Chapter 17: Mock Exam 1
- A rogue device has been detected on a network. Which of the following can be used to help determine the type or vendor of the device?
A. IP address
B. Service port number
C. MAC address
D. All of the above
- A security professional suspects that the ARP cache of a host system was compromised. Which of the following commands can be used to show the ARP entries?
A.
arp -a
B.
ipconfig
C.
ifconfig
D.
netstat -ano
- An attacker was able to perform a man-in-the-middle attack and retrieved a victim's user credentials. Which of the following protocols was the victim most likely using?
A. S/MIME
B. HTTPS
C. SMTP
D. FTPS
- An attacker was able to redirect users to a malware-infected web server whenever they visited the URL
http://www.server.local
. Which of the following protocols was compromised?A. ICMP
B. IP
C. ARP
D. DNS
- Which of the following is not a threat identification method that's used by an Intrusion Prevention System (IPS)?
A. Algorithm-based
B. Global...