CYSE 101 Final 2023|GUARANTEED SUCCESS

What is the difference between a stateful packet filtering firewall and a basic packet filtering firewall? A stateful packet filtering firewall tracks sessions between systems For what might we use the tool Kismet? To detect wireless devices 00:46 04:07 What tool mentioned in the text might we use to scan for devices on a network, to include fingerprinting the operating system and detecting versions of services on open ports? nmap Which of the following is not a reason to use a honeypot? release classified or PII data What is the primary purpose of a Network Intrusion Detection System? detect possible attack traffic What is a key difference between signature and anomaly detection in IDSs? ... What is the primary purpose of a network firewall? control the traffic allowed in and out of a network What is the purpose of a network DMZ? Provide external access to systems that need to be exposed to external networks such as the Internet in order to function Why does network segmentation generally improve security? malicious traffic cannot freely traverse the internal network Which of the following is not a protocol for wireless encryption? kismet What does applying a vendor OS update (patch) usually do? ... What does executable space protection do for us and how? prevents buffer overflow attacks from working by blocking code execution on the memory stack 00:03 04:07 What is the difference between a port scanner and a vulnerability assessment tool? port scanners discover listening ports; vulnerability assessment tools report known vulnerabilities on listening ports Exploit frameworks make it... ... Are nmap results always accurate, or is it sometimes necessary to verify nmap output with another tool? you should verify nmap results with another tool or data source What is a cyber attack surface? the total of the number of available avenues through which our system might be attacked Why might we want a (software) firewall (FW) on our host if one already exists on the network? ... Which of the following is not part of operating system hardening? ... How does the principle of least privilege apply to operating system hardening? prevents attack actions that require administrator or root privilege If an antivirus tool is looking for specific bytes in a file (e.g., hex 50 72 6F etc.) to label it malicious, what type of AV detection is this? signature How can we prevent buffer overflows in our applications? implement proper bounds checking Does an SQL injection attack compromise content in the database or content in the Web application? database What does the tool Nikto do? Scans a web server for common vulnerabilities Why is it important from a security perspective to remove extraneous files from a Web server? They may provide information or vulnerabilities useful to an attacker Why is input validation important from a security perspective? to prevent certain types of attacks How might we use a sniffer to increase the security of our applications? to watch the network traffic being exchanged with a particular application or protocol Name the two main categories of Web security. Client-side attacks and server-side attacks What does a fuzzing tool do? Provide multiple data and inputs to discover vulnerabilities Which of the following is an example of a race condition? Two bank transactions (withdrawals) run concurrently and the balances are not properly accumulated (recorded) How does an XSRF attack works? a link or script on one web page is executed in the context of another open web page or web application What did the PCI DSS establish? security standards as a condition of processing credit card transactions Which of the following is not a provision of the Federal Privacy Act of 1974? it provides individuals the "right to be removed from the Internet" At a high level, what does the Federal Privacy Act of 1974 do? Safeguards privacy through creating four rights in personal data What does PII stand for? Personally Identifiable Information What was the primary topic of the material that Edward Snowden released? surveillance of electronic communications of US citizens