Default firewall blocking involves which of the following?

Including a rule that blocks default addresses

Doing default signature checking

The biggest disadvantage of a full DMZ versus a simple packet filter is which of the following?

Too simple for modern enterprise

HIDS differs from NIDS in what manner?

One is "high" IDS and the other is "normal"

One is "host" IDS and the other is "normal"

One is "homogeneous" IDS and the other is "network"

The conventional FTP protocol is generally viewed as enabling bad enterprise security by packet filters for which of the following reasons?

It requires bidirectional session initiation based on ports and addresses.

It includes high capacity file transfers

It is an older, legacy protocol that is unsupported

It forces only inbound session initiation

Perimeters exhibit which of the following weaknesses?

Clash between management and audit

The malicious client is sniffing packets on the local LAN to detect any local activity of interest. Which of the following security mitigations would be best for the administrator of the local LAN to employ to reduce the risk of the malicious client inappropriately obtaining information from other LAN users:

Warnings to users to be careful

Physical security of LAN equipment

Packet filters are often positioned in which of the following locations?

Between enterprise and perimeter

Which of the following is a false statement?

Enterprise access to external telnet servers is enabled by firewall rules on port 23

Telnet server access is not managed through firewall rules in the enterprise

Telnet server access is always determined by the client

Which of the following is a false statement?

Outbound packets from an external source IP are suspicious

A five-tuple firewall makes packet decisions

Inbound packets from an internal source IP are suspicious

UDP packets with ACK bit set to 1 are suspicious

Blockchain supports which of the following security-related functions?

Supporting distributed auditing

Keeping bad guys away from assets

Improving firewall access policy

Tor has which of the following implications on the Internet?

It was designed to support hiding from authorities

It was designed to support crime

It was designed to support catching authorities in crimes

Perimeter security exhibits which of the following?

Effective mitigation of insiders

Which of the following is the best definition of critical infrastructure?

It includes things that cannot be hacked

The malicious client is repeatedly trying to use administrative commands to log into the web server. Which of the following security mitigations would be best for the:

Positioning a firewall in front of the server to filter commands

Improving the strength of administrative passwords

Running an IDS in front of the server to detect attacks

The NIST Framework for Cyber Security is useful for which of the following reasons?

It comes from a reputable organization with wide reach

There just are not enough compliance standards

It has many, many controls that most enterprise teams forget

It is fully automated in the operating system

Advanced persistent threats (APTs) exfiltrate data through which of the following weaknesses?

Open remote access into the LAN

Reducing phishing attack risk is best done by which of the following?

Spending time with staff explaining the attack

Forget it. You cannot reduce phishing risk.

Spear phishing differs from phishing in which of the following ways?

Spear phishing targets specific people

Spear phishing uses private email

Spear phishing targets specific email protocols

Which of the following is not a true statement?

DDOS attacks will grow in an unbounded manner

DDOS attacks will increasingly involve cloud

DDOS attacks will increasingly involve mobility

DDOS attacks will increasingly involve IoT

Security requirement audits are most useful for which of the following?

Detecting gaps against a formal framework

Fixing weaknesses in crypto algorithms

Picking one firewall versus another

Which is the following is a true statement?

DDOS might involve spoofed sources

DDOS never involves spoofed sources

DDOS might involve spoofed targets

Third party attacks are tough to mitigate for which of the following reasons?

Vulnerabilities are tough to manage remotely

Attacks are based on vulnerabilities

coursera 2

Quiz

•

Science

•

12th Grade

•

Practice Problem

•

Easy

krox a

Used 3+ times

FREE Resource

78 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Automation in a SOC is a good idea for which of the following?

It is a mandatory requirement in most compliance frameworks

It requires 24 by 7 operation

It is already done in other parts of the enterprise

It reduces response cycle times

None of the above

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a true statement regarding management by exception?

It involves detecting attacks except where attackers are innocent

It involves looking for differences from chaos

It involves looking for differences from normal

None of the above

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a true statement?

Packet filters use the TCP ACK bit to makes decisions about policy.

Packet filters use the TCP ACK bit to makes decisions about blocking.

Packet filters adjust the TCP ACK bit based on management guidance

None of the above

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Enterprise outbound firewall rules to allow port 80 access are designed to do which of the following?

Protect the corporation from Telnet to Web browsers

Protect the corporation from Web threats

Allow employees to enjoy Web sites

Keep Web malware contained

None of the above

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The biggest challenge to signature-based security for detecting malware is which of the following?

Difficulty in keeping the lists readable

Difficulty in managing more than one list

Behavioral anomalies

Variants

All of the above

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Packets coming inbound from an internal (IN) source IP address should be viewed as which of the following?

Probably allowed

Probably forwarded

Probably spoofed

Probably connected to the Internet

None of the above

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a true statement regarding SIEMs?

A SIEM will not work with proper crypto

SIEM security requires network tunnels

SIEMS always require SOCs

SOCs typically use SIEMS

All the above.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

80 questions

1.2 DNA Replication

Quiz

•

12th Grade

78 questions

Air Masses and Fronts Review

Quiz

•

6th Grade - University

79 questions

APES Unit 1 Vocab

Quiz

•

9th - 12th Grade

79 questions

Science Test Review

Quiz

•

8th Grade - University

75 questions

Weather Review

Quiz

•

7th - 12th Grade

82 questions

Y8 Chemistry Unit Review

Quiz

•

8th Grade - University

75 questions

ESA Final

Quiz

•

9th - 12th Grade

79 questions

Bio B T2 23-24 Finals Practice

Quiz

•

9th - 12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Science

89 questions

Unit 1 (Ch 2 & 3) Test Review - Water/Ocean Currents

Quiz

•

9th - 12th Grade

10 questions

Natural Resources

Lesson

•

9th - 12th Grade

12 questions

Comparing Mitosis and Meiosis

Lesson

•

9th - 12th Grade

10 questions

Symbiotic Relationships

Lesson

•

9th - 12th Grade

5 questions

Unit 3 AB Check

Quiz

•

9th - 12th Grade

9 questions

Identify Phases and Structures of Mitosis

Quiz

•

9th - 12th Grade

15 questions

Solar System

Lesson

•

9th - 12th Grade

16 questions

Identify Types of Rocks

Quiz

•

9th - 12th Grade

coursera 2

78 questions

Automation in a SOC is a good idea for which of the following?

Which of the following is a true statement regarding management by exception?

Which of the following is a true statement?

Enterprise outbound firewall rules to allow port 80 access are designed to do which of the following?

The biggest challenge to signature-based security for detecting malware is which of the following?

Packets coming inbound from an internal (IN) source IP address should be viewed as which of the following?

Which of the following is a true statement regarding SIEMs?

Firewalls separate:

Default firewall blocking involves which of the following?

Which of the following is a true statement?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Science