Chapter 9: Practice Test 1 415
- D. Smurf attacks use a distributed attack approach to send ICMP echo replies at a
targeted system from many different source addresses. The most effective way to block
this attack would be to block inbound ICMP traffic. Blocking the source addresses is not
feasible because the attacker would likely simply change the source addresses. Blocking
destination addresses would likely disrupt normal activity. The smurf attack does not use
UDP, so blocking that traffic would have no effect. - C. Static packet filtering firewalls are known as first-generation firewalls and do not track
connection state. Stateful inspection, application proxying, and next-generation firewalls
all add connection state tracking capability. - A. TKIP is only used as a means to encrypt transmissions and is not used for data at rest.
RSA, AES, and 3DES are all used on data at rest as well as data in transit. - C. Generational fuzzing is also known as intelligent fuzzing because it relies on the
development of data models using an understanding of how the data is used by the
program. zzuf is a fuzzing program. Mutation simply modifies the inputs each time, and
code based is not a description used for a type of fuzzing. - B. Latency is a delay in the delivery of packets from their source to their destination.
Jitter is a variation in the latency for different packets. Packet loss is the disappearance
of packets in transit that requires retransmission. Interference is electrical noise or other
disruptions that corrupt the contents of packets. - B. Software tokens are flexible, with delivery options including mobile applications,
SMS, and phone delivery. They have a relatively low administrative overhead, as users
can typically self-manage. Biometrics require significant effort to register users and to
deploy and maintain infrastructure, and require hardware at each authentication location.
Both types of hardware tokens can require additional overhead for distribution and
maintenance, and token failure can cause support challenges. - B. Web applications communicate with web browsers via an interface, making interface
testing the best answer here. Regression testing might be used as part of the interface test
but is too specific to be the best answer. Similarly, the test might be a white box, or full
knowledge test, but interface testing better describes this specific example. Fuzzing is less
likely as part of a browser compatibility test, as it tests unexpected inputs, rather than
functionality. - A. Role-based access control gives each user an array of permissions based on their
position in the organization, such as the scheme shown here. Task-based access control is
not a standard approach. Rule-based access controls use rules that apply to all subjects,
which isn’t something we see in the list. Discretionary access control gives object owners
rights to choose how the objects they own are accessed, which is not what this list shows. - D. Fire suppression systems do not stop a fire from occurring but do reduce the damage
that fires cause. This is an example of reducing risk by lowering the impact of an event.