01. In which of the following IDS evasion techniques does an attacker split the attack traffic into many packets, such that no single packet triggers the IDS?
a) Session Splicing
b) Unicode Evasion
02. Which of the following malware component is a software that protects malware from undergoing reverse engineering or analysis, and is thus hard to be detected by a security mechanism?
03. Which of the following cryptographic attack refers to the extraction of cryptographic secrets (e.g., the password to an encrypted file) from a person by coercion or torture?
a) Ciphertext-only Attack
b) Chosen-ciphertext Attack
c) Adaptive Chosen-plaintext Attack
d) Rubber Hose Attack
04. Docker is open-source software that can be installed on any host to build, deploy, and run containerized applications on a single operating system. Which of the following Docker native network drivers is used to create a network connection between the container interfaces and its parent host interface?
05. A Firewall is a set of related programs, located at a network gateway server that protects the resources of a private network from users from other networks. A firewall examines all traffic routed between the two networks to see if it meets certain criteria.
Packet filter is one of the categories of firewall. Packet filtering firewall works at which of these layers of the OSI model?
a) Network layer
b) Physical layer
c) Session layer
d) Application layer
06. Which of the following malware component is a software that protects malware from undergoing reverse engineering or analysis, and is thus hard to be detected by a security mechanism?
07. Which of the following term refers to gathering and publishing personally identifiable information such as an individual’s name and email address or other sensitive information of an entire organization?
08. Identify the attacks in which DDoS vulnerabilities do not have patches or effective defensive mechanisms, and until the victim identifies the threat actor’s attack strategy and deploys a patch for the exploited DDoS vulnerability, the attacker actively blocks all the victim’s resources and steals the victim’s data?
a) Ping of Death Attack
b) Smurf Attack
c) Zero-Day DDoS Attack
d) Pulse Wave DDoS Attack
09. Which of the following Wi-Fi chalking methods refer to drawing symbols in public places to advertise open Wi-Fi networks?
10. Even though IDS and firewall security controls can prevent any unauthorized network access, there are many evasion techniques used by attackers to exploit security limitations. One such technique is where the attacker changes the source IP addresses so that the attacks appear to be coming in as someone else. Identify the IDS/firewall evasion technique used by the attacker?
a) IP Address Spoofing
b) Packet Fragmentation
c) Source Routing
d) IP Address Decoy