Security Information and Event Management Quiz Questions and Answers

What are some of the most common vulnerabilities that exist in a network or system?

Answer :
  • Additional unused features on commercial software packages.

Explanation :

Linux is an open source code and considered to have greater security than the commercial Windows environment. Balancing security. Ease of use and functionality can open vulnerabilities that already exist. Manufacturer settings, or default settings, may provide basic protection against hacking threats, but need to change to provide advance support. The unused features of application code provide an excellent opportunity to attack and cover the attack.

Which phase of hacking performs actual attack on a network or system?

Answer :
  • Gaining Access

Explanation :

In the process of hacking, actual attacks are performed when gaining access, or ownership, of the network or system. Reconnaissance and Scanning are information gathering steps to identify the best possible action for staging the attack. Maintaining access attempts to prolong the attack.

What is true about Email security in Network security methods?

Answer :
  • Phishing is one of the most common ways attackers gain access to a network.

Explanation :

Email security: Phishing is one of the most common ways attackers gain access to a network. Email security tools can block both incoming attacks and outbound messages with sensitive data.

Why would a ping sweep be used?

Answer :
  • To identify live systems

Explanation :

A ping sweep is intended to identify live systems. Once an active system is found on the network, other information may be distinguished, including location. Open ports and firewalls.

What is the sequence of a TCP connection?

Answer :
  • SYN-SYN ACK-ACK

Explanation :

A three-handed connection of TCP will start with a SYN packet followed by a SYN-ACK packet. A final ACK packet will complete the connection.

What is the best statement for taking advantage of a weakness in the security of an IT system?

Answer :
  • Exploit

Explanation :

A weakness in security is exploited. An attack does the exploitation. A weakness is vulnerability. A threat is a potential vulnerability.

Which of the following process is used for verifying the identity of a user?

Answer :
  • Authentication

Explanation :

It is called an authentication. It is typically based on passwords, smart card, fingerprint, etc.

How is IP address spoofing detected?

Answer :
  • Comparing the TTL values of the actual and spoofed addresses

Explanation :

IP address spoofing is detectable by comparing TTL values of the actual and spoofed IP addresses

The first phase of hacking an IT system is compromise of which foundation of security?

Answer :
  • Confidentiality

Explanation :

Reconnaissance is about gathering confidential information, such as usernames and passwords.

What is the purpose of a Denial of Service attack?

Answer :
  • To overload a system so it is no longer operational

Explanation :

DoS attacks force systems to stop responding by overloading the processing of the system.