Quiz: Identify and analyze Web server attacks
Test your knowledge of the material covered in the "Identify and analyze Web server attacks" section of Intrusion Defense School.
1.) Which option best completes this sentence?
"System monitoring is important because . . ."
a. it tells you how many people have visited your site.
b. it provides security against lapses in your perimeter defenses, flawed products, and both new and old vulnerabilities.
c. it means you don't need to keep patches up to date.
d. it tells you what threats your site faces.
e. None of the above
2.) Web server A is set up to log system and IIS activity. Which is the best set up from the list below?
a. Log File Directory: %WinDir%\System32\LogFiles
b. Log File Directory: C:\Inetpub\wwwroot\LogFiles
c. Log File Directory: E:\Inetpub\wwwroot\LogFiles
d. Log File Directory: E:\Inetpub\LogFiles
e. Log File Directory: F:\LogFiles
3.) Which is the recommended setting for auditing Object Access?
a. Success: Off, Failure: Off
b. Success: Off, Failure: On
c. Success: On, Failure: Off
d. Success: On, Failure: On
e. None of the above
4.) You have a limited security budget to protect your Web server, and your system administrator is busy upgrading your server. Which is your best option for an intrusion-detection system (IDS)?
a. A hosted-based appliance IDS
b. A network-based appliance IDS
c. A hosted-based software IDS
d. A network-based software IDS
e. A network and host-based appliance IDS
5.) You have downloaded and run the CIS Benchmarks and Scoring Tool. You score 4.8 out of 10. What should you do next?
a. Make a backup of your existing configuration b. Review the tool's list of tasks to improve your security
c. Identify the consequences of making configuration changes
d. Implement the hardening steps outlined in the Benchmark guide
e. All of the above