Guide to Network Security

Computing

Quiz 9 :

Network Vulnerability Assessment

Quiz 9 :

Network Vulnerability Assessment

Question Type
search
arrow
A ____ (sometimes called a network protocol analyzer) is a network tool that collects copies of packets from the network and analyzes them or stores the packets for later analysis.
Free
Multiple Choice
Answer:

Answer:

C

Tags
Choose question tag
close menu
arrow
____ verify that an organization's security policies are prudent (cover the right issues) and are being implemented correctly.
Free
Multiple Choice
Answer:

Answer:

C

Tags
Choose question tag
close menu
arrow
Wired networks are just as vulnerable to sniffing as wireless networks.
Free
True False
Answer:

Answer:

True

Tags
Choose question tag
close menu
arrow
A(n) ____ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
Probably the most popular port scanner is ____, which runs on both UNIX and Windows systems.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
Protocol analyzers are commonly referred to as ____.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
Implementing applications that verify the true communication destination during execution help prevent vulnerabilities associated with ____.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
One of the preparatory parts of the attack methodology is the collection of publicly available information about a potential target, a process known as ____.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
Which vulnerability can occur if a programmer does not properly validate user input and allows an attacker to include unintended SQL input that can be passed to a database?
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
If Web software can access parts of the underlying operating system's file system through normal URL mappings, a(n) ____ may occur.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
Organizations are safe from sniffer attacks when their computing environment is primarily a switched network environment.
True False
Answer:
Tags
Choose question tag
close menu
arrow
Passive scanners are advantageous in that they do not require vulnerability analysts to get prior approval for testing.
True False
Answer:
Tags
Choose question tag
close menu
arrow
Most C++ catastrophe vulnerabilities rely on uninitialized function pointers in a class.
True False
Answer:
Tags
Choose question tag
close menu
arrow
Requirements for a complex password system include using a ____ value, implementing strong encryption, requiring periodic password changes, and generally implementing a system where guessing a password or its hash is very difficult.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
Allowing users to decide which mobile code to run is the best way to resolve weaknesses introduced with mobile code.
True False
Answer:
Tags
Choose question tag
close menu
arrow
The printf (user_input); command in C has the potential to cause a(n) ____ vulnerability.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
The ____ command, available on most popular Web browsers, allows users to see the source code behind the page.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
A(n) ____ uses all the techniques and tools available to an attacker in an attempt to compromise or penetrate an organization's defenses.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
SPIKE can fuzz any protocol that utilizes ____.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
arrow
The ____ stage of the attack methodology is a systematic survey of the target organization's Internet addresses, conducted to identify the network services offered by the hosts in that range.
Multiple Choice
Answer:
Tags
Choose question tag
close menu
Showing 1 - 20 of 49