University of Maryland, University College CMIT 321 quiz 4
At what layer of the TCP stack does web browsing take place?
Question 1 options:
... [Show More]
network
application
Internet
data link
Which of the following functions can used to defend against buffer overflows? (Select all that apply.)
Question 6 options:
a) gets()
b) fgets()
c) strcopy()
d) strncopy()
Which of the following tools automates and takes advantage of directory traversal exploits in IIS?
Question 3 options:
Msw3prt IPP Vulnerability
IIS_Traversal
ServerMask
IIS Xploit
Save
Previous PageNext Page
The Autorun feature of Removable Disks and CD Drives can be a threat to network Security. What is the best course of action to remove Autorun for Removable Disks and CD Drives for in Windows?
Question 5 options:
Tape the USB ports
Remove the CD-ROM Drive from the System
Use Group Policy
Provide Users without Administrative Rights
Save
Previous PageNext Page
Which of the following components help defend against session hijacking? (Select all that apply.)
Question 6 options:
a) per-packet integrity checking
b) source routing
c) PPTP
d) SSL
Identify two vulnerabilities of Microsoft’s Internet Information Services (IIS) from the options listed below. (Select two.)
Question 9 options:
a) mod_rewrite log escape filtering
b) ::$DATA IIS vulnerability
c) WebDAV/RPC exploits
d) mod_proxy reverse proxy exposure
Save
Previous PageNext Page
IP spoofing is not difficult and can be used in a variety of attacks. However, the attacker will not see the packets that are returned to the spoofed IP address. In this case, the attacker uses ______________ and then sniffs the traffic as it passes.
Question 11 options:
alternate data streams
source routing
session hijacking
a redirect
This is an example of a Trojan that can be utilized for Website Defacement?:
Question 14 options:
HTTrack
WGET
Restorator
CrimePack
Save
Previous PageNext Page
Which of the following is the best countermeasure against hijacking? (Select all that apply.)
Question 15 options:
a) Use unpredictable sequence numbers.
b) Do not use the TCP protocol.
c) Use encryption.
d) Limit the unique sessions token to each browser’s instance.
Save
Previous PageNext Page
What were the two dominant attack strategies identified in Symantec's Threat Report?
Question 16 options:
Distributed Denial of Service
Focused Attack
Broader Strokes
Advanced Persistent Threats
he characteristics of these Trojans include the ability to open and close the CD-ROM tray?:
Question 19 options:
NetBus
Dark Comet
Poison Ivy
SubSeven [Show Less]