Deck 9: Network Risk Management

A) phishing
B) baiting
C) quid pro quo
D) tailgating

A) Nmap
B) Nessus
C) Metasploit
D) L0phtcrack

A) An employee at your company has received a malware-infected file in their e-mail.
B) A person posing as an employee tried to access a secured area at your organization.
C) A gift was offered to an employee with access to secured information in exchange for details.
D) An e-mail was sent to a manager at your company that appeared to be from the company's CTO, asking for access.

A) Nessus
B) metasploit
C) nmap
D) Sub7

A) Polymorphic malware can change its characteristics every time it is transferred to a new system.
B) Polymorphic malware is designed to activate on a particular date, remaining harmless until that time.
C) Polymorphic malware is software that disguises itself as a legitimate program, or replaces a legitimate program's code with destructive code.
D) Polymorphic malware utilizes encryption to prevent detection.

A) buffer overflow
B) session hijacking attack
C) man-in-the-middle attack
D) banner-grabbing attack

A) combolure
B) lurenet
C) honeycomb
D) honeynet

A) The blue team is tasked with attacking the network.
B) The blue team must observe the actions of the red team.
C) The blue team is charged with the defense of the network.
D) The blue team consists of regulators that ensure no illegal activity is undertaken.

A) encrypted virus
B) logic bomb
C) boot sector virus
D) worm

A) A program that disguises itself as something useful but actually harms your system.
B) A process that runs automatically, without requiring a person to start or stop it.
C) A program that runs independently of other software and travels between computers and across networks.
D) A program that locks a user's data or computer system until a ransom is paid.

A) cached denial-of-service attack
B) distributed denial-of-service attack
C) distributed reflection denial-of-service attack
D) permanent denial-of-service attack

A) A denial-of-service attack occurs when a MAC address is impersonated on the network.
B) A denial-of-service attack prevents legitimate users from accessing normal network resources.
C) A denial-of-service attack is generally a result of a disgruntled employee.
D) A denial-of-service attack is no longer a major concern due to the increased throughput available on most networks.

A) They can supply their own software on a computer or mobile device.
B) They can supply their choice of cloud application or storage.
C) They can choose a device from a limited number of options.
D) They can use whatever devices they wish to bring.

A) non-disclosure agreement
B) acceptable use policy
C) password policy
D) privileged user agreement

A) key fob lock
B) cipher lock
C) biometric lock
D) encrypted lock

A) phishing
B) baiting
C) quid pro quo
D) tailgating

A) motion detection technology
B) video surveillance via CCTV
C) tamper detection
D) asset tracking tagging

A) md5
B) shasum
C) Get-FileHash
D) Compute-FileHash

A) deauthentication attack
B) channel hopping attack
C) man-in-the-middle attack
D) ARP poisoning attack

A) It is used to identify unsecured sensitive data on the network, such as credit cards.
B) It is an automated vulnerability and penetration testing framework.
C) It is a software firewall that can be used to secure a vulnerable host.
D) It is a port scanning utility that can identify open ports on a host.

A) SHA-0 is the most secure version of SHA.
B) SHA-1 supports a 128-bit hash function.
C) SHA-2 only supports a 256-bit hash.
D) SHA-2 and SHA-3 both support the same hash lengths.

A) Your company wishes to educate users on the proper use of the network.
B) Your company needs to prevent a new contractor from sharing information with a potential competitor.
C) Your company needs to impose password restrictions on new users in the network.
D) Your company would like to allow employees to bring their own devices.

A) acceptable use policy document
B) terms of service document
C) license restrictions document
D) non-disclosure agreement document

A) every 30 days
B) every 60 days
C) every 90 days
D) every 120 days

A) The attacker researches the desired target for clues as to vulnerabilities.
B) The attacker builds trust with the target and attempts to gain more information.
C) The attacker exploits an action undertaken by the victim in order to gain access.
D) The attacker executes an exit strategy in such a way that does not leave evidence or raise suspicion.

A) mobile device management software
B) software defined network software
C) virtual device management software
D) cloud network management software

A) least-risk privilege profile
B) principle of least privilege
C) minimal access/minimal exposure
D) limited liability access

A) A thorough examination of each aspect of the organization's network is performed to determine how it might be compromised.
B) A third party organization is tasked with attempting to break into the organization and compromise security in order to determine threat vectors.
C) A report of data that is subject to special regulation is created, such that the organization is aware of what data needs protection.
D) An assessment of how a network will perform under stress is performed to determine if the network throughput is adequate.

A) sha1sum
B) md5sum
C) sha256sum
D) shasum -a 256

A) MAC address spoofing
B) denial-of-service attack
C) DNS poisoning
D) rogue DHCP server