Which of the following is the correct order of digital investigations Standard Operating Procedure (SOP)?
A. Request for service, initial analysis, data collection, data reporting, data analysis
B. Initial analysis, request for service, data collection, data analysis, data reporting
C. Initial analysis, request for service, data collection, data reporting, data analysis
D. Request for service, initial analysis, data collection, data analysis, data reporting
A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?
A. IPTables
B. OpenSSH
C. IPChains
D. Stunnel
Host-based IDS (HIDS) is an Intrusion Detection System that runs on the system to be monitored. HIDS monitors only the data that it is directed to, or originates from the system on which HIDS is installed. Besides monitoring network traffic for detecting attacks, it can also monitor other parameters of the system such as running processes, file system access and integrity, and user logins for identifying malicious activities. Which of the following tools are examples of HIDS? Each correct answer represents a complete solution. Choose all that apply.
A. HPing
B. BlackIce Defender
C. Tripwire
D. Legion
Which of the following file systems supports the hot fixing feature?
A. FAT16
B. exFAT
C. NTFS
D. FAT32
Which of the following are default ports for the FTP service? Each correct answer represents a complete solution. Choose two.
A. 80
B. 21
C. 20
D. 443
Which of the following is the default port used by Simple Mail Transfer Protocol (SMTP)?
A. 80
B. 25
C. 20
D. 21
Which of the following IP packet elements is responsible for authentication while using IPSec?
A. Authentication Header (AH)
B. Layer 2 Tunneling Protocol (L2TP)
C. Internet Key Exchange (IKE)
D. Encapsulating Security Payload (ESP)
Which of the following protocols uses only User Datagram Protocol (UDP)?
A. FTP
B. ICMP
C. TFTP
D. POP3
This tool is known as __________.
A. Kismet
B. Absinthe
C. NetStumbler
D. THC-Scan
Which of the following methods is a behavior-based IDS detection method?
A. Knowledge-based detection
B. Protocol detection
C. Statistical anomaly detection
D. Pattern matching detection