CCSP SECUR FAQ : Attack Threats Defined and Detailed
Q1. Your boss insists that it is fine to use his wife’s name as his password, despite the fact that your security policy states that this is not a sufficient password. What weaknesses are revealed?
A. This shows a lack of an effective security policy (policy weakness).
B. This shows a technology weakness.
C. This shows a protocol weakness.
D. This shows a configuration weakness.
E. This shows that your boss is an idiot.
Q2. You receive a call from a writer for a computer magazine. They are doing a survey of network security practices. What form of attack could this be?
A. Reconnaissance
B. Unauthorized access
C. Data manipulation
D. Denial of service
E. None of the above
Q3. Walking past a programmer’s desk, you see that he is using a network analyzer. What category of attack should you watch for?
A. Reconnaissance
B. Unauthorized access
C. Data manipulation
D. Denial of service
E. None of the above
Q4. Looking at the logs, you notice that your manager has erased some system files from your NT system. What is the most likely motivation for this?
A. Intruding for political purposes
B. Intruding for profit
C. Intruding through lack of knowledge
D. Intruding for fun and pride
E. Intruding for revenge
Q5. Your new engineer, who has very little experience working in your corporate environment, has added a new VPN concentrator onto the network. You have been too busy with another project to oversee the installation. What weakness do you need to be aware of concerning his implementation of this device?
A. Lack of effective policy
B. Technology weakness
C. Lack of user knowledge
D. Operating system weakness
E. Configuration weakness
Q6. Statistically, what is the most likely launch site for an attack against your network?
A. From poor configurations on the firewall
B. From the Internet over FTP
C. From the Internet through e-mail
D. From within your network
E. None of the above
Q7. Your accountant claims that all the electronic funds transfers from the previous day were incorrect. What category of attack could this be caused by?
A. Reconnaissance
B. Unauthorized access
C. Denial of service
D. Data manipulation
E. None of the above
Q8. Your logs reveal that someone has attempted to gain access as the administrator of a server. What category of attack could this be?
A. Reconnaissance
B. Unauthorized access
C. Denial of service
D. Data manipulation
E. None of the above
Q9. Your firewall and IDS logs indicate that a host on the Internet scanned all of your public address space looking of connections to TCP port 25. What type of attack does this indicate?
A. Reconnaissance attack, vertical scan
B. Reconnaissance attack, block scan
C. Reconnaissance attack, horizontal scan
D. Reconnaissance attack, DNS scan
E Reconnaissance attack, SMTP scan
Q10. True or False: A “script kiddie” that is scanning the Internet for “targets of opportunity” represents a structured threat to an organization?
A. True
B. False
Q11. An application that is supposed to monitor your network and alert you in the event of an outage is being considered by your manager. You begin testing the product and discover that it requires a management connection to every network component (each requiring a password) but maintains these nonencrypted (clear-text) connections. This would require that the system send clear-text passwords to every network component that you want to manage. Would you consider this product for you network and why?
Q12. How many TCP ports can an can a system communicate over if no ports are blocked and a service is listening on every available port?
Q13. What are three “self-imposed vulnerabilities”?
Q14. Can a system misconfiguration be a security vulnerability.
Q15. Why would you not want to install security devices using the default settings?
Q16. How does NFS make network connections and why can it be difficult to secure?
Q17. Why is it difficult to determine whether IP traffic is spoofed?
Q18. What is a structured threat?
Q19. Which type of threat is more common: structured or unstructured?
Q20. Why should your security administrator be well trained and very familiar with the product that she is using?
Q21. What is the goal of a reconnaissance attack?
Q22. What is a “vertical scan”?
Q23. What is a “worm”?
Q24. What is a DDoS attack?
More Resources