C. MCQ (please select for correct answers.) (5 points) 1. Select the layer[s) that include the network level firewall a) Application layer bIP layer e TCP layer d Network layer 2. Which one of the following offers the facility of application whitelisting? a) DS b) AntimalwareCodeshield d) Previx1 3. Which one is the part of the network intrusion detection systems? a) Packet sniffing b) Inspecting network traffic c Deploying network firewall d) Trust management 4. Select correct statement(s) from the following a) A pclymorphic virus ciphers irs original code to avold patem recognition b) A metamorphic virus changes its cade to an equivalent one c) Polymorphism malware change the appearance of itself, whle metamorphic malware automatically recodes itself each time propagates All of the abowe d) 5. A computing activity in which usernames and info on groups, shares, and services of networked computers can be retrieved. a) Network enumerator b) Vulnerability signatureNetwork mopping d) None of the above 6. Choose the correct answers) PocketTrap iso netwerk enumereer b) Port sconning is a network mapper c) Natwork health monitoring is a cybersecurity tool d) Firewalls provides protection against software viruses 7. Select the incorrect answer(s) in case of firewalls that are based on packet filters a) Block all traffic to a list of domains b) Block all connecions from a specified domain c) Do not support sophisticoted rule-boied models d] Do not support user outhentikation of connections 8. Choose the incorrect answer a Signature-based malicious octivity detection uses pattern matching b) Metomorphik malware is a virus c) Polymerphic malwares are assumed to be advanced threats than normal malwares or even metamorphic d) Heuristics based malware detection uses patterns that locks for spedfic code behavior instead of specific strings 9. What i s your understanding about DiD? a) It provides us with a response window b) It buys us time to deted the attack c) It buys us time to respond to the attack d) An approach/concept is used to seek redundancy or fime in the event that multiple layers of security controls are placed in on IT system, however, they all fail to tockle a security attack. 10. When talking about IDSIPS, what is a signature? a. An electronic signature used to authenticate the idenity of a user on the network b. Attack-definition file c. t refers to "normal," the basellne network behavior d. None of the above D. Fill in the blank 1. There are different types of management systems for cyber defense. Among them, one management system (3 points) requires that a host asks about the reputation of a target host that iwants to interact with. It cakculates a reputation value based on its previous xperiences and the gathered reputation values from other hosts, and then it deddes whether to interact with the target host or nof. It also evaluates the credibility of hosts providing reputation values by estimating the Similarity, the Activity, the Popularity and the Cooperation of the queried hosts. is the type of management system. 2. 3. "Do I want to install now software now, a decision that a user con make securely when they are using is the study of the physical connectivity of networks 4. See the following figure. It refers to a kind of cyber defense. That is 5 Application Transport Control Trafic i tare basedon 2 Dara Uni Unknown aic is any alo edup 1 Pryscal nooming Trafc Alowed Otgoing Traftic