+
CMIT 321 QUIZ 3

CMIT 321 QUIZ 3

Rating:
Rating
(0)
Author: Carol 96
Description:

Click link for more description

http://theperfecthomework.com/cmit-321-quiz-3/

Question 1 (5 points)
 
By default, where are the IIS logs recorded?
Question 1 options:
 
Inetpub/logs

 
%systemroot%\logfiles

 
%systemroot%\system32\logfiles

 
Inetpub\www\logs

Save
Question 2 (5 points)
 
Which steps should be taken to increase web server security? (Select all that apply.)
Question 2 options:
 
Remove unused application mappings.

 
Enable remote administration.

 
Apply service packs and hotfixes.

 
Check for malicious input in forms and query strings.

Save
Question 3 (5 points)
 
IP spoofing is not difficult and can be used in a variety of attacks. However, the attacker will not see the packets that are returned to the spoofed IP address. In this case, the attacker uses ______________ and then sniffs the traffic as it passes.
Question 3 options:
 
alternate data streams

 
source routing

 
session hijacking

 
a redirect

Save
Question 4 (5 points)
 
Which of the following is the best countermeasure against hijacking? (Select all that apply.)
Question 4 options:
 
Use unpredictable sequence numbers.

 
Do not use the TCP protocol.

 
Use encryption.

 
Limit the unique sessions token to each browser’s instance.

Save
Question 5 (5 points)
 
This IIS 7 component allows clients to publish, locks and manages resources on the web, and should be disabled on a dedicated server.
Question 5 options:
 
WebDAV Publishing

 
Remote Administration

 
Active Server pages

 
Internet Data Connector

Save
Question 6 (5 points)
 
Which of the following components help defend against session hijacking? (Select all that apply.)
Question 6 options:
 
per-packet integrity checking

 
source routing

 
PPTP

 
SSL

Save
Question 7 (5 points)
 
_____________ is the US government's repository of standards-based vulnerability-management data that includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics.
Question 7 options:
 
National Vulnerability Database (NVD)

 
US Cyber Security Database

 
National SQL Database

 
US Vulnerability Database

Save
Question 8 (5 points)
 
Which type of attack allows an attacker to change the DNS table of a server so that requests for sites redirect to an IP address of the attacker's choosing?
Question 8 options:
 
cache redirect

 
buffer overflow

 
cache poisoning

 
Unicode directory traversal vulnerability

Save
Question 9 (5 points)
 
An attacker sends packets to a target host using a spoofed IP address of a trusted host on a different network. What kind of packets will be returned to the attacker? 
Question 9 options:
 
ACK packets

 
RST packets

 
ISNs incremented by 1

 
No packets will be returned to the attacker.

Save
Question 10 (5 points)
 
What tool could an attacker use to capture sequence and acknowledgment numbers from a victim in order to track a network session?
Question 10 options:
 
Traceroute

 
Netstat

 
Network Sniffer

 
Nslookup


(more)
See More
Try a College Course Free

Sophia’s self-paced online courses are a great way to save time and money as you earn credits eligible for transfer to over 2,000 colleges and universities.*

Begin Free Trial
No credit card required

25 Sophia partners guarantee credit transfer.

221 Institutions have accepted or given pre-approval for credit transfer.

* The American Council on Education's College Credit Recommendation Service (ACE Credit®) has evaluated and recommended college credit for 20 of Sophia’s online courses. More than 2,000 colleges and universities consider ACE CREDIT recommendations in determining the applicability to their course and degree programs.

Tutorial