CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] نسخه متنی

Ping is a reliable ICMP echo scan. What is another reliable type of scan that can be used to enumerate hosts on a target network?

1. ICMP echo-reply scan

2. ICMP traceroute scan

3. Blind TCP scan

4. UDP ping

5. ICMP timestamp scan

What TCP bit must be set to allow packets to pass through a router's access control list?

1. PSH

2. URG

3. DMP

4. SYN

5. ACK

Which of the following are examples of DDoS attack tools?

1. SQL Slammer

2. stacheldracht

3. trin00

4. slapper

5. Li0n

DDoS attacks are based on a two-tier model of systems. What are the two types of systems involved in a DDoS attack called?

1. Client and server

2. Target and attacker

3. Zombie and client

4. Handler and agent

5. Master and target

Unauthorized access attacks can be conducted over what applications?

1. Telnet

2. SSH

3. FTP

4. HTTPS

5. All of the above

What does an attacker gain by using application layer attacks?

1. The ability to perform a denial of service

2. Reconnaissance

3. Access to a host

4. Target enumeration

Which of the following are application layer attacks?

1. IIS directory traversal

2. Ping of death

3. ICMP flood

4. land.c

5. Solaris snmpXdmid buffer overflow

Which of the following attacks is related to a buffer overflow?

1. Buffer underflow

2. Miss-by-one attack

3. Format string attack

4. Fast Data MMU Miss attack

5. None of the above

Which services on UNIX hosts do trust exploitation attacks typically involve?

1. Telnet

2. FTP

3. RSH

4. R-login

5. None of the above

How do trust exploitation attacks work?

1. By bypassing all authentication methods on a system

2. By providing the attacker with a trust token that can be used to gain access to any host on the network

3. By exploiting the file systems exported by a server

4. None of the above