Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 12: Securing Tcp/Ip Environments

Full screen (f)
exit full mode
Question
Which of the following reveals a system vulnerability and is often documented, either by the manufacturer or by an attacker?

A)hole
B)exploit
C)break-in
D)attack
Use Space or
up arrow
down arrow
to flip the card.
Question
Which of the following is a specially "hardened" software service or software/hardware product that erects a barrier to inspect and control traffic flow between networks?

A)firewall
B)bastion host
C)DMZ
D)boundary router
Question
Which of the following is a process of borrowing identity information, such as an IP address, domain name, NetBIOS name, or TCP or UDP port numbers to hide or deflect interest in attack activities?

A)Ingress filtering
B)Data authentication
C)Network sniffing
D)Spoofing
Question
Which of the following terms is a hardened computer specifically designed to resist and oppose illicit or unwanted attempts at entry, and whose job is to guard the boundary between internal and external networks?

A)firewall
B)bastion host
C)DMZ
D)boundary router
Question
Which of the following is a weak spot or known place of attack on any common operating system, application, or service?

A)back door
B)hole
C)discovery
D)hash
Question
In which of the following attacks is the attacker able to intercept traffic from both parties and either pass the traffic unaltered to the other end of the communication link, or the attacker can forge replies from either side?

A)DoS attack
B)brute force attack
C)man-in-the middle attack
D)IP service attack
Question
Fundamental protocols-including IP and TCP or UDP-offer no built-in security controls.
Question
When users from outside the network attach to a service inside the network, they actually attach to the proxy server, which establishes a proxy session into the private side of the network from there.
Question
Which of the following is an undocumented and illicit point of entry into an operating system or application added by a system's programmers to bypass normal security?

A)back door
B)hole
C)discovery
D)hash
Question
Which of the following is a type of software that opens the door for a compromised machine to display all kinds of unsolicited and unwanted advertising, often of an unsavory nature?

A)SA bundle
B)Spyware
C)Adware
D)Cache
Question
Which of the following terms means restricting who may view or use certain resources, including access to bandwidth or a computer, as well as access to information?

A)Access control
B)Connectionless integrity
C)Data origin authentication
D)Confidentiality
Question
Which of the following software programs can attempt to communicate with any IP-based system while cycling through all valid TCP and UDP port addresses?

A)agent
B)Trojan
C)port scanner
D)socket
Question
Strictly speaking, VPNs use tunneling protocols; therefore, they need to encrypt tunneled traffic.
Question
Which type of attack includes SYN Flood, broadcast amplification attacks, and buffer overflow?

A)DoS-related
B)Brute force-related
C)Man-in-the-middle-related
D)IP service-related
Question
A stealthy attacker may cover its tracks by deleting log files, or terminating any active direct connections.
Indicate the answer choice that best completes the statement or answers the question.
Question
Which type of device makes access control decisions on the basis of application content rather than by looking at IP addresses or port numbers and can act on a host to deny potentially malicious activity?

A)Firewall
B)IPS
C)IDS
D)Proxy
Question
Which of the following refers to a successful attempt to compromise a system's security?

A)discovery
B)exploit
C)break-in
D)gateway
Question
Which of the following types of attacks serves the purpose of masquerading as an authorized user in order to gain access to a system?

A)egress filtering
B)session hijacking
C)data authentication
D)network sniffing
Question
Which of the following serves the purpose of finding out what you have and what is vulnerable?

A)reconnaissance
B)covering-up
C)session hijacking
D)packet sniffing
Question
Proxy server software permits internal network addresses to be "translated" into public network addresses when packets leave inside networks so only public IP addresses are exposed on the public Internet.
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
the process of examining the "footprints" that an attacker leaves behind
Question
In a(n) ____________________ attack, a service is inundated with requests, or malformed service requests, which cause a server to hang or freeze, preventing it from responding to input.
Question
Which type of attacks are designed to interrupt or completely disrupt operations of a network device or network communications?

A)Trojan horse attacks
B)Dictionary attacks
C)DoS attacks
D)Worms
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a manager system in a DDoS attack
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
any activity that represents a potential danger or attack on a system or network
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
an ICMP Echo-based operation used to locate active devices on a network
Question
Which of the following best defines an attempt to snoop inside traffic moving across the Internet to look for unprotected account and password information, or to obtain other sensitive information while it's in transit?

A)brute force attack
B)user impersonation
C)session hijacking
D)packet sniffing
Enter the appropriate word(s) to complete the statement.
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
an IP attack technique whereby an impostor takes over an ongoing communications session between a client and server
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a special-purpose software tool that cycles through all possible TCP and UDP port addresses looking for open ports that then can be probed for access or exploited for vulnerabilities
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a computer system deliberately set up to attract, entice, and entrap would-be attackers, often by being made to appear part of a larger network
Question
Which of the following is unsolicited and unwanted software that takes up stealthy unauthorized and uninvited residence on a computer?

A)SA bundle
B)Spyware
C)Adware
D)Cache
Question
In how many minutes can any knowledgeable systems professional with the right toolkit break into just about any system if allowed unsupervised and unrestricted access to the computer on which such a system resides?

A)15 minutes
B)20 minutes
C)25 minutes
D)30 minutes
Question
Which of the following is the ability to verify that the data received did in fact come from the named source?

A)Access control
B)Connectionless integrity
C)Data origin authentication
D)Confidentiality
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a document that represents the concrete manifestation of an organization's requirements for security practices, rules, and procedures
Question
____________________ attacks are DoS attacks that are launched from numerous devices.
Question
Which of the following is an area that's accessible to both outsiders and insiders, but which establishes a buffer area between what's completely inside and outside a network boundary?

A)firewall
B)bastion host
C)DMZ
D)boundary router
Question
A(n) ____________________ consists of creating hashed values for all words in a specialized dictionary of terms, then comparing those values to the hashed values in password files.
Question
A(n) ____________________ model excludes users from access to resources, by default, and then adds whatever users need access to such resources as exceptions to the general exclusionary rule.
Question
A(n) ____________________ is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
Question
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
any type of network service that permits users elsewhere on a network to use the network to log on to a system as if they were attached locally while operating remotely
Question
According to RFC 4301, what are the goals of IPSec?
Question
Provide a brief definition of spoofing.
Question
Discuss the difference between physical security and personnel security.
Question
Briefly describe the following types of attacks: DoS, man-in-the-middle, and IP service.
Question
Briefly define proxy server, screening host, and screening router.
Question
Briefly describe IP service implementation vulnerabilities, and insecure IP protocols and services.
Question
What are the steps when planning and implementing firewalls and proxy servers on your networks?
Question
Discuss the risks of allowing anonymous access.
Question
What is the difference between an attack and an exploit?
Question
What is meant by the term buffer overflow?
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 12: Securing Tcp/Ip Environments
1
Which of the following reveals a system vulnerability and is often documented, either by the manufacturer or by an attacker?

A)hole
B)exploit
C)break-in
D)attack
B
2
Which of the following is a specially "hardened" software service or software/hardware product that erects a barrier to inspect and control traffic flow between networks?

A)firewall
B)bastion host
C)DMZ
D)boundary router
A
3
Which of the following is a process of borrowing identity information, such as an IP address, domain name, NetBIOS name, or TCP or UDP port numbers to hide or deflect interest in attack activities?

A)Ingress filtering
B)Data authentication
C)Network sniffing
D)Spoofing
D
4
Which of the following terms is a hardened computer specifically designed to resist and oppose illicit or unwanted attempts at entry, and whose job is to guard the boundary between internal and external networks?

A)firewall
B)bastion host
C)DMZ
D)boundary router
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the following is a weak spot or known place of attack on any common operating system, application, or service?

A)back door
B)hole
C)discovery
D)hash
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
In which of the following attacks is the attacker able to intercept traffic from both parties and either pass the traffic unaltered to the other end of the communication link, or the attacker can forge replies from either side?

A)DoS attack
B)brute force attack
C)man-in-the middle attack
D)IP service attack
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
Fundamental protocols-including IP and TCP or UDP-offer no built-in security controls.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
When users from outside the network attach to a service inside the network, they actually attach to the proxy server, which establishes a proxy session into the private side of the network from there.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
Which of the following is an undocumented and illicit point of entry into an operating system or application added by a system's programmers to bypass normal security?

A)back door
B)hole
C)discovery
D)hash
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following is a type of software that opens the door for a compromised machine to display all kinds of unsolicited and unwanted advertising, often of an unsavory nature?

A)SA bundle
B)Spyware
C)Adware
D)Cache
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following terms means restricting who may view or use certain resources, including access to bandwidth or a computer, as well as access to information?

A)Access control
B)Connectionless integrity
C)Data origin authentication
D)Confidentiality
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Which of the following software programs can attempt to communicate with any IP-based system while cycling through all valid TCP and UDP port addresses?

A)agent
B)Trojan
C)port scanner
D)socket
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Strictly speaking, VPNs use tunneling protocols; therefore, they need to encrypt tunneled traffic.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
Which type of attack includes SYN Flood, broadcast amplification attacks, and buffer overflow?

A)DoS-related
B)Brute force-related
C)Man-in-the-middle-related
D)IP service-related
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
A stealthy attacker may cover its tracks by deleting log files, or terminating any active direct connections.
Indicate the answer choice that best completes the statement or answers the question.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Which type of device makes access control decisions on the basis of application content rather than by looking at IP addresses or port numbers and can act on a host to deny potentially malicious activity?

A)Firewall
B)IPS
C)IDS
D)Proxy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
Which of the following refers to a successful attempt to compromise a system's security?

A)discovery
B)exploit
C)break-in
D)gateway
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following types of attacks serves the purpose of masquerading as an authorized user in order to gain access to a system?

A)egress filtering
B)session hijacking
C)data authentication
D)network sniffing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following serves the purpose of finding out what you have and what is vulnerable?

A)reconnaissance
B)covering-up
C)session hijacking
D)packet sniffing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
Proxy server software permits internal network addresses to be "translated" into public network addresses when packets leave inside networks so only public IP addresses are exposed on the public Internet.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
the process of examining the "footprints" that an attacker leaves behind
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
In a(n) ____________________ attack, a service is inundated with requests, or malformed service requests, which cause a server to hang or freeze, preventing it from responding to input.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Which type of attacks are designed to interrupt or completely disrupt operations of a network device or network communications?

A)Trojan horse attacks
B)Dictionary attacks
C)DoS attacks
D)Worms
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a manager system in a DDoS attack
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
any activity that represents a potential danger or attack on a system or network
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
an ICMP Echo-based operation used to locate active devices on a network
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Which of the following best defines an attempt to snoop inside traffic moving across the Internet to look for unprotected account and password information, or to obtain other sensitive information while it's in transit?

A)brute force attack
B)user impersonation
C)session hijacking
D)packet sniffing
Enter the appropriate word(s) to complete the statement.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
an IP attack technique whereby an impostor takes over an ongoing communications session between a client and server
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a special-purpose software tool that cycles through all possible TCP and UDP port addresses looking for open ports that then can be probed for access or exploited for vulnerabilities
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a computer system deliberately set up to attract, entice, and entrap would-be attackers, often by being made to appear part of a larger network
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Which of the following is unsolicited and unwanted software that takes up stealthy unauthorized and uninvited residence on a computer?

A)SA bundle
B)Spyware
C)Adware
D)Cache
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
In how many minutes can any knowledgeable systems professional with the right toolkit break into just about any system if allowed unsupervised and unrestricted access to the computer on which such a system resides?

A)15 minutes
B)20 minutes
C)25 minutes
D)30 minutes
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Which of the following is the ability to verify that the data received did in fact come from the named source?

A)Access control
B)Connectionless integrity
C)Data origin authentication
D)Confidentiality
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
a document that represents the concrete manifestation of an organization's requirements for security practices, rules, and procedures
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
____________________ attacks are DoS attacks that are launched from numerous devices.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
Which of the following is an area that's accessible to both outsiders and insiders, but which establishes a buffer area between what's completely inside and outside a network boundary?

A)firewall
B)bastion host
C)DMZ
D)boundary router
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
A(n) ____________________ consists of creating hashed values for all words in a specialized dictionary of terms, then comparing those values to the hashed values in password files.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
A(n) ____________________ model excludes users from access to resources, by default, and then adds whatever users need access to such resources as exceptions to the general exclusionary rule.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
A(n) ____________________ is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
Match each item with a statement below.
a.threat
b.remote logon service
c.PING sweep
d.computer forensics
e.port scanner
f.handler
g.session hijacking
h.security policy
i.honeypot
any type of network service that permits users elsewhere on a network to use the network to log on to a system as if they were attached locally while operating remotely
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
According to RFC 4301, what are the goals of IPSec?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Provide a brief definition of spoofing.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
Discuss the difference between physical security and personnel security.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Briefly describe the following types of attacks: DoS, man-in-the-middle, and IP service.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Briefly define proxy server, screening host, and screening router.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
Briefly describe IP service implementation vulnerabilities, and insecure IP protocols and services.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
What are the steps when planning and implementing firewalls and proxy servers on your networks?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Discuss the risks of allowing anonymous access.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What is the difference between an attack and an exploit?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
What is meant by the term buffer overflow?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree