Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

End of Chapter Solutions Template

advertisement 
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 4, Page 153
Prof. Michael P. Harris
ITSY 2430 Intrusion Detection
Name: __________________
Chapter Review Questions,
Chapter Quiz 04
Date: ________
Network Traffic Signatures
1. Security devices on a network process digital information,
such as text files and Web pages, the same way. However,
which of the following information might they handle
differently?
2. In which of the following can CVE improve the coordination of
intrusion information on a network? (Choose all that apply)
3. Which of the following can be included in a network traffic
signature? (Choose all that apply.)
4. What is the name of an error-checking procedure that uses a
formula to calculate a numeric value?
5. How do attackers use fragmentation to circumvent network
defenses? (Choose all that apply.)
6. Which of the following packets should never have a data
payload?
Page 1 of 3
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 4, Page 153
Prof. Michael P. Harris
7. Which of the following is not required for a single-packet
attack? (Choose all that apply.)
8. Which of the following is an example of a multiple-packet
attack? (Choose all that apply.)
9. Which of the following time to live (TTL) values is commonly
used by Windows computers? (Choose all that apply.)
10. What is the purpose of the 4-byte acknowledgement number
in a TCP header?
11. Which of the following is the correct order in which TCP flags
appear in the course of a normal connection?
12. Which OS typically has the following as part of its signature:
DgmLen 84, TTL 64, initial sequence number 0?
13. Which OS typically has alphabetic characters in its ASCII data
payload?
14. Which protocol uses different port numbers to establish a
connection and to transfer data?
Page 2 of 3
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 4, Page 153
Prof. Michael P. Harris
15. Which of the following is an example of a reconnaissance
traffic signature?
16. A BackOrifice attack falls into what category of suspicious
traffic signatures?
17. Which program keeps track of services and ports made
available through Remote Procedure Calls?
18. What does the ASCII data payload section of an ICMP packet
in Linux contain?
19. The maximum packet size that can be transmitted on a type
of computer network (Ethernet, for example) is known as
which of the following?
20. To avoid attacks that use advanced evasion techniques, such as
path names, hexadecimal codes, and CGI scripts, you must
do which of the following? (Choose all that apply.)
Page 3 of 3
Related documents
ITSY 2430 Intrusion Detection Chapter Quiz 02 Name: __________________
ITSY 2430 Intrusion Detection Chapter Quiz 02 Name: __________________
End of Chapter Solutions Template
End of Chapter Solutions Template
ITSY 2430 Intrusion Detection Chapter Quiz 11 Name: __________________
ITSY 2430 Intrusion Detection Chapter Quiz 11 Name: __________________
ITSY 2430 Intrusion Detection Chapter Quiz 10 Name: __________________
ITSY 2430 Intrusion Detection Chapter Quiz 10 Name: __________________
Textbook Adoption Form
Textbook Adoption Form
SON Faculty/Doctoral Students and Harris Health Nursing
SON Faculty/Doctoral Students and Harris Health Nursing
Client Individualized Care Plan
Client Individualized Care Plan
Clinical Agency Specific Orientation
Clinical Agency Specific Orientation
REQUIRED TEXTBOOKS FOR HEAVY MECHANICAL TRADES
REQUIRED TEXTBOOKS FOR HEAVY MECHANICAL TRADES
Application for Research Funding - The University of Tennessee at
Application for Research Funding - The University of Tennessee at
ENV 555 SURFACE WATER QUALITY MODELING
ENV 555 SURFACE WATER QUALITY MODELING
CALL FOR CHAPTERS CALL FOR CHAPTER PROPOSALS
CALL FOR CHAPTERS CALL FOR CHAPTER PROPOSALS
Download
advertisement