Employee computers have been attacked repeatedly. The attacker appears to be working
internally, and has been able to scan internal systems for weaknesses. Which of the following will
best help you stop these attacks?

Which of the following is a feature that you would expect desktop firewall software to provide?

Which wireless security technique is most susceptible to spoofing?

What is the preferred first step to take if an end user suspects that a desktop system has been
compromised by an attacker?

Which of the following password policies will help secure employee desktop systems in case an
employee’s password is stolen?

Which of the following best describes a buffer overflow attack?

A system is responding slowly, and then crashes. You notice that the system received thousands
of TCP packets that somehow had the same IP address as both the source and destination
address. What type of attack has been waged?

A server is responding very slowly. After checking the system’s memory and disk usage and
finding nothing wrong, you use a packet sniffer to view packets on the network. You notice that the
system is being subjected to thousands of packets per second. Each packet seems to come from
a different IP address. Which of the following is the most likely explanation for the different source
IP addresses?

What services do botnet creators commonly exploit in order to amplify attacks and thwart trace
back?

What is the first step of a gap analysis?