Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CIST1601-Information Security Fund: 448 Cutting-Edge Questions and Answers, Exams of Information Security and Markup Languages

A comprehensive set of 448 multiple-choice questions and answers covering key concepts in information security. It provides a valuable resource for students and professionals seeking to test their knowledge and understanding of fundamental security principles, vulnerabilities, and best practices. The questions cover a wide range of topics, including intrusion detection systems, vulnerability scanning, network security, and ethical hacking.

Typology: Exams

2024/2025

Available from 12/07/2024

Martin-Ray-1
Martin-Ray-1 🇺🇸

5

(8)

6.1K documents

1 / 139

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
448 Cutting-edge Questions Final
Review - CIST1601-Information
Security Fund with Answers
1. To assist in the footprint intelligence collection process, attackers
may use an enhanced Web scanner that, among other things, can
scan entire Web sites for valuable pieces of information, such as
server names and e-mail addresses.
A) True
B) False - Answer:::✔✔A) True
2. __________ testing is a straightforward testing technique that
looks for vulnerabilities in a program or protocol by feeding
random input to the program or a network running the protocol.
A) Buzz
B) Fuzz
C) Spike
D) Black - Answer:::✔✔B) Fuzz
3. The ability to detect a target computer's __________ is very
valuable to an attacker.
A) manufacturer
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download CIST1601-Information Security Fund: 448 Cutting-Edge Questions and Answers and more Exams Information Security and Markup Languages in PDF only on Docsity!

448 Cutting-edge Questions Final

Review - CIST1601-Information

Security Fund with Answers

  1. To assist in the footprint intelligence collection process, attackers may use an enhanced Web scanner that, among other things, can scan entire Web sites for valuable pieces of information, such as server names and e-mail addresses. A) True B) False - Answer:::✔✔A) True
  2. __________ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol. A) Buzz B) Fuzz C) Spike D) Black - Answer:::✔✔B) Fuzz
  3. The ability to detect a target computer's __________ is very valuable to an attacker. A) manufacturer

B) operating system C) peripherals D) BIOS - Answer:::✔✔B) operating system

  1. An HIDPS can detect local events on host systems and also detect attacks that may elude a network-based IDPS. A) True B) False - Answer:::✔✔A) True
  2. The anomaly-based IDPS collects statistical summaries by observing traffic that is known to be normal. A) True B) False - Answer:::✔✔A) True
  3. A HIDPS is optimized to detect multihost scanning, and it is able to detect the scanning of non-host network devices, such as routers or switches. A) True B) False - Answer:::✔✔B) False
  4. Port explorers are tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a
  1. Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization.
    A) True B) False - Answer:::✔✔B) False
  2. A(n) __________ works like a burglar alarm in that it detects a violation (some system activities analogous to an opened or broken window) and activates an alarm. A) IDPS B) WiFi C) UDP D) DoS - Answer:::✔✔A) IDPS
  3. A(n) known vulnerability is a published weakness or fault in an information asset or its protective systems that may be exploited and result in loss. _________________________ A) True B) False - Answer:::✔✔A) True
  4. A strategy based on the concept of defense in depth is likely to include intrusion detection systems, active vulnerability

scanners, passive vulnerability scanners, automated log analyzers, and protocol analyzers. A) True B) False - Answer:::✔✔A) True

  1. Port explorers are tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a network, as well as the ports and services active on those computers, the functions and roles the machines are fulfilling, and other useful information.
    A) True B) False - Answer:::✔✔B) False
  2. A(n) event is an indication that a system has just been attacked or is under attack. _________________________ A) True B) False - Answer:::✔✔B) False
  3. Some vulnerability scanners feature a class of attacks called _________, that are so dangerous they should only be used in a lab environment.
  1. A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing.
    A) True B) False - Answer:::✔✔B) False
  2. Passive scanners are advantageous in that they require vulnerability analysts to get approval prior to testing. A) True B) False - Answer:::✔✔B) False
  3. A(n) __________ is an event that triggers an alarm when no actual attack is in progress. A) false neutral B) false attack stimulus C) false negative D) noise - Answer:::✔✔B) false attack stimulus
  4. Enticement is the action of luring an individual into committing a crime to get a conviction.

A) True B) False - Answer:::✔✔B) False

  1. A(n) known vulnerability is a published weakness or fault in an information asset or its protective systems that may be exploited and result in loss. _________________________ A) True B) False - Answer:::✔✔A) True
  2. To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False - Answer:::✔✔B) False
  3. The process by which attackers change the format and/or timing of their activities to avoid being detected by the IDPS is known as a false attack stimulus. A) True B) False - Answer:::✔✔B) False

A) passive B) aggressive C) active D) secret - Answer:::✔✔A) passive

  1. A(n) monitoring vulnerability scanner is one that listens in on the network and determines vulnerable versions of both server and client software. _________________________ A) True B) False - Answer:::✔✔B) False
  2. Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization.
    A) True B) False - Answer:::✔✔B) False
  3. A(n) __________ IDPS is focused on protecting network information assets. A) network-based B) host-based C) application-based

D) server-based - Answer:::✔✔A) network-based

  1. Activities that scan network locales for active systems and then identify the network services offered by the host systems is known as __________. A) port knocking B) doorknob rattling C) footprinting D) fingerprinting - Answer:::✔✔D) fingerprinting
  2. Services using the TCP/IP protocol can run only on their commonly used port number as specified in their original Internet standard. A) True B) False - Answer:::✔✔B) False
  3. To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base. A) vulnerabilities B) fingerprints C) signatures

A) True B) False - Answer:::✔✔B) False

  1. __________ are decoy systems designed to lure potential attackers away from critical systems. A) Honeypots B) Bastion Hosts C) Wasp Nests D) Designated Targets - Answer:::✔✔A) Honeypots
  2. Intrusion detection consists of procedures and systems that identify system intrusions and take action when an intrusion is detected. A) True B) False - Answer:::✔✔B) False
  3. The disadvantages of using the honeypot or padded cell approach include the fact that the technical implications of using such devices are not well understood.
    A) True

B) False - Answer:::✔✔B) False

  1. The primary advantages of a a centralized IDPS control strategy are cost and ease-of-use. _________________________ A) True B) False - Answer:::✔✔B) False
  2. To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False - Answer:::✔✔A) True
  3. To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. A) True B) False - Answer:::✔✔B) False
  4. Alarm events that are accurate and noteworthy but do not pose significant threats to information security are called noise.
    A) True
  1. When a collection of honeypots connects several honeypot systems on a subnet, it may be called a(n) honeynet.
    A) True B) False - Answer:::✔✔A) True
  2. A HIDPS is optimized to detect multihost scanning, and it is able to detect the scanning of non-host network devices, such as routers or switches. A) True B) False - Answer:::✔✔B) False
  3. A(n) __________ is a software program or hardware appliance that can intercept, copy, and interpret network traffic. A) packet scanner B) packet sniffer C) honey pot D) honey packet - Answer:::✔✔C) signatures
  4. Network Behavior Analysis system __________ sensors are typically intended for network perimeter use, so they would be deployed in close proximity to the perimeter firewalls, often

between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall. A) inline B) offline C) passive D) bypass - Answer:::✔✔A) inline

  1. __________ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations. A) NIDPSs B) HIDPSs C) AppIDPSs D) SIDPSs - Answer:::✔✔A) NIDPSs
  2. __________ are decoy systems designed to lure potential attackers away from critical systems. A) Honeypots B) Bastion Hosts C) Wasp Nests D) Designated Targets - Answer:::✔✔A) Honeypots
  1. A false positive is the failure of an IDPS system to react to an actual attack event. A) True B) False - Answer:::✔✔B) False
  2. Security tools that go beyond routine intrusion detection include honeypots, honeynets and padded cell systems. A) True B) False - Answer:::✔✔A) True
  3. A HIDPS can monitor systems logs for predefined events. A) True B) False - Answer:::✔✔A) True
  4. In DNS cache poisoning, valid packets exploit poorly configured DNS servers to inject false information to corrupt the servers' answers to routine DNS queries from other systems on the network. A) True

B) False - Answer:::✔✔A) True

  1. A padded cell is a hardened honeynet.
    A) True B) False - Answer:::✔✔B) False
  2. Once the OS is known, all of the vulnerabilities to which a system is susceptible can easily be determined. A) True B) False - Answer:::✔✔A) True
  3. Your organization's operational goals, constraints, and culture should not affect the selection of the IDPS and other security tools and technologies to protect your systems. A) True B) False - Answer:::✔✔B) False
  4. Which of the following is NOT a described IDPS control strategy?