Assignment Instructions
Justify Your Answers
Answer the following 12 questions by selecting the single best answer for each. Using your course materials and/or other credible resources, provide a 50- to 100-word explanation of why you chose your answer for each question. Please cite your sources for your answers from your course materials or other credible resources.
- What is a vulnerability scanner?
- an application that detects when network intrusions occur and identifies the appropriate personnel
- an application that protects a system against viruses
- an application that identifies security issues on a network and gives suggestions for how to prevent the issues
- Your company has hired a security firm to test your network’s security. Which tool would need to be used outside your network?
- vulnerability scanner
- port scanner
- penetration tester
- Your manager suspects that your network is under attack. You have been asked to provide information regarding traffic flow and statistical information for your network. Which tool should you use?
- port scanner
- protocol analyzer
- penetration test
- An attacker wants to discover which front-end devices are in use on your organization’s network. Which type of device should the attacker use?
- probe
- firewall
- spyware
- Users report that your company’s Windows Server 2003 terminal server is experiencing performance issues. You have a performance baseline for the server. You suspect that the terminal server is under attack from a hacker. Which tool should you use to determine if the performance of the server has degraded?
- a port scanner
- system monitor
- a network analyzer
- Which tool is not a back-door application?
- Back orifice
- NetBIOS
- Nessus
- You have been asked to carry out a penetration test on your organization’s network. You obtain a footprint of the network. What should you do next?
- Perform port scans and resource identification.
- Attempt to gain unauthorized access by exploiting the vulnerabilities.
- Report to management.
- Which type of vulnerability assessment is more likely to demonstrate the success or failure of a possible attack?
- blind test
- double-blind test
- targeted test
- What is the best reason for an organization to implement two discrete firewalls connected directly to the Internet and to the same demilitarized zone?
- to permit traffic load balancing
- to provide in-defense depth
- to prevent a denial-of-service attack
- Which of the following is the best metric for evaluating the effectiveness of an intrusion detection mechanism?
- number of attacks detected
- ratio of successful to unsuccessful attacks
- ratio of false positives to false negatives
- Which of the following is most effective in preventing weaknesses from being introduced into existing production systems?
- virus detection
- change management
- patch management
- Which of the following devices should be placed within a demilitarized zone?
- database server
- network switch
- web server
Assignment Requirements
Only the title page, in-text citations, and reference page are required to be formatted according to APA standards for this assignment.
For more information on APA style formatting, go to Academic Writer, formerly APA Style Central, under the Academic Tools area of this course.