syntax on Windows systems for spawning a command shell on port 56 using Netcat?
Respuesta
-
nc -r 56 -c cmd.exe
-
nc -p 56 -o cmd.exe
-
nc -L 56 -t -e cmd.exe
-
nc -port 56 -s -o cmd.exe
Pregunta 12
Pregunta
Which of the following best describes a DRDoS?
Respuesta
-
Multiple intermediary machines send the attack at the behest of the attacker.
-
The attacker sends thousands upon thousands of SYN packets to the machine with a false source IP address.
-
The attacker sends thousands of SYN packets to the target but never responds to any of the return SYN/ACK packets.
-
The attack involves sending a large number of garbled IP fragments with overlapping, oversized payloads to the target machine.
Pregunta 13
Pregunta
Which of the following best describes a teardrop attack?
Respuesta
-
The attacker sends a packet with the same source and destination address.
-
The attacker sends several overlapping, extremely large IP fragments.
-
The attacker sends UDP Echo packets with a spoofed address.
-
The attacker uses ICMP broadcast to DoS targets.
¿Quieres crear tus propios Tests gratis con GoConqr? Más información.