CMIT 321 quiz 4 - At what layer of the TCP stack does web browsing take

University of Maryland, University College CMIT 321 quiz 4

At what layer of the TCP stack does web browsing take place?

Question 1 options:

 

network

 

application

 

Internet

 

data link

Which of the following functions can used to defend against buffer overflows? (Select all that apply.)

Question 6 options:

 

a) 

gets()

 

b) 

fgets()

 

c) 

strcopy()

 

d) 

strncopy()

 

Which of the following tools automates and takes advantage of directory traversal exploits in IIS?

Question 3 options:

 

Msw3prt IPP Vulnerability

 

IIS_Traversal

 

ServerMask

 

IIS Xploit

Save

Previous PageNext Page
 

The Autorun feature of Removable Disks and CD Drives can be a threat to network Security.  What is the best course of action to remove Autorun for Removable Disks and CD Drives  for in Windows?

Question 5 options:

 

Tape the USB ports

 

Remove the CD-ROM Drive from the System

 

Use Group Policy

 

Provide Users without Administrative Rights

Save

Previous PageNext Page
 

Which of the following components help defend against session hijacking? (Select all that apply.)

Question 6 options:

 

a) 

per-packet integrity checking

 

b) 

source routing

 

c) 

PPTP

 

d) 

SSL

 

Identify two vulnerabilities of Microsoft’s Internet Information Services (IIS) from the options listed below. (Select two.)

Question 9 options:

 

a) 

mod_rewrite log escape filtering

 

b) 

::$DATA IIS vulnerability

 

c) 

WebDAV/RPC exploits

 

d) 

mod_proxy reverse proxy exposure

Save

Previous PageNext Page
 

IP spoofing is not difficult and can be used in a variety of attacks. However, the attacker will not see the packets that are returned to the spoofed IP address. In this case, the attacker uses ______________ and then sniffs the traffic as it passes.

Question 11 options:

 

alternate data streams

 

source routing

 

session hijacking

 

a redirect

 

This is an example of a Trojan that can be utilized for Website Defacement?:

Question 14 options:

 

HTTrack

 

WGET

 

Restorator

 

CrimePack

Save

Previous PageNext Page
 

Which of the following is the best countermeasure against hijacking? (Select all that apply.)

Question 15 options:

 

a) 

Use unpredictable sequence numbers.

 

b) 

Do not use the TCP protocol.

 

c) 

Use encryption.

 

d) 

Limit the unique sessions token to each browser’s instance.

Save

Previous PageNext Page
 

What were the two dominant attack strategies identified in Symantec's Threat Report?

Question 16 options:

 

Distributed Denial of Service

 

Focused Attack

 

Broader Strokes

 

Advanced Persistent Threats

he characteristics of these Trojans include the ability to open and close the CD-ROM tray?:

Question 19 options:

 

NetBus

 

Dark Comet

 

Poison Ivy

 

SubSeven