The answers to these questions appear in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes and Review Questions.” For more practice with exam format questions, use the exam engine on the website.
1. Why does NAT present a challenge to security monitoring?
2. What is a Tor exit node?
3. Iodine is a tool that attackers use to obfuscate their techniques and _________ information from an organization using DNS tunnels.
4. Base64 is an example of one of the most popular _________ mechanisms used by threat actors.
5. Why should NTP be enabled in infrastructure devices and for security monitoring?
6. What is SSH used for?
7. What is the best explanation of an overlapping fragment attack?
8. Describe a timing attack.
9. What technology is used to create a circuit of computers that exchange encrypted data and is typically used by attackers to avoid being detected from a specific geographical location?
10. What term describes when the threat actor first gains access to the employee computer and “moves” from that system to another system on the same network to gain further access to the target network?