- Description
CYB 150 Wk 1 – Practice: Quiz
- Question 1
3/3
Which of the following categories of suspicious traffic signatures includes sniffing and password cracking attempts?
Hide answer choices
Denial of service
Unauthorized access
Informational
Reconnaissance
- Question 2
3/3
Which of the following categories of suspicious traffic signatures includes SYN flood attempts?
Hide answer choices
Unauthorized access
Reconnaissance
Informational
Denial of service
- Question 3
3/3
Which of the following attack signatures can open backdoors in a system, providing administrative controls to an outsider if not detected?
Hide answer choices
Context-based signature
Atomic signature
Composite signature
Content-based signature
- Question 4
3/3
Which of the following types of attack signatures can be identified simply by analyzing a single packet?
Hide answer choices
Atomic signature
Context-based signature
Composite signature
Content-based signature
- Question 5
3/3
Which of the following types of attack signatures can be detected only after analyzing a series of packets over a long time?
Hide answer choices
Context-based signature
Composite signature
Content-based signature
Atomic signature
- Question 6
3/3
Which of the following attacks can be avoided by using the built-in port security feature of Cisco switches?
Hide answer choices
SYN/FIN DDoS
SQL injection
ARP poisoning
MAC flooding
- Question 7
3/3
Which of the following best describes quality of service (QoS)?
Hide answer choices
It is an access-control mechanism for controlling the interactions between objects based on their integrity or level of trustworthiness.
It is a bandwidth reservation mechanism.
It is a mechanism through which tasks of interest can be found within normalized event data.
It is a mechanism by which a system or application either saves records on a local disk or sends them over a network.
- Question 8
3/3
Which of the following filters can be used to detect UDP scan attempts using Wireshark?
Hide answer choices
icmp.type==13
icmp.type==8 or icmp.type==0
icmp.type==15
icmp.type==3 and icmp.code==3
- Question 9
3/3
Which of the following filters can be used by a network defender to detect TCP ping sweep attempts?
Hide answer choices
udp.dstport==7
tcp.dstport==7
tcp.flags==012
tcp.flags==0x00
- Question 10
3/3
Which of the following scan attempts can penetrate a router and firewall that filter incoming packets with particular flags set and is not supported by Windows?
Hide answer choices
PING sweep attempt
TCP full connect scan attempt
ARP scan attempt
TCP null scan attempt