Quiz: Identify and analyze Web server attacks

Test your knowledge of the material covered in the "Identify and analyze Web server attacks" section of Intrusion Defense School.

1.) Which option best completes this sentence?
"System monitoring is important because . . ."

a. it tells you how many people have visited your site.
b. it provides security against lapses in your perimeter defenses, flawed products, and both new and old vulnerabilities.
c. it means you don't need to keep patches up to date.
d. it tells you what threats your site faces.
e. None of the above


Web Security School

Download the PDF version of our quiz on how to identify and analyze Web server attacks..

Return to the Identify and analyze Web server attacks main page.

Return to Intrusion Defense School.

2.) Web server A is set up to log system and IIS activity. Which is the best set up from the list below?

a. Log File Directory: %WinDir%\System32\LogFiles
b. Log File Directory: C:\Inetpub\wwwroot\LogFiles
c. Log File Directory: E:\Inetpub\wwwroot\LogFiles
d. Log File Directory: E:\Inetpub\LogFiles
e. Log File Directory: F:\LogFiles


3.) Which is the recommended setting for auditing Object Access?

a. Success: Off, Failure: Off
b. Success: Off, Failure: On
c. Success: On, Failure: Off
d. Success: On, Failure: On
e. None of the above


4.) You have a limited security budget to protect your Web server, and your system administrator is busy upgrading your server. Which is your best option for an intrusion-detection system (IDS)?

a. A hosted-based appliance IDS
b. A network-based appliance IDS
c. A hosted-based software IDS
d. A network-based software IDS
e. A network and host-based appliance IDS


5.) You have downloaded and run the CIS Benchmarks and Scoring Tool. You score 4.8 out of 10. What should you do next?

a. Make a backup of your existing configuration b. Review the tool's list of tasks to improve your security
c. Identify the consequences of making configuration changes
d. Implement the hardening steps outlined in the Benchmark guide
e. All of the above


This was last published in June 2005

Dig Deeper on Web Server Threats and Countermeasures

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.