Recent

  • Show all results for ""
quiz image

Network Monitoring and Security

MagnificentZeal avatar
MagnificentZeal
·
·
Download

Start Quiz

Study Flashcards

24 Questions

Which of the following commands is used to view the access control list of a file?

getfacl

SELinux establishes a Mandatory Access Control (MAC) model.

True

What type of attack involves intercepting communications between two parties to steal information?

man-in-the-middle attack

The openvpn command option to ensure that ephemeral keys are not written to the swap space is __________________.

--mlock

Match the following scan techniques with nmap:

A. = Xmas Scan B. = Zero Scan C. = FIN Scan D. = IP Scan E. = UDP SYN Scan

Which of the following is NOT a namespace for Linux Extended File Attributes?

default

TCP traffic from 10.142.232.1 destined for port 20 or 21 is accepted.

True

What is the command to add a new user usera to FreeIPA?

ipa user-add usera --first User --last A

What is the purpose of ICMP echo requests in a network monitoring tool?

To monitor remote hosts for availability

Asymmetric keys are used for both encryption and decryption with the same key.

False

What is an example of a behavioral-based HID technique?

Anomaly-based detection

The command to revoke ACL-based write access for groups and named users on a file is setfacl _______________________.

~m group: * : rx, user:*: rx

Which command is used to set an extended attribute on a file in Linux?

setfattr

The option "httpd-ssl.conf" in an Apache HTTPD configuration file enables OCSP stapling.

False

Match the following database names with their corresponding uses in a Name Service Switch (NSS) configuration file:

A) host = Host database B) shadow = Shadow password database C) service = Service database D) passwd = Password database

An asymmetric key is a key used for _______________________ and decryption that is generated in a pair.

both encryption

Which of the following DNS records is used to map an IP address to a hostname?

PTR

A Certificate Revocation List (CRL) is a list of X.509 certificates that have been issued by a particular CA.

False

What is the purpose of AIDE?

to detect intrusions and system changes

Phishing is a type of _______________________ attack.

social engineering

Match the following terms with their definitions:

Host Intrusion Detection (HID) = A system that monitors and detects potential security threats on a single computer or server Social Engineering = A type of attack that manipulates users into revealing sensitive information

What is the purpose of a DNSKEY record in DNSSEC?

To sign a DNS zone

A Certificate Revocation List (CRL) is a list of public keys that have been compromised.

False

What is the term for detecting and responding to cyber threats in real-time?

intrusion detection

Study Notes

Network Monitoring

  • It monitors remote hosts by periodically sending echo requests to them.

Asymmetric Keys

  • An asymmetric key is a key used for both encryption and decryption that is generated in a pair.

HID Techniques

  • Anomaly-based detection is a behavioral-based HID technique.

File Permissions

  • The command setfacl is used to set access control lists (ACLs) on files.
  • The command setfattr is used to set extended attributes on files.
  • The command getfacl is used to view the access control list of a file.

DNS

  • The PTR record is used to map an IP address to a hostname.
  • The DNSKEY record is used to sign a DNS zone in DNSSEC.

Security

  • Phishing is a type of social engineering attack.
  • Social engineering is a type of attack that aims to deceive individuals into divulging sensitive information.

Access Control

  • Mandatory Access Control (MAC) is an access control model established by using SELinux.

VPNs

  • The --mlock option of the openvpn command is used to ensure that ephemeral keys are not written to the swap space.

Linux File Attributes

  • Linux Extended File Attributes are organized in namespaces, including system, trusted, and user.

Nmap Scan Techniques

  • Existing scan techniques with nmap include Xmas Scan and FIN Scan.

User Management

  • The ipa user-add command is used to add a new user to FreeIPA.

Security Threats

  • A man-in-the-middle attack is an attack that intercepts communications between two parties to steal information.
  • A Certificate Revocation List (CRL) is a list of X.509 certificates that have been revoked by a particular CA.
  • Host intrusion detection (HID) is a system that monitors and detects potential security threats on a single computer or server.
  • AIDE is used to detect intrusions and system changes.

Identify the correct description of a network monitoring tool and understand the concept of asymmetric key in cryptography.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

Master the Art of Network Monitoring with Our Netstat Quiz!
5 questions

Master the Art of Network Monitoring with Our Netstat Quiz!

WellEstablishedElation avatar
WellEstablishedElation
Passive Monitoring and Probe-Free Performance Monitoring Quiz
20 questions

Active vs Passive Network Monitoring: Quiz and Flashcards

VisionarySugilite avatar
VisionarySugilite
Wireshark Network Monitoring Tool
20 questions

Wireshark Network Monitoring Tool

ProficientCarolingianArt avatar
ProficientCarolingianArt
Application and Network Monitoring Quiz
18 questions

Application and Network Monitoring Quiz

SignificantAffection avatar
SignificantAffection
Use Quizgecko on...
Browser
Open
Browser
Browser