Question 1 A device or application that monitors network traffic for malicious a
ID: 3561297 • Letter: Q
Question
Question 1
A device or application that monitors network traffic for malicious activity or dangerous policy violations is often referred to as ...............................
Intrusion Detection / Prevention System
DMZ segment
Firewall
Honeypot
Question 2
.................. is summary data collected from packet headers and network devices that illustrates connection, traffic, protocol and other patterns.
Question 3
........ is a formal description of message formats and the rules for exchanging those messages
Question 4
What ports are open on d0ze.internal in the image of the nmap scan results below?
What services are offered?
What differences do you observe about these two devices as it pertains to a hardened network presence?
What do the IP addresses tell us? Why might this be important or relevant?
https://resources.oncourse.iu.edu/access/content/attachment/FA13-IN-CIT-40600-24869/Tests%20_%20Surveys/be14a4a2-57fd-41c1-b2c4-422eabdc6a4a/nmap-401-demoscan-798x774.gif
Question 5
Results from a port scan would likely benefit an attacker (select all that apply)
during the Attack & Exploitation phase
during the Device Discovery & Service Enumeration phase
exfiltrate data from the target environment
when attempting to identify a specific device type (database, web server, etc.)
Explanation / Answer
Question 1
A device or application that monitors network traffic for malicious activity or dangerous policy violations is often referred to as ...............................
Intrusion Detection / Prevention System
DMZ segment
Firewall
Honeypot
Question 2
Network and Router monitoring is summary data collected from packet headers and network devices that illustrates connection, traffic, protocol and other patterns.
Question 3
Protocol is a formal description of message formats and the rules for exchanging those messages
Question 4
What ports are open on d0ze.internal in the image of the nmap scan results below?
What services are offered?
What differences do you observe about these two devices as it pertains to a hardened network presence?
What do the IP addresses tell us? Why might this be important or relevant?
https://resources.oncourse.iu.edu/access/content/attachment/FA13-IN-CIT-40600-24869/Tests%20_%20Surveys/be14a4a2-57fd-41c1-b2c4-422eabdc6a4a/nmap-401-demoscan-798x774.gif
Question 5
Results from a port scan would likely benefit an attacker (select all that apply)
during the Attack & Exploitation phase
during the Device Discovery & Service Enumeration phase
exfiltrate data from the target environment
when attempting to identify a specific device type (database, web server, etc.)
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.