14 Questions
When performing a DNS lookup of www.google.com from a remote network, which server is likely to provide an Authoritative reply?
The local DNS server
What is the most appropriate preventative measure for a packet capture file that contains a long series of 'no operation' (NOP) commands and a malicious payload?
Controls against time of check/time of use attacks
When should the initial database for a Linux file integrity checker be created?
Before a system has been compromised
What is the term used to describe the validation of vulnerabilities in a network environment that are able to be exploited by an attacker?
Vulnerability scanning
In Incident Handling, which statements describe the term 'incident'?
A and B
Which SIP method is used to setup a new session and add a caller?
INVITE
How would the alert for activity generated by a worm, with normal network traffic, be categorized?
False Positive
For what aspect of UNIX systems was process accounting originally developed?
Process tracking
What do 'In-line NIDS' devices use to identify malicious events on the network?
Application analysis
What is the registry key used to manage remote registry share permissions for the whole registry?
winreg
Which layer of the TCP/IP Protocol Stack is responsible for port numbers?
Transport
What is the primary purpose of in-line NIDS devices in network security?
To identify and prevent malicious events on the network
What is the term used to describe the process of validating vulnerabilities in a network environment that are exploitable by an attacker?
Penetration Testing
Which layer of the TCP/IP Protocol Stack is responsible for assigning port numbers?
Transport Layer
Test your understanding of the chronological order of events during a scheduled evacuation training session. Identify the correct sequence of actions taken during the evacuation process.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free