1 | Page
CS6262 FINAL STUDY SET FINAL
EXAM
CS6262 – ADVANCED NETWORK
SECURITY FINAL EXAM REVIEW &
PRACTICE TESTBANK EXPERT
VERIFIED QUESTIONS AND
APPROVED SOLUTIONS GRADED
A+ FOR GUARANTEED PASS
T/F: An attacker that uses large botnet to make requests to a server to
flood is an example of amplification attack.
----Solution----True
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent
network DoS.
----Solution----False
Which of the following actors are part of the cyber crime underground
economy?
Exploit Developers
Botnet Masters
,2 | Page
Spammers
All of the above
----Solution----All of the above
Which of the following is/are NOT a potential network DoS mitigation?
Select multiple.
Client Puzzles
CAPTCHAs
Source Identification
Use only TCP
Increase UDP 3-way handshake
----Solution----CAPTCHAs
Use only TCP
Increase UDP 3-way handshake
In 2015, GitHub was a victim of a distributed denial of service attack.
The attackers injected malicious JavaScript code in GitHub's web pages.
----Solution----False
T/F: A website ""http://gatech.edu"" is able to set or overwrite cookies
from the website ""https://gatech.edu"". The server is not able to
distinguish the overwritten cookies from the original cookies. This is an
example of violation of session integrity.
----Solution----True
,3 | Page
Which is INCORRECT regarding the session token?
Tokens will expire, but there should still be mechanisms to revoke them
if necessary
Token size, like cookie size, is not a concern
The token must be stored somewhere
All of them
----Solution----Token size, like cookie size, is not a concern
T/F: The HTTPS lock icon on the webpage is only displayed after all
elements on a webpage are fetched using HTTPS, a valid HTTPS cert is
issued by a trusted certificate authority for all elements, and the domain
in the URL matches CommonName or SubjectAlternativeName in cert.
----Solution----True
The following question is from the recommended reading "Exposing
Private Information by Timing Web Applications". Which of these are
valid defenses by web applications to resist timing attacks?
Adding random delay to the response
Both the answer choices are correct
Taking constant amount of time always for processing a request
----Solution----Taking constant amount of time always for processing
a request
, 4 | Page
You are visiting a page that contains two iframes: http://example.com
Links to an external site. and https://example.com Links to an external
site.. They can access each other's content directly.
----Solution----False
T/F: HTTPS encrypts the host address to protect the user's privacy.
----Solution----False
T/F: Content Security Policy (CSP) is an HTTP header that instructs the
web browser to restrict the source of contents to load or execute. It
prevents cross-site scripting, clickjacking, and code injection attacks.
----Solution----True
T/F: From the paper "A Look Back at "Security Problems in the TCP/IP
Protocol Suite," it's safe to rely on the IP source address for
authentication.
----Solution----Flase
T/F: In Steve Friedl's tech tips, he recommends people to run patched
servers. However, patched servers might still be vulnerable.
----Solution----True
Which of these is a TCP security problem:
CS6262 FINAL STUDY SET FINAL
EXAM
CS6262 – ADVANCED NETWORK
SECURITY FINAL EXAM REVIEW &
PRACTICE TESTBANK EXPERT
VERIFIED QUESTIONS AND
APPROVED SOLUTIONS GRADED
A+ FOR GUARANTEED PASS
T/F: An attacker that uses large botnet to make requests to a server to
flood is an example of amplification attack.
----Solution----True
T/F: Unlike UDP, TCP has the necessary safeguards in place to prevent
network DoS.
----Solution----False
Which of the following actors are part of the cyber crime underground
economy?
Exploit Developers
Botnet Masters
,2 | Page
Spammers
All of the above
----Solution----All of the above
Which of the following is/are NOT a potential network DoS mitigation?
Select multiple.
Client Puzzles
CAPTCHAs
Source Identification
Use only TCP
Increase UDP 3-way handshake
----Solution----CAPTCHAs
Use only TCP
Increase UDP 3-way handshake
In 2015, GitHub was a victim of a distributed denial of service attack.
The attackers injected malicious JavaScript code in GitHub's web pages.
----Solution----False
T/F: A website ""http://gatech.edu"" is able to set or overwrite cookies
from the website ""https://gatech.edu"". The server is not able to
distinguish the overwritten cookies from the original cookies. This is an
example of violation of session integrity.
----Solution----True
,3 | Page
Which is INCORRECT regarding the session token?
Tokens will expire, but there should still be mechanisms to revoke them
if necessary
Token size, like cookie size, is not a concern
The token must be stored somewhere
All of them
----Solution----Token size, like cookie size, is not a concern
T/F: The HTTPS lock icon on the webpage is only displayed after all
elements on a webpage are fetched using HTTPS, a valid HTTPS cert is
issued by a trusted certificate authority for all elements, and the domain
in the URL matches CommonName or SubjectAlternativeName in cert.
----Solution----True
The following question is from the recommended reading "Exposing
Private Information by Timing Web Applications". Which of these are
valid defenses by web applications to resist timing attacks?
Adding random delay to the response
Both the answer choices are correct
Taking constant amount of time always for processing a request
----Solution----Taking constant amount of time always for processing
a request
, 4 | Page
You are visiting a page that contains two iframes: http://example.com
Links to an external site. and https://example.com Links to an external
site.. They can access each other's content directly.
----Solution----False
T/F: HTTPS encrypts the host address to protect the user's privacy.
----Solution----False
T/F: Content Security Policy (CSP) is an HTTP header that instructs the
web browser to restrict the source of contents to load or execute. It
prevents cross-site scripting, clickjacking, and code injection attacks.
----Solution----True
T/F: From the paper "A Look Back at "Security Problems in the TCP/IP
Protocol Suite," it's safe to rely on the IP source address for
authentication.
----Solution----Flase
T/F: In Steve Friedl's tech tips, he recommends people to run patched
servers. However, patched servers might still be vulnerable.
----Solution----True
Which of these is a TCP security problem:
