Introduction to Cybersecurity Chapter 4 Quiz Answers

Introduction to Cybersecurity 2.1 Chapter 4 Quiz Answers – Chapter 4: Protecting the Organization

1. Which tool can perform real-time traffic and port analysis, and can also detect port scans, fingerprinting and buffer overflow attacks?

  • Nmap
  • SIEM
  • Snort
  • Netflow

Explanation: Snort is an open source intrusion protection system (IPS) that is capable of performing real-time traffic and port analysis, packet logging, content searching and matching, as well as detecting probes, attacks, port scans, fingerprinting, and buffer overflow attacks.

2. Which tool can identify malicious traffic by comparing packet contents to known attack signatures?

  • Nmap
  • Zenmap
  • Netflow
  • IDS

Explanation: An IDS, or intrusion detection system, is a device that can scan packets and compare them to a set of rules or attack signatures. If the packets match attack signatures, then the IDS can create an alert and log the detection.

3. What type of attack disrupts services by overwhelming network devices with bogus traffic?

  • brute force
  • zero-day
  • port scans
  • DDoS

Explanation: DDoS, or distributed denial of service, attacks are used to disrupt service by overwhelming network devices with bogus traffic.

4. What is the last stage of the Cyber Kill Chain framework?

  • gathering target information
  • remote control of the target device
  • malicious action
  • creation of malicious payload

Explanation: The Cyber Kill Chain describes the phases of a progressive cyberattack operation. The phases include the following:

*Command and control
*Actions on objectives

In general, these phases are carried out in sequence. However, during an attack, several phases can be carried out simultaneously, especially if multiple attackers or groups are involved.

5. Which protocol is used by the Cisco Cyberthreat Defense Solution to collect information about the traffic that is traversing the network?

  • NAT
  • NetFlow
  • Telnet

Explanation: NetFlow is used both to gather details about the traffic that is flowing through the network, and to report it to a central collector.

Notify of

Inline Feedbacks
View all comments