Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
True / False
1. The category of intrusion detection systems that looks for patterns that don’t match
those of normal use is called anomaly detection.
2. Snort is an open-source firewall.
3. A server with fake data used to attract an attacker is a honeypot.
4. When an administrator proactively seeks out intelligence on potential threats or groups,
this is called infiltration.
5. The method to attract an intruder to a subsystem setup for the purpose of observing
him is called intrusion deterrence.
6. An on-demand virus scanner runs in the background and is constantly checking your
7. Heuristic scanning uses rules to determine whether a file or program behaves like a
8. Linux and Windows typically are not shipped with firewalls.
9. A screening firewall works in the application layer of the OSI model.
10. A stateful packet inspection firewall examines each packet, and denies or permits
access based not only on the current packet, but also on data derived from previous
packets in the conversation.
Multiple Choice
1. A list of virus definitions is generally in a file with a ________ extension.
a. .dat
b. .txt
c. .vir
d. def
2. Typically, when you update virus definitions _____________.
a. The virus program scans your computer.
b. Your computer restarts.
c. You are updating the virus definition file on your computer
d. None of the above
3. A file that stays in memory after it executes is a(n) _____________.
a. Terminate and Stay Resident program
b. Executable
c. Text file
d. Bug
4. The virus scanning technique that uses rules to determine if a program behaves like a
virus is _________ scanning.
a. Download
b. File
c. Heuristic
d. Sandbox
5. The virus scanning technique that means you have a separate area isolated from the
operating system in which a file is run, so it won’t infect the system is ________.
a. Download
b. File
c. Heuristic
d. Sandbox
6. Java and ActiveX codes should be scanned before they are _________.
a. Downloaded to your computer
b. Known about
c. Infected
d. None of the above
7. Mistaking a legitimate program for a virus is a ____________.
a. Heuristic error
b. False negative
c. False positive
d. None of the above
8. A _________ is a barrier between your network and the outside world.
a. Firewall
b. Web server
c. File server
d. None of the above
9. A packet-filtering firewall is a(n) ____________ firewall.
a. Packet Filgering
b. Application gateway
c. Circuit-level gateway
d. Domain gateway
10. A(n)___________ firewall examines the entire conversation between client and
server, not just individual packets.
a. Stateful Packet Inspection
b. Packet filtering
c. Circuit-level gateway
d. Domain gateway
11. In which firewall configuration is the software installed on an existing machine with
an exiting operating system?
a. Network host-based
b. Dual-homed host
c. Router-based
d. Screened host
12. In which firewall configuration is the firewall running on a server with at least two
network interfaces?
a. Network host-based
b. Dual-homed host
c. Router-based
d. Screened host
13. A firewall ______ is a tool that can provide information after an incident has
occurred.
a. Log
b. Scan
c. Port
d. None of the above
