Datasheet
Answers
1
A. Application-level firewalls can inspect the application-level data, such as what
application command is executing, and either allow or deny that traffic. See
“Firewalls.”
2
A, D. A SYN flood attack and the ping of death attack were popular denial of
service attacks years back. Review “Denial of service.”
3
C. The demilitarized zone (DMZ) is where you should place public servers such
as Web and DNS servers. Check out “Firewalls.”
4
A. A social engineering attack is when the hacker contacts the victim and tries to
trick the individual into compromising security. Peruse “Social engineering
attacks.”
5
D. A packet-filtering firewall is capable of inspecting only the packet header to
decide if the packet should be allowed or denied. This type of firewall could be
easily tricked with a spoof attack. Take a look at “Firewalls.”
6
B. A buffer overflow attack involves the hacker sending too much data to the
application, which typically results in administrative access to the system. Peek
at “Buffer overflow.”
7
A. A spoof attack is when the hacker alters the source address of a packet in
order to bypass a security control such as a firewall or access control list. Look
over “Spoofing.”
8
C. A brute force attack mathematically calculates all potential password
combinations. Study “Password attacks.”
9
B. A stateful packet inspection firewall knows the context of the conversation
and the order in which packets should be received. For example, the firewall
knows that you can send data to a Web server without a three-way handshake.
Refer to “Firewalls.”
10
A, C. An active IDS takes corrective action when suspicious activity is detected.
Active IDSes are now known as intrusion prevention systems (IPS). Examine
“Intrusion detection system.”
Network Security Terminology
22_647486-bk04ch01.indd 47222_647486-bk04ch01.indd 472 10/15/10 11:27 PM10/15/10 11:27 PM