Final Exam Review
1. What can you detect by analyzing a data packet? Policy violations and possible network vulnerabilities
2. NetWitness Investigator works how? Real Time
3. What is used by TCP to establish a session between two systems? Three way handshake
4. Which of the following protocols is a connection-oriented protocol that operates at the transport layer of the OSI model and supports reliable connections? TCP
5. Promiscuous mode is most commonly associated with_____________? NIC
6. What are the primary objectives of information security? CIA
7. Personnel should be authenticated and authorized prior to being granted access to company’s information resources. This statement is an example of ________________? Policy
8. What security group is responsible for managing network vulnerabilities and threats? IT Security Staff
9. What network component filters traffic between nodes? Firewall
10. What is the most important consideration when designing a network? Usage
11. What is usually the first activity in the hacking process? Reconnaissance
12. What type of attack might a hacker offer as a service? Spam
13. Which of the IT domains is most vulnerable to social engineering? User Domain
14. What type of attack can result in arbitrary code execution with system-level privileges? Buffer Overflow
15. Name three social engineering techniques? Phishing, Impersonation, Reciprocity, ALL OF THE ABOVE
16. Which domain marks the boundary where the private network meets the public network? LAN to WAN
17. A port scanner is a type of __________________ _________________scanner. Network Vulnerability
18. Which of the following is not covered by a data loss/data leak prevention tool? Paper documents
19. Which of the following is not a purpose of network analysis?
Detect security policy violations
20. Where do you capture network data to analyze inbound/outbound network traffic? Internal Firewall Interface
21. What can you accomplish by filtering network