Final Exam Review
1. What can you detect by analyzing a data packet?
Policy violations and possible network vulnerabilities
2. NetWitness Investigator works how?
3. What is used by TCP to establish a session between two systems?
Three way handshake
4. Which of the following protocols is a connection-oriented protocol that operates at the transport layer of the OSI model and supports reliable connections?
5. Promiscuous mode is most commonly associated with_____________?
6. What are the primary objectives of information security?
7. Personnel should be authenticated and authorized prior to being granted access to company’s information resources. This statement is an example of ________________?
8. What security group is responsible for managing network vulnerabilities and threats?
IT Security Staff
9. What network component filters traffic between nodes?
10. What is the most important consideration when designing a network?
11. What is usually the first activity in the hacking process?
12. What type of attack might a hacker offer as a service?
13. Which of the IT domains is most vulnerable to social engineering?
14. What type of attack can result in arbitrary code execution with system-level privileges?
15. Name three social engineering techniques?
Phishing, Impersonation, Reciprocity, ALL OF THE ABOVE
16. Which domain marks the boundary where the private network meets the public network?
LAN to WAN
17. A port scanner is a type of __________________ _________________scanner.
18. Which of the following is not covered by a data loss/data leak prevention tool?
19. Which of the following is not a purpose of network analysis?
Detect security policy violations
20. Where do you capture network data to analyze inbound/outbound network traffic?
Internal Firewall Interface