• Choose a category
• All
• Classic-Fiction

a. Software exploitation attack

b. Back door attack

c. Worm

d. TCP/IP hijacking

Answers to Review Questions

1. A. A DoS attack is intended to prevent access to network resources by overwhelming or flooding a service or network.

2. B. A DDoS attack uses multiple computer systems to attack a server or host in the network.

3. C. In a back door attack, a program or service is placed on a server to bypass normal security procedures.

4. A. A man-in-the-middle attack attempts to fool both ends of a communications session into believing the system in the middle is the other end.

5. C. A replay attack attempts to replay the results of a previously successful session to gain access.

6. D. TCP/IP hijacking is an attempt to steal a valid IP address and use it to gain authorization or information from a network.

7. A. A TCP ACK attack creates multiple incomplete sessions. Eventually, the TCP protocol hits a limit and refuses additional connections.

8. D. A smurf attack attempts to use a broadcast ping (ICMP) on a network. The return address of the ping may be a valid system in your network. This system will be flooded with responses in a large network.

9. C. Someone trying to con your organization into revealing account and password information is launching a social engineering attack.

10. C. A worm is a type of malicious code that attempts to replicate using whatever means are available. The worm may not have come from the user’s system; rather, a system with the user’s name in the address book has attacked these people.

11. A. A logic bomb notifies an attacker when a certain set of circumstances has occurred. This may in turn trigger an attack on your system.

12. A. An armored virus is designed to hide the signature of the virus behind code that confuses the antivirus software or blocks it from detecting the virus.

13. B. A stealth virus reports false information to hide itself from antivirus software. Stealth viruses often attach themselves to the boot sector of an operating system.

14. A. A Trojan horse enters with a legitimate program to accomplish its nefarious deeds.

15. B. Retroviruses are often referred to as anti-antiviruses. They can render your antivirus software unusable and leave you exposed to other, less-formidable viruses.

16. A. Some viruses won’t damage a system in an attempt to spread into all the other systems in a network. These viruses use that system as the carrier of the virus.

17. A. A password guessing attack occurs when a user account is repeatedly attacked using a variety of different passwords.

18. D. One of the symptoms of a TCP/IP hijacking attack may be the unavailability of a TCP/IP address when the system is started.

19. B. A symptom of many viruses is unusual activity on the system disk. This is caused by the virus spreading to other files on your system.

20. A. A software exploitation attack attempts to exploit weaknesses in software. A common attack attempts to communicate with an established port to gain unauthorized access. Most e-mail servers use port 25 for e-mail connections using SMTP.

Chapter 3

Infrastructure and Connectivity

THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

✓ 1.2 Explain the security risks pertaining to system hardware and peripherals.

■ Removable storage

■ Network attached storage

✓ 1.4 Carry out the appropriate procedures to establish application security.

■ ActiveX

■ Java

■ Scripting

■ Browser

■ Buffer overflows

■ Cookies

■ SMTP open relays

■ P2P

■ Input validation

■ Cross-site scripting (XXS)

✓ 1.5 Implement security applications.

■ Popup blockers

✓ 2.3 Determine the appropriate use of network security tools to facilitate network security.

■ Proxy servers

✓ 2.4 Apply the appropriate network tools to facilitate network security.

■ Proxy servers

✓ 2.5 Explain the vulnerabilities and mitigations associated with network devices.