Exam 12: Securing Tcp/Ip Environments

When users from outside the network attach to a service inside the network, they actually attach to the proxy server, which establishes a proxy session into the private side of the network from there.

Which of the following software programs can attempt to communicate with any IP-based system while cycling through all valid TCP and UDP port addresses?

Match each item with a statement below. a.threat b.remote logon service c.PING sweep d.computer forensics e.port scanner f.handler g.session hijacking h.security policy i.honeypot -an ICMP Echo-based operation used to locate active devices on a network

Briefly define proxy server, screening host, and screening router.

Provide a brief definition of spoofing.

Which of the following is a process of borrowing identity information, such as an IP address, domain name, NetBIOS name, or TCP or UDP port numbers to hide or deflect interest in attack activities?

A(n) ____________________ is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.

Which of the following terms is a hardened computer specifically designed to resist and oppose illicit or unwanted attempts at entry, and whose job is to guard the boundary between internal and external networks?

A stealthy attacker may cover its tracks by deleting log files, or terminating any active direct connections. Indicate the answer choice that best completes the statement or answers the question.

Which of the following serves the purpose of finding out what you have and what is vulnerable?

Match each item with a statement below. a.threat b.remote logon service c.PING sweep d.computer forensics e.port scanner f.handler g.session hijacking h.security policy i.honeypot -an IP attack technique whereby an impostor takes over an ongoing communications session between a client and server

What is the difference between an attack and an exploit?

Match each item with a statement below. a.threat b.remote logon service c.PING sweep d.computer forensics e.port scanner f.handler g.session hijacking h.security policy i.honeypot -any type of network service that permits users elsewhere on a network to use the network to log on to a system as if they were attached locally while operating remotely

Match each item with a statement below. a.threat b.remote logon service c.PING sweep d.computer forensics e.port scanner f.handler g.session hijacking h.security policy i.honeypot -a manager system in a DDoS attack

Match each item with a statement below. a.threat b.remote logon service c.PING sweep d.computer forensics e.port scanner f.handler g.session hijacking h.security policy i.honeypot -a computer system deliberately set up to attract, entice, and entrap would-be attackers, often by being made to appear part of a larger network

Which type of device makes access control decisions on the basis of application content rather than by looking at IP addresses or port numbers and can act on a host to deny potentially malicious activity?

Match each item with a statement below. a.threat b.remote logon service c.PING sweep d.computer forensics e.port scanner f.handler g.session hijacking h.security policy i.honeypot -a document that represents the concrete manifestation of an organization's requirements for security practices, rules, and procedures

According to RFC 4301, what are the goals of IPSec?

Match each item with a statement below. a.threat b.remote logon service c.PING sweep d.computer forensics e.port scanner f.handler g.session hijacking h.security policy i.honeypot -any activity that represents a potential danger or attack on a system or network

Which of the following best defines an attempt to snoop inside traffic moving across the Internet to look for unprotected account and password information, or to obtain other sensitive information while it's in transit?