D Is For Defense

182 Questions | Total Attempts: 20

SettingsSettingsSettings
Please wait...
D Is For Defense

.


Questions and Answers
  • 1. 
    Which United States Code (USC) is the federal computer fraud and abuse statute
    • A. 

      U.S.C. 20, Section 1030

    • B. 

      U.S.C. 10, Section 103

    • C. 

      U.S.C. 48, Section 1030

    • D. 

      U.S.C. 18, Section 1030

  • 2. 
    What are the 3 parts of INFOSEC
    • A. 

      Confidentiality, integrity, and availability

    • B. 

      Confidentiality, integrity, and security

    • C. 

      Confidentiality, integrity, and data reproduction

    • D. 

      Availability, physical security, and integrity

  • 3. 
    The goal of risk management is to reach what
    • A. 

      Nominal risk

    • B. 

      Acceptable risk

    • C. 

      Zero risk

    • D. 

      Secure risk

  • 4. 
    Risk = BLANK x Vulnerability
    • A. 

      Threat

    • B. 

      Incident

    • C. 

      Action

    • D. 

      Attack

  • 5. 
    The 5 types of threats are Environmental, External, Internal, Structured, and
    • A. 

      Unstructured

    • B. 

      Supported

    • C. 

      Near Peer

    • D. 

      Peer

  • 6. 
    What defines risk as “a function of the likelihood of a threat event’s occurrence and potential adverse impact should the event occur."
    • A. 

      DoDM 2780.2

    • B. 

      NIST SP 800-30

    • C. 

      NIST SP 800-300

    • D. 

      AFI 21-101

  • 7. 
    What are the 3 threat sources
    • A. 

      Natural, Human, and Unsupported

    • B. 

      Human, Environmental, and Known

    • C. 

      Natural, Human, and Environmental

    • D. 

      Natural, External, and Environmental

  • 8. 
    The 4 approaches to Defense in Depth are Uniform Protection, Protected Enclaves, Information-Centric, and
    • A. 

      Vector-Oriented

    • B. 

      Absolute Protection

    • C. 

      Threat Management

    • D. 

      Firewalls

  • 9. 
    Information Centric and <Blank> are not typically used when creating new networks
    • A. 

      Uniform Protection

    • B. 

      Protected Enclaves

    • C. 

      Firewalls

    • D. 

      Vector-Oriented

  • 10. 
    <Blank> treats all systems as equally important
    • A. 

      Uniform Defense

    • B. 

      Protected Enclaves

    • C. 

      Firewalls

    • D. 

      Uniform Protection

  • 11. 
    <blank>  subdivide and separate networks
    • A. 

      Uniform Protection

    • B. 

      Separate Enclaves

    • C. 

      Firewalls

    • D. 

      Protected Enclaves

  • 12. 
    <blank> prioritizes protection of information over systems
    • A. 

      INFOSEC

    • B. 

      Information Centric

    • C. 

      Information Centered

    • D. 

      Uniform Protection

  • 13. 
    <blank> IDs various vectors of threats and provides security mechanisms to prevent the use of the vector
    • A. 

      Vector-Centric

    • B. 

      Uniform Protection

    • C. 

      Protected Enclaves

    • D. 

      Vector-Oriented

  • 14. 
    Snort is a...
    • A. 

      Proxy Server

    • B. 

      Network Intrusion Detection System (NIDS)

    • C. 

      Intrusion Detection System (IDS)

    • D. 

      Firewall

  • 15. 
    Snort is <blank> based
    • A. 

      Rule

    • B. 

      Protocol

    • C. 

      Computer

    • D. 

      Ugga dugga

  • 16. 
    Snort looks at all traffic over IP, not just <blank>
    • A. 

      Headers

    • B. 

      TCP

    • C. 

      UDP

    • D. 

      Packets

  • 17. 
    What are the 3 operational modes of Snort
    • A. 

      Sniffer, packet logger, and Network Intrusion Detection System

    • B. 

      Sniffer, packet logger, and Intrusion Detection System

    • C. 

      Sniffer, packet logger, and firewall

    • D. 

      Sniffer, Active Recon, and Network Intrusion Detection System

  • 18. 
    What mode does Snort default to if no command line switches are given
    • A. 

      Sniffer

    • B. 

      Packet logger

    • C. 

      NIDS Mode

    • D. 

      Firewall

  • 19. 
    What does Snort Sniffer mode work like
    • A. 

      Tcpdump

    • B. 

      Tcpget

    • C. 

      Dumptcp

    • D. 

      Tcp

  • 20. 
    Snort –dvae command will Display payloads, be verbose, display arp traffic, and display what data
    • A. 

      Logical layer

    • B. 

      Access Layer

    • C. 

      Application layer

    • D. 

      Link layer

  • 21. 
    The Snort –b –l /var/log/Snort command will log <blank> data to the /var/log/Snort directory
    • A. 

      Binary

    • B. 

      Snort

    • C. 

      Log

    • D. 

      Hexadecimal

  • 22. 
    Snort Packet Logger mode will log all data and post-process to look for <blank> activity
    • A. 

      Malicious

    • B. 

      Anomalous

    • C. 

      Unknown

    • D. 

      Unidentified

  • 23. 
    Snort has the ability to log (save) packets to different loggers. Logging options available include multi-mode packet logging, flat ASCII, tcpdump, DML, and <blank>
    • A. 

      Database

    • B. 

      Tcp

    • C. 

      Single mode

    • D. 

      Binary

  • 24. 
    Which Snort mode uses all phases of Snort® + plug-ins to analyze traffic for both misuse detection and anomalous activity
    • A. 

      Sniffer

    • B. 

      Packet logger

    • C. 

      Chickey nuggie

    • D. 

      NIDS mode

  • 25. 
    Snort NIDS mode can perform <blank>, IP defragmentation, TCP stream reassembly, application layer analysis
    • A. 

      Port shutdown

    • B. 

      Portscan detection

    • C. 

      Hard drive recovery

    • D. 

      IP retrace

Back to Top Back to top