IT6205A-2113T Introduction to Cybersecurity Introduction
(Chapter 4 Quiz)
Question text
Which protocol is used by the Cisco Cyberthreat Defense Solution to collect information about the traffic that is traversing the network?
Select one:
HTTPS
NAT
Telnet
NetFlow
Feedback
Refer to curriculum topic: 4.2.3
NetFlow is used both to gather details about the traffic that is flowing through the network, and to report it to a central collector.
NetFlow is used both to gather details about the traffic that is flowing through the network, and to report it to a central collector.
The correct answer is: NetFlow
Question text
Which tool can perform real-time traffic and port analysis, and can also detect port scans, fingerprinting and buffer overflow attacks?
Select one:
Netflow
SIEM
Snort
Nmap
Feedback
Refer to curriculum topic: 4.3.4
Snort is an open source intrusion protection system (IPS) that is capable of performing real-time traffic and port analysis, packet logging, content searching and matching, as well as detecting probes, attacks, port scans, fingerprinting, and buffer overflow attacks.
Snort is an open source intrusion protection system (IPS) that is capable of performing real-time traffic and port analysis, packet logging, content searching and matching, as well as detecting probes, attacks, port scans, fingerprinting, and buffer overflow attacks.
The correct answer is: Snort
Question text
What type of attack disrupts services by overwhelming network devices with bogus traffic?
Select one:
brute force
DDoS
zero-day
port scans
Feedback
Refer to curriculum topic: 4.1.3
DDoS, or distributed denial of service, attacks are used to disrupt service by overwhelming network devices with bogus traffic.
DDoS, or distributed denial of service, attacks are used to disrupt service by overwhelming network devices with bogus traffic.
The correct answer is: DDoS
Question text
What is the last stage of the Cyber Kill Chain framework?
Select one:
malicious action
creation of malicious payload
gathering target information
remote control of the target device
Feedback
Refer to curriculum topic: 4.2.2
The Cyber Kill Chain describes the phases of a progressive cyberattack operation. The phases include the following:
*Reconnaissance
*Weaponization
*Delivery
*Exploitation
*Installation
*Command and control
*Actions on objectives
In general, these phases are carried out in sequence. However, during an attack, several phases can be carried out simultaneously, especially if multiple attackers or groups are involved.
The Cyber Kill Chain describes the phases of a progressive cyberattack operation. The phases include the following:
*Reconnaissance
*Weaponization
*Delivery
*Exploitation
*Installation
*Command and control
*Actions on objectives
In general, these phases are carried out in sequence. However, during an attack, several phases can be carried out simultaneously, especially if multiple attackers or groups are involved.
The correct answer is: malicious action
Question text
Which tool can identify malicious traffic by comparing packet contents to known attack signatures?
Select one:
Netflow
IDS
Zenmap
Nmap
Feedback
Refer to curriculum topic: 4.3.4
An IDS, or intrusion detection system, is a device that can scan packets and compare them to a set of rules or attack signatures. If the packets match attack signatures, then the IDS can create an alert and log the detection.
An IDS, or intrusion detection system, is a device that can scan packets and compare them to a set of rules or attack signatures. If the packets match attack signatures, then the IDS can create an alert and log the detection.
The correct answer is: IDS