Exam (elaborations)
CS6262 Final Exam Solved Correctly!!
- Course
- Institution
CS6262 Final Exam Solved Correctly!!
[Show more]
Content preview
Name: Score:105 Multiple choice questions
Definition 1 of 105
A type of DoS where an attacker sends a large amount of SYN request packets to a server in an
attempt to deny service.
Smurf
Land
SYN Flood
Ping Flood
Term 2 of 105
Mahalanobis Distance
- Identify suspicious components
- Broadcast receivers registering for suspicious actions
- Background services
All comprised computers share a common psuedo-random permutation of the IP address
space
Packing involves encrypting malware so that signature-based detection can be evaded
PAYL detection is based on the distance of normal traffic vs an incoming packet
Definition 3 of 105
Contains IP Address
A Record
Ns Record
Write, Record
A Field
,Term 4 of 105
NS Record
The storm botnet uses a central command-and-control server
Points to other server
Contains ip address
-connectionless -unreliable -no authentication
Definition 5 of 105
Technique that protects clients from clickjacking. It prevents web pages from being rendered
inside a frame.
Framebusting
Reflected Xss
Subnet Spoofing
Permutation Scanning
Term 6 of 105
As a cost saving measure, BotHunter does not produce a comprehensive bot profile.
The Storm botnet uses a central command-and-control server
Uses the communication patterns of the comprised computer to find a new target
False - BotHunter does produce a comprehensive bot profile. See slide 15 and BotHunter:
Detecting Malware Infection Through IDS-Driven Dialog Correlation.
Log keystrokes
Other choices:
- call system using function pointers
- rotate character strings
- make the executable a dynamic link library and inject it into another process
,Definition 7 of 105
Consumer create applications using programming languages and tools supported by the
provider
(google apps)
(salesforce)
PaaS
Iaas
Daas
Saas
Term 8 of 105
One of the reasons why PAYL can be evaded is that it is very simple: the features are very simple
and the anomaly detection model is also very simple.
No just IA
True
Consumers
False - Botnet detection
Term 9 of 105
Creating too many keys is bad
Consumers
- A fault is the cause of an error that leads to a system failure
- Fault tolerance can be achieved through failure masking
False
True
, Term 10 of 105
Which of the following statements about spam is INCORRECT? Choose the "All of the other
statements are correct" option if all the statements are correct.
The Storm botnet uses a central command-and-control server
Spam is usually sent to a large number of recipients.
Spam is used to spread malware.
Botnets are used to send spam.
The spam conversion rate is the percentage of spam messages that result in a sale.
Deploy DNSSEC
-Particularly vulnerable to amplification attacks
-Small command can generate a large response
-Vulnerable to source IP spoofing
-Difficult to ensure computers only communicate with legitimate NTP servers
Definition 11 of 105
-Connectionless
-Unreliable
-No authentication
Data Poisining
IP Header Format
Hit List Scanning
NS Record
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller stuuviaa. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
79223 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now