Take Assessment - CCNAS Chapter 1 - CCNA Security: Implementing Netwo

rk Security (Version 1.0)

Time Remaining:

1
Which two statements are characteristics of a virus? (Choose two.)
*A virus typically requires end-user activation.
A virus has an enabling vulnerability, a propagation mechanism, and a pa
yload.
A virus replicates itself by independently exploiting vulnerabilities in
networks.
A virus provides the attacker with sensitive data, such as passwords.
*A virus can be dormant and then activate at a specific time or date.
2
What are the three major components of a worm attack? (Choose three.)
*enabling vulnerability
infecting vulnerability
*payload
penetration mechanism
probing mechanism
*propagation mechanism
3
Which type of security threat can be described as software that attaches to anot
her program to execute a specific unwanted function?
*virus
worm
proxy Trojan horse
Denial of Service Trojan horse
4
Which phase of worm mitigation requires compartmentalization and segmentation of
the network to slow down or stop the worm and prevent currently infected hosts
from targeting and infecting other systems?
*containment phase
inoculation phase
quarantine phase
treatment phase
5
Which two network security solutions can be used to mitigate DoS attacks? (Choos
e two.)
virus scanning
data encryption
*anti-spoofing technologies
*intrusion protection systems
applying user authentication
6
What is a characteristic of a Trojan Horse?
*A Trojan Horse can be carried in a virus or worm.
A proxy Trojan Horse opens port 21 on the target system.
An FTP Trojan Horse stops anti-virus programs or firewalls from function
ing.
A Trojan Horse can be hard to detect because it closes when the applicat
ion that launched it closes.
7
Which two statements describe access attacks? (Choose two.)
Port redirection attacks use a network adapter card in promiscuous mode
to capture all network packets that are sent across a LAN.
*Password attacks can be implemented using brute-force attack methods, T
rojan Horses, or packet sniffers.
*Buffer overflow attacks write data beyond the allocated buffer memory t
o overwrite valid data or exploit systems to execute malicious code.
Port scanning attacks scan a range of TCP or UDP port numbers on a host
to detect listening services.
Trust exploitation attacks can use a laptop acting as a rogue access poi
nt to capture and copy all network traffic in a public location on a wireless ho
tspot.
8
What is a ping sweep?
*A ping sweep is a network scanning technique that indicates the live ho
sts in a range of IP addresses.
A ping sweep is a software application that enables the capture of all n
etwork packets sent across a LAN.
A ping sweep is a scanning technique that examines a range of TCP or UDP
port numbers on a host to detect listening services.
A ping sweep is a query and response protocol that identifies informatio
n about a domain, including the addresses assigned to that domain.
9
What are three goals of a port scan attack? (Choose three.)
disable used ports and services
*determine potential vulnerabilities
*identify active services
identify peripheral configurations
*identify operating systems
discover system passwords
10
Which access attack method involves a software program attempting to discover a
system password by using an electronic dictionary?
buffer overflow attack
port redirection attack
Denial of Service attack
*brute-force attack
IP spoofing attack
packet sniffer attack
11
What are three types of access attacks? (Choose three.)
*buffer overflow
ping sweep
*port redirection
*trust exploitation
port scan
Internet information query
12
What are the basic phases of attack that can be used by a virus or worm in seque
ntial order?
 paralyze, probe, penetrate, persist, and propagate
*probe, penetrate, persist, propagate, and paralyze
penetrate, persist, propagate, paralyze, and probe
persist, propagate, paralyze, probe, and penetrate
13
Users report to the helpdesk that icons usually seen on the menu bar are randoml
y appearing on their computer screens. What could be a reason that computers are
displaying these random graphics?
An access attack has occurred.
*A virus has infected the computers.
A DoS attack has been launched against the network.
The computers are subject to a reconnaissance attack.
14
A disgruntled employee is using Wireshark to discover administrative Telnet user
names and passwords. What type of network attack does this describe?
Denial of Service
port redirection
*reconnaissance
trust exploitation
15
How is a Smurf attack conducted?
by sending a large number of packets, overflowing the allocated buffer m
emory of the target device
by sending an echo request in an IP packet larger than the maximum packe
t size of 65,535 bytes
*by sending a large number of ICMP requests to directed broadcast addres
ses from a spoofed source address on the same network
by sending a large number of TCP SYN packets to a target device from a s
poofed source address
16
Which phase of worm mitigation involves terminating the worm process, removing m
odified files or system settings that the worm introduced, and patching the vuln
erability that the worm used to exploit the system?
containment
inoculation
quarantine
*treatment
17
What occurs during a spoofing attack?
*One device falsifies data to gain access to privileged information.
Large amounts of network traffic are sent to a target device to make res
ources unavailable to intended users.
Improperly formatted packets are forwarded to a target device to cause t
he target system to crash.
A program writes data beyond the allocated memory to enable the executio
n of malicious code.
18
Which two are characteristics of DoS attacks? (Choose two.)
They always precede access attacks.
*They attempt to compromise the availability of a network, host, or appl
ication.
They are difficult to conduct and are initiated only by very skilled att
ackers.
They are commonly launched with a tool called L0phtCrack.
 *Examples include smurf attacks and ping of death attacks.
19
Which characteristic best describes the network security Compliance domain as sp
ecified by the ISO/IEC?
the integration of security into applications
an inventory and classification scheme for information assets
the restriction of access rights to networks, systems, applications, fun
ctions, and data
*the process of ensuring conformance with security information policies,
standards, and regulations
20
What occurs during the persist phase of a worm attack?
identification of vulnerable targets
*modification of system files and registry settings to ensure that the a
ttack code is running
transfer of exploit code through an attack vector
extension of the attack to vulnerable neighboring targets
21
A network administrator detects unknown sessions involving port 21 on the networ
k. What could be causing this security breach?
*An FTP Trojan Horse is executing.
A reconnaissance attack is occurring.
A denial of service attack is occurring.
Cisco Security Agent is testing the network.
22
Which statement describes phone freaking?
A hacker uses password-cracking programs to gain access to a computer vi
a a dialup account.
A hacker gains unauthorized access to networks via wireless access point
s.
*A hacker mimics a tone using a whistle to make free long-distance calls
on an analog telephone network.
A hacker uses a program that automatically scans telephone numbers withi
n a local area, dialing each one in search of computers, bulletin board systems,
and fax machines.