1.Question 1Which of the following countermeasures helps security teams defend against DoS and DDoS attacks on the network and system? 1 pointDisable TCP SYN cookie protection Configure the firewall to allow external ICMP traffic access Enable unused and insecure services Prevent the use of unnecessary functions such as gets and strcpy 2.Question 2Which of the following countermeasures helps security professionals defend against DoS/DDoS attacks? 1 pointAllow the transmission of fraudulently addressed packets at the ISP level Make use of functions such as gets and strcpy Secure remote administration and connectivity testing Allow data processed by the attacker from being executed

Which of the following countermeasures helps security professionals protect a network against DoS/DDoS attacks?Implement cognitive radios in the physical layerNever perform input validationAllow all inbound packets originating from the service portsUse functions such as gets and strcpy

Question 1What do network-level Denial of Service (DoS) attacks target?1 pointThe personal information of employeesCommonly used software applicationsAll hardware within an organizationNetwork bandwidth2.Question 2Which of the following statements accurately describe Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks? Select three answers.1 pointA DoS attack targets a network or server.In both DoS and DDoS attacks, if any part of the network is overloaded, the attacks are successful.A DDoS attack may use multiple devices in different locations to flood the target network with unwanted traffic.A DoS attack involves multiple hosts carrying out the attack.3.Question 3A security manager is training their team to identify when a server has experienced a SYN-flood attack. What might indicate to the team members that their organization is at risk?1 pointThe port numbers in the data packets are incorrect.An oversized ICMP packet is sent to the network server.The server has stopped responding after receiving an unusually high number of incoming SYN packets.A large number of ICMP packets are delivered to the organization’s servers.4.Question 4Fill in the blank: The DoS attack _____ occurs when a malicious actor sends an oversized ICMP packet to a server.1 pointon-pathSYN flood Ping of Deathsmurf5.Question 5Which of the following statements correctly describe passive and active packet sniffing? Select three answers.1 pointActive packet sniffing may enable attackers to redirect the packets to unintended ports.A company can avoid using unprotected Wi-Fi to help protect itself from packet sniffing.Passive packet sniffing enables attackers to change the information a packet contains.Passive packet sniffing allows malicious actors to view the information going in and out of the targeted device.6.Question 6As a security professional, you implement safeguards against attackers changing the source IP of a data packet in order to communicate over your company’s network. What type of network attack are you trying to avoid?1 pointPing of DeathPassive packet sniffingActive packet sniffingIP spoofing7.Question 7Fill in the blank: _____ is a network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network.1 pointA KRACK attackIP spoofingSYN floodingA DoS attack8.Question 8In which attack would malicious actors gain access to a network, put themselves between a web browser and a web server, then sniff the packet to learn the devices’ IP and MAC addresses?1 pointSmurf attackPacket flooding attackMalware attackOn-path attack9.Question 9Fill in the blank: The _____ network attack occurs when an attacker intercepts a data packet in transit, then repeats it at another time.1 pointSYN floodsmurfreplayon-path10.Question 10Which combination of DoS and IP spoofing attack can bring down an entire network by flooding an authorized user’s IP address with packets?1 pointSmurf attackOn-path attackReplay attackPing of Death

1.Question 1Which of the following countermeasures helps administrators defend against webserver attacks? 1 pointInstall the IIS server on a domain controller Do not configure a separate anonymous user account for each application Screen and filter incoming traffic requests Never use a dedicated machine as a web server 2.Question 2Which of the following practices is NOT a countermeasure to defend against web server attacks? 1 pointScreen and filter incoming traffic requests Physically protect the web server machine in a secure machine room Store website files and scripts on a separate partition or drive Install IIS server on a domain controller

What is the key characteristic that distinguishes a DDoS attack from a DoS attack?Select one:a. The use of social engineering techniquesb. The involvement of a single attackerc. The use of advanced encryptiond. The use of multiple attack vectors

Select the network security device with the stated feature.Ability to protect against DDoS attacks.Ability to act on real-time threat intelligence.Ability to inspect data within a packet.Ability to detect and prevent network intrusions.