ITSA 270 Business Continuity and Disaster Recovery Quiz 3 Current Score: 20 out of 20 | Baltimore City Community College

Document Content and Description Below

ITSA 270 Business Continuity and Disaster Recovery Quiz 3 Current Score: 20 out of 20 | Baltimore City Community College Question 1 5 / 5 pts One of the most effective ways to complement vulnerabilit ... y scanning and comprehensively assess the security of a web system or application is to perform: a web search. a virus scan. HTTP header testing. penetration testing. Question 2 5 / 5 pts Regular reviews of web servers, web traffic, and web trending traffic gives you a sense of: which devices are connected to the network. what normal traffic consists of during specific times of the day. the effectiveness of employee training regarding security policies. the effectiveness of the guest use policy. Question 3 5 / 5 pts Which of the following could be an early warning sign of system compromise or a security breach? Excessive traffic spikes Low traffic Typical traffic patterns Low traffic followed by typical traffic Question 4 5 / 5 pts Which of the following is a free utility that can open secure remote connections over the Internet via Telnet or SSH (secure shell)? tcpdump Webalizer PuTTY Wireshark Question 5 5 / 5 pts Which of the following is a command line protocol capture tool that when used on a web server will capture and log all protocol interaction between a remote host (client PC) and the web server itself via HTTP:// or HTTPS://? tcpdump Webalizer PuTTY Wireshark Question 6 5 / 5 pts You can enable a script to automatically enable __________ to a remote server when a specific condition is exceeded, such as the baseline description for web trending traffic or web server CPU utilization. HTTP headers Apache Web logs PuTTY tcpdump logs Question 7 5 / 5 pts Which of the following can specify the kind of traffic or specific port number that you want to monitor and log for later analysis? tcpdump Webalizer PuTTY Damn Vulnerable Web Application (DVWA) IncorrectQuestion 8 0 / 5 pts Which of the following can be used to capture data from a brute force attack? Live HTTP Headers The Damn Vulnerable Web Application (DVWA) The Live HTTP Headers plug-in for the Firefox browser PuTTY Webalizer Question 9 5 / 5 pts Live HTTP Headers enables users to view the HTTP header of any page which can assist in: disguising access points. sending cookies. debugging web applications. monitoring a specific port. Question 10 5 / 5 pts Instead of typing tcpdump –r /var/www/dump/capture.pcap in the PuTTY terminal window to view the results of the capture.pcap file on the screen, you could type __________ to view the tcpdump results in ASCII. tcpdump –C –r /var/www/dump/capture.pcap tcpdump –S –r /var/www/dump/capture.pcap tcpdump –A –r /var/www/dump/capture.pcap tcpdump –ASCII –r /var/www/dump/capture.pcap Question 11 5 / 5 pts In the lab, the Wireshark __________ window showed the interaction between the browser and the web server for a login attempt. browser Live HTTP Headers terminal Follow TCP Stream IncorrectQuestion 12 0 / 5 pts In the Wireshark Follow TCP Stream window, the body of the HTTP response is: compressed and shows up as a jumble of characters expanded and shows up as an easy-to-read HTML format. compressed and shows up as a jumble of characters. shown in blue. shown in pink. Question 13 5 / 5 pts Which of the following is a web-based tool that parses the log files to easily extract information about a variety of usage statistics? tcpdump Webalizer PuTTY Wireshark Question 14 5 / 5 pts When the Webalizer script is executed, __________ are processed into the Webalizer database. captured files TCP streams HTTP headers Web server log files Question 15 5 / 5 pts Once web server log files are processed into the Webalizer database, they can be interpreted in: easy-to-read HTML format. a compressed jumble of characters. ASCII. a baseline description. IncorrectQuestion 16 0 / 5 pts In the lab, which command did you use to filter the log to show only the entries containing the word smithy? grep GET grep FILTER smithy Question 17 5 / 5 pts Which of the following can give you rich insights into your website traffic and marketing effectiveness? Advertising banners Damn Vulnerable Web Application (DVWA) Web analytics tools Privacy statements Question 18 5 / 5 pts Which of the following can identify the who, what, where, and when on your website? WHOIS Web analytics tools Wireshark Webalizer Question 19 5 / 5 pts Web analytics tools can be used to provide __________ to assess and analyze a website’s traffic, trending, and user interaction with the site. metrics brute force attacks HTTP headers TCP streams Question 20 5 / 5 pts Correctly interpreting man-machine interface metrics allow web designers to: halt malicious attacks after they have been launched. prevent malicious attacks from occurring in the first place. build more effective and efficient Web sites and Web content. filter the results of GET requests based on key words. [Show More]

Last updated: 7 months ago

Preview 3 out of 13 pages