Tweet
CCNA Security: Modern Network Security Threats
Question 1
Which item is the great majority of software vulnerabilities that have been discovered?
A. Stack vulnerabilities
B. Software overflows
C. Heap overflows
D. Buffer overflows
Answer: D
Question 2
Which statement is true about vishing?
A. Influencing users to forward a call to a toll number (for example, a long distance or international number)
B. Influencing users to provide personal information over the phone
C. Using an inside facilitator to intentionally forward a call to a toll number (for example, a long distance or international number)
D. Influencing users to provide personal information over a web page
Answer: B
Explanation
Vishing (voice phishing) uses telephony to glean information, such as account details, directly from users. Because many users tend to trust the security of a telephone versus the security of the web, some users are more likely to provide confidential information over the telephone. User education is the most effective method to combat vishing attacks.
Question 3
In a brute-force attack, what percentage of the keyspace must an attacker generally search through until he or she finds the key that decrypts the data?
A. Roughly 66 percent
B. Roughly 10 percent
C. Roughly 75 percent
D. Roughly 50 percent
Answer: D
Question 4
Observe the following options carefully, which two attacks focus on RSA? (Choose all that apply.)
A. DDoS attack
B. BPA attack
C. Adaptive chosen ciphertext attack
D. Man-in-the-middle attack
Answer: B C
Which item is the great majority of software vulnerabilities that have been discovered?
A. Stack vulnerabilities
B. Software overflows
C. Heap overflows
D. Buffer overflows
Answer: D
Question 2
Which statement is true about vishing?
A. Influencing users to forward a call to a toll number (for example, a long distance or international number)
B. Influencing users to provide personal information over the phone
C. Using an inside facilitator to intentionally forward a call to a toll number (for example, a long distance or international number)
D. Influencing users to provide personal information over a web page
Answer: B
Explanation
Vishing (voice phishing) uses telephony to glean information, such as account details, directly from users. Because many users tend to trust the security of a telephone versus the security of the web, some users are more likely to provide confidential information over the telephone. User education is the most effective method to combat vishing attacks.
Question 3
In a brute-force attack, what percentage of the keyspace must an attacker generally search through until he or she finds the key that decrypts the data?
A. Roughly 66 percent
B. Roughly 10 percent
C. Roughly 75 percent
D. Roughly 50 percent
Answer: D
Question 4
Observe the following options carefully, which two attacks focus on RSA? (Choose all that apply.)
A. DDoS attack
B. BPA attack
C. Adaptive chosen ciphertext attack
D. Man-in-the-middle attack
Answer: B C