APU ISSC457 Week 1 And 2 Quiz Latest 2020

ISSC457 I001 Sum 18       Tests & Quizzes

Question 1          Network Forensics is the capturing, recording and analysis of network events in order to discover the source of security attacks.                                                                                                                                                                                          

Question 2          Enumeration is the process of gathering information about a network that may help an intruder attack the network.                                                                                                                                                                                                                            

Question 3          A  virus is a software program written to change the behavior of a computer or other device on a network, without the permission or knowledge of the user.                                                                                                                          

Question 4          Trojans are programs that contain or install malicious programs on targeted systems.                                     

Question 5          Intrusion detection is the process of tracking unauthorized activity using techniq es s ch as inspecting user actions, security logs, or audit study data.                                                                                                                                                            

Question 6          IIS Centralized : binary logging is a proce  in which many Web s tes write binary and unformatted log data to a single log file.                                                                

Question 7 Accountability  Log data identifies the accounts that are associated with certain events.                                         

Question 8          Reconstruction : Investigators review log data in order of time to determine what happened before and during an event.                                              

Question 9          Syslog is a combined audit mechanism used by the Linux operating system.                                                        

Question 10        Process Accounting is an audit mechanism for the Linux operating system.                                                          

Question 11        Cross-site scripting : (XSS) is an application-layer hacking method used for hacking Web applications.     

Question 12        Parameter Tampering is a type of Web attack that occurs when an attacker changes or modifies the parameters of a URL.                                                                    

Question 13        Cookie Snooping is when an attacker steals a victim’s cookies, possibly using a local proxy, and uses them to log on as the victim.                                                                                                                                       

Question 14        The DMZ (    demilitarized zone ) is a semitrusted network zone that separates the untrusted Internet from the company’s trusted internal network.com was                                                           

Question 15        Zero-day attacks exploit previously unknown vulnerabilities, so they are especially dangerous because preventative measures  ann t be taken in advance.                                                                                                                                        

Question 16        A URL    Interpretation attack is when an attacker takes advantage of different methods of text encoding, abusing the interpretation of a URL.                                       

Question 17        An    Impersonation attack is when an attacker spoofs Web applications by pretending to be a legitimate user.study                                                                                                         

Question 18        WebLog Expert gives information about a site’s visitors, including activity statistics, accessed files, paths through the site, referring pages,via search engines, browsers, operating sys ems, and more.                                                                                                   

Question 19 N-Stealth is a vulnerability-assessment product that scans Web servers to identify security problems and weaknesses.                                     

Question 20  Intrusion Detection (IDS) is a tec nique t     at detects inappropriate, incorrect, or anomalous activity in a system or network.