ITS 4550 - Internet and Web Security

Review for Second Test

The following questions are provided to help you study for the second test. Do not expect to see these exact questions on the test.

  1. What is the objective of MAC Flooding?

  2. Which of the following are categories of social engineering?

  3. A network of private computers infected with malicious software and controlled as a group without the owners' knowledge is known as what?
  4. Name a tool that can help reduce the risk of a wardriver attacking your WLAN

  5. Which type of routing protocol advertises only new paths to other routers on the

  6. Which type of IDS can send an access list to a router or firewall when an intrusion is
    detected on a network?

  7. What is a DDos attack?

  8. What is a Rootkit?

  9. What is a Trojan Horse?

  10. The book describes some methods to combat sniffing. What tactics are mentioned.

  11. What year does the text note that Linux was originally designed?

  12. What are the 7 phases of the incident response process?

  13. What is the Adversary Model of Cybercrime?

  14. What is the current most secure wireless protocol?

  15. Give an example of a social engineering attack
  16. What DoS attack is typically carried out by an army of co-opted machines, which may number in the hundreds or thousands, depending on the success of the attacker in organizing an attack group?

  17. What are the three categories of DoS attacks?

  18. In an ___________ attack, the attacker lies to the switch to divert traffic to the attacker's port. As the text explains, the attacker may forward the received packets to the correct device in order to minimize traffic and eliminate packet loss. This works best when the attacker's lie is about devices that are a hop or more away. The lie keeps the traffic on the same network, and the attacker can just send the packets across a router to make it look like they arrived as intended.

  19. According to our author, there are three laws that are significant in dealing with malware.  What three laws are they and why are they significant?

  20. After conducting a scan on the target host, what is the next step called and what does is the purpose?

  21. What is SIEM and why is it important to a network defensive plan?

  22. What does a VPN do?

  23. What is the goal of a cipher?

  24. What is nonrepudiation?

  25. What are the steps involved in the incident response process?

  26. Which of the following is the least secure wireless encryption, WEP, WPA, WPA2?

  27. Documentation should be written in which portion of the incident response process?

  28. Name 3 Tools that can be used to help map a network.

  29. What is a Ransomware?

  30. What ia a Distributed Denial of Service attack?

  31. What is the basic command structure in Linux?

  32. Which if these is not a sniffing tool? (It's a session hijack tool)

  33. True or False: A password manager is a recommended piece of software.

  34. Name a tool used for hash cracking.

  35. In what phase of an attack does information gathering happen

  36. What is the difference between an audit and risk assessment

  37. What is the purpose of whitelist MAC filtering?

  38. What is a Man-in-the-Middle attack?

  39. What is the best WLAN encryption method?

  40. What is Bluejacking?

  41. What is a SYN flood attack?

  42. What is a key logger?

  43. What is footprinting?

  44. What is used to prevent web crawlers from accessing certain sections of a website?

  45. What is a good way to prevent SQL related attacks?

  46. What is a VPN?

  47. Why would someone need a VPN?

  48. What is a ddos attack?

  49. Why are anti-virus signatures important to keep updated?

  50. What are the three stages of the TCP/IP handshake?

  51. Why are tools like wireshark important?

  52. What are the biggest difference between IDS and IPS?

  53. When creating a defense plan what should you consider?

  54. What is the difference between a worm and a trojan?

  55. What 4 tools can be blamed for:
    • Providing information about registered users, or assigned agents, of domains, IP addresses, or system
    • Find information about a resource stored in the DNS
    • Give you info of the range of Ip addresses
    • Traceroutes to determine the location of the network