Network Connectivity and ASLR Quiz

Questions and Answers

Which common types of network connectivity might you see in an IoT device?

Wireless

WAN

Wired

Bluetooth (correct)

What is ASLR and how does it affect the stack?

ASLR is a technique to randomize the addresses in virtual memory and it helps prevent buffer overflow exploits (correct)

ASLR is a technique to compress the stack and reduce memory usage

ASLR is a technique to encrypt the stack and protect data

ASLR is a technique to optimize the stack and improve performance

Which type of system is considered absolutely secure?

A system that is shut off and disconnected from all networks (correct)

A system that is frequently updated with the latest security patches

A system that is always connected to the internet

A system that has a strong firewall

Which concept of the CIA Triad is associated with reliability?

Integrity

A malicious actor has breached the firewall with a reverse shell. Which side of the CIA triad is most affected?

Confidentiality

What is an example of identification?

A username is used for identification by uniquely identifying a person or subject

Which type of access control model is a CAPTCHA an example of?

Attribute-Based Access Control (ABAC)

What is a sandbox?

A sandbox is an isolated environment that enables users to run programs without affecting the system

What element of the Parkerian Hexad is concerned with usefulness?

Utility

Which two attributes are included in the concept of risk?

Integrity and Authenticity

Which phase of the incident response (IR) process includes putting the system back better than the original state?

Recovery

Which combination of factors demonstrates multi-factor authentication?

Something you know and something you have

What is an example of identification?

Assigning a user ID to a human being

What is an example of authentication?

Verifying a user or process with a PIN

Which factors demonstrate multi-factor authentication?

Something you know and something you have

What is an objective for performing an audit?

Ensuring compliance with applicable laws

What are two common values for a network access control list (ACL)?

Deny and allow

A threat is something that has the potential to cause _______.

Harm

Vulnerabilities are weaknesses that can be used to cause _______.

Harm

What is the goal of the recovery phase in the incident response (IR) process?

To recover to a better state than prior to the incident