Chapter 4

Review Questions

1. A network tap____________________.

A. has been made obsolete by software protocol analyzers

B. is a separate device that can be installed between other network devices to monitor traffic

C. stands for “Technology Account Protocol” (TAP)

D. is the same as a wireless access point

2. Each of the following is a characteristic of a weak password except_________.

A. Using a common dictionary word

B. Using personally identifiable information

C. A password that is long

D. Recording the password on paper

3. A(n) _____ is an account on a device that is created automatically to aid in installation and should be deleted once that is completed.

A. default account

B. back door

C. User Installation Account (UIA)

D. privilege account

4. A(n) _____ attack attempts to consume network resources so that the devices cannot respond to legitimate requests.

A. system overflow

B. Denial of service

C. reverse ping

D. ARP spoofing

5. Wireless denial of service attacks are successful because wireless LANs use the protocol____________.

A. Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)

B. Carrier Sense Multiple Access with Collision Detection (CSMA/CD)

C. time slot allocation (TSA)

D. implicit ACK frame acknowledgment protocol (IAFAP)

6. A man-in-the-middle attack_________________.

A. can be defeated by using the TCP/IP protocol

B. intercepts legitimate communication and forges a fictitious response

C. is only found on a wireless network

D. are always passive

7. The difference between a replay attack and a man-in-the-middle attack is________.

A. Replay attacks are always faster

B. A replay attack makes a copy of the transmission before sending it to the recipient

C. A man-in-the-middle attack can be prevented yet a replay attack cannot

D. Replay attacks are no longer used today

8. An example of an antiquated protocol that has been replaced by a more secure version is______________.

A. Simple Network Management Protocol (SNMP) Version 2

B. Address Resolution Protocol

C. Internet Protocol


9. Where does the TCP/IP host table name system for a local device store a symbolic name to Internet Protocol address mappings?

A. On the Domain Name System (DNS) server

B. In a local hosts file

C. In the ARP cache

D. On a network file server

10. Attackers take advantage of Domain Name System _____ to send fraudulent DNS entries.

A. area requests

B. domain resource sharing (DRS)

C. Internet name system transfer protocol

D. zone transfers

11. A more secure version of the Berkeley Internet Name Domain software is______.

A. Total Secure Domain Name System Zone (TSDNSZ)

B. Secure BIND

C. MX Secure (MXS)


12. _____ is used for Ethernet local area networks to resolve Internet Protocol addresses.


B. P2P



13. An attack that takes advantage of the order of arrival of TCP packets is_______.

A. IP forwarding

B. FTP spoofing

C. IP resolution

D. TCP/IP hijacking

14. War driving exploits _____, which is the wireless access point sending out information about its presence and configuration settings.

A. scanning

B. beaconing

C. location frame stamping

D. SGP mapping

15. A group of Bluetooth piconets in which connections exist between different piconets is called a(n)__________.

A. scatternet


C. double piconet (DP)

D. slavenet

16. _____ is the unauthorized access of information from a wireless device through a Bluetooth connection.

A. Blue jacking

B. Bluetooth snatching

C. Bluetooth spoofing

D. Blue snarfing

17. In a(n) _____ attack the attacker overflows a switch’s address table with fake media access control (MAC) addresses and makes the switch act like a hub, sending packets to all devices.

A. switch flooding

B. MAC ARP impersonation

C. Address Domain Resolution (ADR)

D. switch advertisement

18. A back door can be created by each of the following except______________.

A. a programmer of the software on the device

B. a virus

C. spam

D. a Trojan horse

19. Using _____, an attacker attempts to gather information to map the entire internal network of the organization supporting the DNS server.

A. DNS transfer

B. DNS spoofing

C. Zone transfer imaging (ZTI)

D. Name resolution spoofing

20. Each of the following could be the result of an ARP poisoning attack except________.

A. Change entries in a DNS zone transfer table

B. Steal data intended for another device

C. Force a switch to revert to a hub

D. Prevent Internet access to users on a network