20/11/2022, 16:25 Review Test Submission: Quiz 5 – CS690 A1 Network ...

CS690 A1 Network Security (Fall 2022) Assessments Review Test Submission: Quiz 5

Review Test Submission: Quiz 5

User Chandana Chenchula Nandan

Course CS690 A1 Network Security (Fall 2022)
Test Quiz 5
Started 11/20/22 3:50 PM
Submitted 11/20/22 4:23 PM
Due Date 11/21/22 7:32 PM
Status Needs Grading
Attempt Score Grade not available.
Time Elapsed 32 minutes out of 2 hours
Results All Answers, Submitted Answers, Correct Answers, Feedback, Incorrectly
Displayed Answered Questions

Question 1 7.143 out of 7.143 points

Which of the following are true about TCP Reset Attacks? (Select all that apply.)

Selected a. It is a type of Denial of Service attack.

Answers:
b. The attacker spoofs the IP header information
Answers: a. It is a type of Denial of Service attack.
b. The attacker spoofs the IP header information
c.
SSH can be attacked because it sends payload information in
clear-text.
d. It can be used to attack UDP connections.
Response Du 16.3. TCP Reset is a DoS attack because it interrupts users’
Feedback: connections unexpectedly. It cannot be used on UDP protocol
because they are connectionless and cannot be reset. The attacker
spoofs the IP header information to appear to be valid to the
system(s) being attacked. SSH is vulnerable to TCP reset attacks
even though it encrypts payload information (not clear-text). SSH
encryption occurs at the Transport layer (TCP Layer 4), but the
TCP Reset attack exploits the Network Layer (IP, Layer 3) header.

Question 2 7.143 out of 7.143 points

Which of the following are true about Phishing or Spear Phishing. (Select All that
apply.)

Selected b.
Answers: Education is the most effective method for preventing successful
Phishing attacks.

https://learn.bu.edu/webapps/assessment/review/review.jsp?attempt_id=_22874459_1&course_id=_89682_1&content_id=_10972705_1&return_content=1&step= 1/7
20/11/2022, 16:25 Review Test Submission: Quiz 5 – CS690 A1 Network ...

c.
Checking the message header information can help determine if a
message ought to be trusted.
Answers: a.
Spear Phishing only targets executives or high-ranking people.
b.
Education is the most effective method for preventing successful
Phishing attacks.
c.
Checking the message header information can help determine if a
message ought to be trusted.
d.
It uses known code vulnerabilities to exploit to a network or system.

Response Module 5 Notes. Phishing does not target code vulnerabilities, it

Feedback: uses Social Engineering to compel a user to provide information or
launch malicious code that is used to compromise a target network
or system.

Question 3 7.143 out of 7.143 points

Select the statements that are true about E-mail. (Select all that apply.)

Selected c. S/MIME uses public/private key pairs and certificates.

Answers:
Answers: a.
Email was originally invented with several organic security
mechanisms
b.
Large organizations often choose PGP because it is simple and
easy to manage.
c. S/MIME uses public/private key pairs and certificates.
d. PGP uses a hierarchical identity validation system.
Response Module 5 Notes. Like most early network technologies, email was
Feedback: not developed with organic security mechanisms. PGP uses in
informal web of trust, not a hierarchical system. Both S/MIME and
PGP use public/private key pairs and certificates. However, PGP’s
lack of a hierarchical validation system means that it doesn’t scale
well to large organizations, so S/MIME is more typically deployed in
those instances.

Question 4 7.143 out of 7.143 points

Which of the following are true about trusted or untrusted clouds? (Select all that
apply.)

Selected a.
Answers: BBS Proxy Re-encryption is used to enable access control to cloud
resources without divulging credentials to the cloud.
b.
Challenge-response is used to ensure data is stored in the cloud.
d.

https://learn.bu.edu/webapps/assessment/review/review.jsp?attempt_id=_22874459_1&course_id=_89682_1&content_id=_10972705_1&return_content=1&step= 2/7
20/11/2022, 16:25 Review Test Submission: Quiz 5 – CS690 A1 Network ...
Open Authentication is a protocol used to grant temporary access to
cloud resources.
Answers: a.
BBS Proxy Re-encryption is used to enable access control to cloud
resources without divulging credentials to the cloud.
b.
Challenge-response is used to ensure data is stored in the cloud.
c.
There is no mechanism to prevent other cloud clients from
intercepting data during computation.
d.
Open Authentication is a protocol used to grant temporary access to
cloud resources.

Response Wang 7.1-7.5. There are several methods for secure multi-party
Feedback: computation including garbled circuits. Challenge-response is used
to validate that data has been stored on the cloud. BBS Proxy Re-
encryption is used to enable access control to cloud resources
without divulging credentials to the cloud provider. OAuth is used to
grant temporary access to cloud resources.

Question 5 7.143 out of 7.143 points

Where are Honey Pots commonly deployed? (Select all that apply.)

Selected Answers: a. In an enterprise intranet.

b. In a DMZ.
Answers: a. In an enterprise intranet.
b. In a DMZ.
c. In a SAN.
d. In a WAN.
Response Module 5 Notes. Honey Pots are commonly deployed within
Feedback: intranets and in DMZs. They are not commonly deployed in WANs
or SANs.

Question 6 7.143 out of 7.143 points

Which of the following is only able to replicate itself by embedding itself in files or
disk master boot blocks?

Selected Answer: b. Virus

Answers: a. Trojan Horse

b. Virus

c. Spyware

d. Worm

Response Module 5 Notes. Viruses need a host file or master boot block to
Feedback: infect and spread. A Trojan horse is any program that presents as
one thing but also contains a malicious payload such as spyware or
Malware. Worms do not require host files to infect.

https://learn.bu.edu/webapps/assessment/review/review.jsp?attempt_id=_22874459_1&course_id=_89682_1&content_id=_10972705_1&return_content=1&step= 3/7
20/11/2022, 16:25 Review Test Submission: Quiz 5 – CS690 A1 Network ...

Question 7 7.143 out of 7.143 points

Which of the following is true about Deep Packet Inspection?

Selected b.
Answer: An IPS is placed “in-line” so that traffic must flow through it to
enter or leave the network.

Answers: a. DPI does not inspect the IP header of a packet.

b.
An IPS is placed “in-line” so that traffic must flow through it to
enter or leave the network.

c. An IPS system can not drop traffic is suspects is malicious.

d.
An IDS system can proactively drop traffic it suspects is
malicious.

Response Module 5 Notes. IDS do not drop traffic. IPS can drop traffic. DPI
Feedback: inspects all parts of the packet including the IP header. Because
and IPS is designed to drop malicious traffic, it is placed inline so
that traffic must pass through it.

Question 8 7.143 out of 7.143 points

Which of the following techniques can deep packet inspection use to detect
malicious activities? (Select all that apply.)

Selected Answers: a. Patterns of networks activity

b. Expert System Detection
c. Statistical Detection
d. Neural Network Prediction
Answers: a. Patterns of networks activity
b. Expert System Detection
c. Statistical Detection
d. Neural Network Prediction
Response Module 5 Notes. All of the listed techniques can be used by deep
Feedback: packet inspection systems to detect malicious activities.

Question 9 7.143 out of 7.143 points

Which of the following are true about cloud-based services? (Select all that
apply.)

Selected b. Microsoft Office 365 is an example of a SaaS product.

Answers:
c.
They can reduce the initial investment and time involved in standing
up a new system or service.

https://learn.bu.edu/webapps/assessment/review/review.jsp?attempt_id=_22874459_1&course_id=_89682_1&content_id=_10972705_1&return_content=1&step= 4/7
20/11/2022, 16:25 Review Test Submission: Quiz 5 – CS690 A1 Network ...

d.
SaaS reduces the expense, time, and labor resources involved in
maintaining an application.
Answers: a.
IaaS providers support operating systems and applications hosted
on their systems.
b. Microsoft Office 365 is an example of a SaaS product.
c.
They can reduce the initial investment and time involved in standing
up a new system or service.
d.
SaaS reduces the expense, time, and labor resources involved in
maintaining an application.

Response Wang 7. IaaS providers provide infrastructure, and do not support

Feedback: the operating systems or applications that their customer deploy on
their infrastructure.

Question 10 7.143 out of 7.143 points

Which of the following could indicate that a received message is a forgery or has
been modified? (Select all that apply.)

Selected a. The keyed message digest has been altered.

Answers:
e. The digital signature cannot be verified.
Answers: a. The keyed message digest has been altered.

b. The public key has been altered

c.
The message received included a message digest that matches
the message clear-text.
d. The message received appears to be in cipher-text.
e. The digital signature cannot be verified.
Response Module 5 Notes. Receiving a message in cipher-text does not
Feedback: provide any indication about it’s integrity. If the message digest
received matches the digest calculated from the received clear-text
that is actually an indication that the message has not been
modified. An altered keyed message digest or a digital signature
that cannot be verified could both indicate that the message may
have been forged or modified.

Question 11 7.143 out of 7.143 points

Why is HIDS an important part of a Defense in Depth strategy? (Select the best
answer.)

Selected c.
Answer: It can monitor the state and performance of the local system and
detect malicious software from damaging the system.

Answers: a.
It can monitor traffic flow through a router or probe to identify
abnormal traffic.

https://learn.bu.edu/webapps/assessment/review/review.jsp?attempt_id=_22874459_1&course_id=_89682_1&content_id=_10972705_1&return_content=1&step= 5/7
20/11/2022, 16:25 Review Test Submission: Quiz 5 – CS690 A1 Network ...

b.
It validates website input to prevent exfiltration of data from the
network.

c.
It can monitor the state and performance of the local system and
detect malicious software from damaging the system.

d. It can detect Spear Phishing attacks.

Response Host Based Intrusion Detection Systems run on hosts to monitor

Feedback: local performance and file access, RAM usage, etc. to detect and
prevent malicious applications or code.

Question 12 7.143 out of 7.143 points

Which of the following is NOT typical functions of an Application Gateway?

Selected Answer: a. Packet-filtering based on IP header information

Answers: a. Packet-filtering based on IP header information

b. Proxy for HTTP requests from external connections

c. Man-in-the-middle

d. Deep Packet Inspection for specific applications

Response Module 5 Notes. Application Gateways perform deep-packet

Feedback: inspections to ensure that the traffic is valid for the specific
application by acting as a man-in-the-middle (also called a proxy)
for external application requests such as HTTP, FTP, SMTP
connections. They do not use IP header information to filter traffic,
that is a function of a packet-filtering firewall.

Question 13 7.143 out of 7.143 points

Which of the following are actions that should be taken to correct XSS
vulnerabilities. (Select all that apply.)

Selected Answers: b. Avoid allowing HTML encoding

c. Use WebScarab to test the implementation
d. Implement a validation library
Answers: a. Do not allow external users to input data into web sites
b. Avoid allowing HTML encoding
c. Use WebScarab to test the implementation
d. Implement a validation library
Response Module 5 Notes. Validate all inputs against a validation library that
Feedback: prohibits HTML encoding methods. Not allowing external users to
input data may defeat the purpose of many websites and is not
feasible in many or even most instances. This still would not
prevent abuse by internal users.

https://learn.bu.edu/webapps/assessment/review/review.jsp?attempt_id=_22874459_1&course_id=_89682_1&content_id=_10972705_1&return_content=1&step= 6/7
20/11/2022, 16:25 Review Test Submission: Quiz 5 – CS690 A1 Network ...

Question 14 7.143 out of 7.143 points

Which of the following vulnerabilities are frequently found in web sites? (Select all
that apply.)

Selected Answers: a. Cross-Site Scripting

b. Improper or insufficient error handling
c. Not validating user input
Answers: a. Cross-Site Scripting
b. Improper or insufficient error handling
c. Not validating user input
d. Use of TLS to encrypt connections
Response Module 5 Notes. Insufficient or improper error handling, not
Feedback: validating user input, and cross-site scripting are all common
vulnerabilities in web pages. Using TLS to encrypt connections
(HTTPS) is not a vulnerability, and is highly encouraged where ever
possible.

Question 15 Needs Grading

Please enter any feedback you have here.

Selected Answer: [None Given]

Correct Answer: [None]
Response Feedback: [None Given]
Sunday, November 20, 2022 4:23:24 PM EST

← OK

https://learn.bu.edu/webapps/assessment/review/review.jsp?attempt_id=_22874459_1&course_id=_89682_1&content_id=_10972705_1&return_content=1&step= 7/7