CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] نسخه متنی

Which of the following are sources from which an attacker can determine information about a target network?

1. DNS

2. ARIN/RIPC/APNIC records

3. whois information

4. Phone book

5. All of the above

What does "network posture visibility reduction" mean?

1. Lower the number of all the servers in the network

2. Reduce the number of users that can access the network

3. Eliminate essential services from servers in the public-facing segment to a minimum

4. Reduce the number of services in the public-facing segment of the network to a minimum

5. None of the above

Which of the following actions should be taken to harden applications and thereby make it more difficult for an attacker to perform reconnaissance on a network?

1. Remove application banners from application greetings

2. Apply patches to all applications

3. Turn off unnecessary services

4. Apply access control lists to edge routers

5. Turn off essential services

What is the purpose of RFC 2827?

1. It defines a range of network addresses to be used for private networks.

2. It describes a method of mitigating DoS attacks.

3. It describes the behavior of the TCP protocol.

4. It defines site security procedures.

5. It defines the behavior of the IP protocol.

Which feature of Cisco routers is considered an "anti-DoS" feature?

1. NetFlow

2. Fast switching

3. Stateful firewall

4. TCP intercept

5. None of the above

Which of the following methods can you utilize to mitigate the effects of DoS attacks?

1. NetFlow

2. Traffic-rate limiting

3. Fast switching

4. Quality of service

5. Stateful firewall

Which of the following is classified as an unauthorized access attack?

1. An attacker connects to a web server and downloads publicly available files

2. An attacker connects to an anonymous FTP server and downloads publicly available files

3. An attacker connects to the SMTP port of a mail server and forges e-mail

4. An attacker queries DNS for information about hosts on the network

5. An attacker connects to the Telnet port of a system and repeatedly tries various username/password combinations until he gains entry to the system

What makes application layer attacks possible?

1. Vulnerabilities in applications

2. Poor access control lists

3. Lack of proper firewall configuration

4. Poor password choices

5. None of the above

How can network and system administration personnel reduce the risk of an application layer attack?

1. They can't; application layer attacks are inevitable

2. Follow system administration best common practices

3. Turn off applications

4. Block application ports at the firewall

5. All of the above

If an attacker is able to gain access to an internal server through a DMZ web server, what is the possible cause?

1. The DMZ web server was not configured properly.

2. The DMZ web server was vulnerable to exploitation.

3. The edge router access control list was not blocking port 80.

4. The firewall access control lists allowed for the DMZ web server to connect to the internal server.

5. The internal server root password was weak.