Which of the following honeypots is a low-interaction honeypot and is used by companies or corporations for capturing limited information about malicious hackers?
A. Honeynet
B. Production honeypot
C. Research honeypot
D. Honeyfarm
You work as a Network Administrator for ABC Inc. The company has a TCP/IP network. You have been assigned a task to configure a stateful packet filtering firewall to secure the network of the company. You are encountering some problems while configuring the stateful packet filtering firewall.
Which of the following can be the reasons for your problems?
Each correct answer represents a complete solution. (Choose all that apply.)
A. It contains additional overhead of maintaining a state table.
B. It has limited logging capabilities.
C. It has to open up a large range of ports to allow communication.
D. It is complex to configure.
You work as a Network Administrator for ABC Inc. The office network is configured as an IPv6 network. You have to configure a computer with the IPv6 address, which is equivalent to an IPv4 publicly routable address.
Which of the following types of addresses will you choose?
A. Local-link
B. Site-local
C. Global unicast
D. Loopback
You work as a Network Administrator for a bank. For securing the bank's network, you configure a firewall and an IDS. In spite of these security measures, intruders are able to attack the network. After a close investigation, you find that your IDS is not configured properly and hence is unable to generate alarms when needed.
What type of response is the IDS giving?
A. False Negative
B. False Positive
C. True Positive
D. True Negative
Which of the following commands can change the IOS to be loaded in a router?
A. reload system
B. reboot system
C. boot system
D. load system
Which of the following algorithms is used as a default algorithm for ESP extension header in IPv6?
A. Cipher Block Chaining (CBC) Mode
B. Electronic Codebook (ECB) Mode
C. Propagating Cipher Block Chaining (PCBC) Mode
D. Cipher Feedback (CFB) Mode
Which of the following is used to implement a procedure to control inbound and outbound traffic on a network?
A. Sam Spade
B. ACL
C. Cookies
D. NIDS
Host-based IDS (HIDS) is an Intrusion Detection System that runs on the system to be monitored. HIDS monitors only the data that it is directed to, or originates from the system on which HIDS is installed. Besides monitoring network traffic for detecting attacks, it can also monitor other parameters of the system such as running processes, file system access and integrity, and user logins for identifying malicious activities.
Which of the following tools are examples of HIDS?
Each correct answer represents a complete solution. (Choose all that apply.)
A. HPing
B. Legion
C. Tripwire
D. BlackIce Defender
Which of the following is a hardware/software platform that is designed to analyze, detect and report on security related events.
NIPS is designed to inspect traffic and based on its configuration or security policy, it can drop the malicious traffic?
A. NIDS
B. HIDS
C. HIPS
D. NIPS
Which of the following security protocols uses a single, manually configured, static key for data encryption that is shared by the client and the WAP?
A. IPSec
B. WPA
C. WEP
D. L2TP