“Do I Know This Already?” Quiz
The “Do I Know This Already?” quiz helps you determine your level of knowledge of this chapter’s topics before you begin. Table 2-1 details the major topics discussed in this chapter and their corresponding quiz questions.
1. Which of the following is not a motivation of malicious actors?
a. Disruption
b. Bug bounty awards
c. Financial
d. Geopolitical
2. Which of the following is not considered a type of DDoS attack?
a. Directed
b. Cached
c. Reflected
d. Amplified
3. Why is UDP the “protocol of choice” for reflected DDoS attacks?
a. There are more application choices when using UDP.
b. UDP requires a three-way handshake to establish a connection.
c. UDP is much more easily spoofed.
d. TCP cannot be used in DDoS attacks.
4. Which of the following is leveraged in social engineering?
a. Software vulnerabilities
b. Human nature
c. Protocol violations
d. Application issues
5. Which of the following is not a form of social engineering?
a. Phone scams
b. Phishing
c. Denial of service (DoS)
d. Malvertising
6. Which of the following is not a valid defense against social engineering?
a. Two-factor authentication
b. Information classification
c. Infrastructure hardening
d. Physical security
7. Which tool provides the most granular information to help in the identification of malware?
a. NetFlow
b. Syslog
c. Packet capture
d. Server logs
8. NetFlow provides which of the following?
a. Detailed data about each packet on the network
b. Troubleshooting messages about the network devices
c. Information on the types of traffic traversing the network
d. Network names of routers, end hosts, servers
9. Which of the following is not used for identification of malware on the network?
a. NetFlow
b. IPS events
c. Routing Information Base (RIB)
d. Packet captures
10. Which type of data is not often attractive to malicious actors?
a. Personally identifiable information (PII)
b. Training schedules
c. Credit and debit card data
d. Intellectual property (IP)