1.
Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?
2.
Which of the following applications is an example of a data-sending Trojan?
3.
Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members of the incident response team to perform the following actions:
Remove the network cable wires.
Isolate the system on a separate VLAN
Use a firewall or access lists to prevent communication into or out of the system.
Change DNS entries to direct traffic away from compromised system
Which of the following steps of the incident handling process includes the above actions?
4.
Which of the following statements are true about worms? Each correct answer represents a complete solution. Choose all that apply.
5.
Which of the following commands is used to access Windows resources from Linux workstation?
6.
Your network is being flooded by ICMP packets. When you trace them down they come from multiple different IP addresses. What kind of attack is this?
7.
In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?
8.
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?
9.
What is the major difference between a worm and a Trojan horse?
10.
Which of the following statements are true about firewalking? Each correct answer represents a complete solution. Choose all that apply.