information security Q

Anonymous
account_balance_wallet $5

Question Description

ITEC 493 – Module 3 Assignment Name..............................................

Review Questions

1. What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through three succeeding systems that all trust one another? Explain.

2. Why some traditional network security devices (e.g., firewalls) cannot be used to block web application attacks?

3. Describe XSS and SQL injection

4. Which action cannot be performed through a successful SQL injection attack? Explain. a. reformat the web application server’s hard drive
b. display a list of customer telephone numbers
c. discover the names of different fields in a table

d. erase a database table

5. What type of attack intercepts legitimate communication and forges a fictitious response to the sender? Explain.
a. SIDS
b. interceptor

c. man-in-the-middle d. SQL intrusion

6. A replay attack:
a. is considered to be a type of DoS attack
b. makes a copy of the transmission for use at a later time c. can be prevented by patching the web browser
d. replays the attack over and over to flood the server

7. DNS poisoning:
a. floods a DNS server with requests until it can no longer respond
b. is rarely found today due to the use of host tables
c. substitutes DNS addresses so that the computer is automatically redirected to another device
d. is the same as ARP poisoning

8. Which markup language is designed to carry data? a. ICMP
b. HTTP
c. HTML

page1image15280

page1image15440

d. XML

9. What causes a buffer overflow? Explain
a. Launching a security countermeasure to mitigate a Trojan horse
b. Downloading and installing too many software updates at one time
c. Attempting to write more data to a memory location than that location can hold
d. Sending too much information to two or more interfaces of the same device, thereby causing dropped packets
e. Sending repeated connections such as Telnet to a particular device, thus denying other data sources

10. How is a smurf attack conducted?
a. By sending a large number of packets to overflow the allocated buffer memory of the target device
b. By sending an echo request in an IP packet larger than the maximum packet size of 65,535 bytes
c. By sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network

d. By sending a large number of TCP SYN packets to a target device from a spoofed source address

Unformatted Attachment Preview

ITEC 493 – Module 3 Assignment Name………………………………………. Review Questions 1. What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through three succeeding systems that all trust one another? Explain. 2. Why some traditional network security devices (e.g., firewalls) cannot be used to block web application attacks? 3. Describe XSS and SQL injection 4. Which action cannot be performed through a successful SQL injection attack? Explain. a. reformat the web application server’s hard drive b. display a list of customer telephone numbers c. discover the names of different fields in a table d. erase a database table 5. What type of attack intercepts legitimate communication and forges a fictitious response to the sender? Explain. a. SIDS b. interceptor c. man-in-the-middle d. SQL intrusion 6. A replay attack: a. is considered to be a type of DoS attack b. makes a copy of the transmission for use at a later time c. can be prevented by patching the web browser d. replays the attack over and over to flood the server 7. DNS poisoning: a. floods a DNS server with requests until it can no longer respond b. is rarely found today due to the use of host tables c. substitutes DNS addresses so that the computer is automatically redirected to another device d. is the same as ARP poisoning 8. Which markup language is designed to carry data? a. ICMP b. HTTP c. HTML d. XML 9. What causes a buffer overflow? Explain a. Launching a security countermeasure to mitigate a Trojan horse b. Downloading and installing too many software updates at one time c. Attempting to write more data to a memory location than that location can hold d. Sending too much information to two or more interfaces of the same device, thereby causing dropped packets e. Sending repeated connections such as Telnet to a particular device, thus denying other data sources 10. How is a smurf attack conducted? a. By sending a large number of packets to overflow the allocated buffer memory of the target device b. By sending an echo request in an IP packet larger than the maximum packet size of 65,535 bytes c. By sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network d. By sending a large number of TCP SYN packets to a target device from a spoofed source address ...
Purchase answer to see full attachment

Tutor Answer

Prof_DaveRamsey
School: UT Austin

Hey pal, here is the finished work, check if everything is in order. I used MLA format. Thanks

Surname 1
Student’s name
Course title
Instructor
Date of submission

ITEC 493 – Module 3 Assignment

1. What kind of attack is performed by an attacker who takes advantage of the
inadvertent and unauthorized access built through three succeeding systems that all
trust one another? Explain.
Transitive attack.
This refers to the indirect attack of a system through another trusted system linked
to it. I.e. In an instance where machines X, Y and Z trust each other, it’s possible to
attack machine Z through X since they all trust each other (Professor Messer).
2. Why some traditional network security devices (e.g., firewal...

flag Report DMCA
Review

Anonymous
awesome work thanks

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors