issuhub.com

CEH

(Jeff_L) #1

434 Appendix A ■ Answers to Review Questions



  1. C. Warchalking is used specifically to draw others’ attention to the presence of a wireless
    network. The practice consists of drawing chalk symbols in the area of a detected wireless
    network that indicates the name, channel, and other information about the network.

  2. B. A closed network is typically considered a private network and not meant for public use.
    The network is usually not visible, and you can locate and connect to it only if you already
    know the SSID.

  3. C. A packet filtering firewall works at layer 3 of the OSI model and can be implemented
    with tools such as Wireshark. To obtain more in-depth information from a wireless
    network, you must use a tool such as AirPcap.

  4. C. A PSK is entered into each client that is going to access the wireless network. It is com-
    monly found in WEP, WPA, and WPA2 deployments. PSKs represent a security risk as they
    can be extracted from a compromised client and then allow a malicious party to access the
    network.

  5. D. A Wi-Fi jammer can be used to shut down a wireless network while it is running.


Chapter 16: Evading IDSs, Firewalls,


and Honeypots



  1. D. An HIDS (host-based intrusion detection system) is used to monitor security violations
    on a particular host.

  2. C. Port scanning can be used to identify certain firewalls as specific ports are known to be
    open and available on some firewalls.

  3. A. An NIDS includes extra features not found in programs such as Wireshark, but at their
    core they function in a similar way to packet sniffers.

  4. D. Encryption can be used to avoid specific types of firewalls due to their inability to
    decrypt the traffic.

  5. D. Evading an NIDS is something that can be done by altering a checksum because some
    systems cannot handle the differences in checksums on a packet when encountered.

  6. D. Firewalking is a process that can be done to analyze the configuration and rules on a
    firewall.

  7. A. Banner grabbing, using a program such as Telnet, can reveal information from services,
    thus indicating the nature of a firewall.

  8. B. A DoS is used to overwhelm an IDS, tying up its resources so that it cannot perform reli-
    able analysis of traffic and thus allows malicious packets to proceed unabated.


bapp01.indd 434 22-07-2014 10:56:37

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.