Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security + 401 > 151-200 > Flashcards

151-200 Flashcards

1
Q

A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally, the system must support 3DS wireless encryption.

Which of the following should be implemented?

A

D. WPA2-Enterprise

WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security (e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Configuring key/value pairs on a RADIUS server is associated with deploying of the following:

A

A. WPA2-Enterprise wireless

WPA2-Enterprise is designed for enterprise networks and requires a RADIUS authentication server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security administrator must implement a network authentication solution which will ensure encryption of user credentials when users enter their username and password to authenticate to the network.

Which of the following should the administrator implement?

A

D. WEP over EAP-PEAP

Wired Equivalent Privacy (WEP) is designed to provide security equivalent to that of a wired network. WEP has vulnerabilities and isn’t considered highly secure. Extensible Authentication Protocol (EAP) provides a framework for authentication that is often used with wireless networks. Among the five EAP types adopted by the WPA/ WPA2 standard are EAP-TLS, EAP-PSK, EAP- MD5, as well as LEAP and PEAP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following BEST describes the weakness in WEP encryption?

A

D.
The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.

WEP is based on RC4, but due to errors in design and implementation, WEP is weak in a number of areas, two of which are the use of a static common key and poor implementation of initiation vectors (IVs). When the WEP key is discovered, the attacker can join the network and then listen in on all other wireless client communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?

A

C.
PEAP-MSCHAPv2

PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS or PEAP-TLS because user authentication is accomplished via password-base credentials (user name and password) rather than digital certificates or smart cards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption.

Which credential type authentication method BEST fits these requirements?

A

D.
PEAP-MSCHAPv2

PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS or PEAP-TLS because user authentication is accomplished via password-base credentials (user name and password) rather than digital certificates or smart cards. Only servers running Network Policy Server (NPS) or PEAP-MS-CHAP v2 are required to have a certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following means of wireless authentication is easily vulnerable to spoofing

A

A. MAC Filtering

Each network interface on your computer or any other networked device has a unique MAC address. These MAC addresses are assigned in the factory, but you can easily change, or “spoof,” MAC addresses in software.
Networks can use MAC address filtering, only allowing devices with specific MAC addresses to connect to a network. This isn’t a great security tool because people can spoof their MAC addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect.

Which of the following is MOST likely the reason?

A

A.
The company wireless is using a MAC filter

MAC filtering allows you to include or exclude computers and devices based on their MAC address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

After entering the following information into a SOHO wireless router, a mobile device’s user reports being unable to connect to the network:

PERMIT 0A: D1: FA. B1: 03: 37

DENY 01: 33: 7F: AB: 10: AB

Which of the following is preventing the device from connecting?

A

B.
Hardware address filtering is blocking the device.

MAC filtering allows you to include or exclude computers and devices based on their MAC address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up.

Which of the following BEST allows the analyst to restrict user access to approved devices?

A

D. MAC Filtering

A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If you don’t know the MAC address of a Linux-based machine, what command-line utility can you use to ascertain it?

A

B.
Ifconfig

To find MAC address of a Unix/Linux workstation, use ifconfig or ip a.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An organization does not want the wireless network name to be easily discovered.

Which of the following software features should be configured on the access points?

A

A.
SSID broadcast

Numerous networks broadcast their name (known as an SSID broadcast) to reveal their presence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A security architect wishes to implement a wireless network with connectivity to the company’s internal network. Before they inform all employees that this network is being put in place, the architect wants to roll it out to a small test segment.

Which of the following allows for greater secrecy about this network during this initial phase of implementation?

A

A. Disabling SSID broadcasting

Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

While previously recommended as a security measure, disabling SSID broadcast is not effective against most attackers because network SSIDs are:

A

B.
contained in certain wireless packets in plaintext.

The SSID is still required for directing packets to and from the base station, so it can be discovered using a wireless packet sniffer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A company provides secure wireless Internet access for visitors and vendors working onsite. Some of the vendors using older technology report that they are unable to access the wireless network after entering the correct network information.

Which of the following is the MOST likely reason for this issue?

A

A.
The SSID broadcast is disabled

When the SSID is broadcast, any device with an automatic detect and connect feature is able to see the network and can initiate a connection with it. The fact that they cannot access the network means that they are unable to see it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following best practices makes a wireless network more difficult to find?

A

C.
Disable SSID broadcast

Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Jane, the security administrator, sets up a new AP but realizes too many outsiders are able to connect to that AP and gain unauthorized access.

Which of the following would be the BEST way to mitigate this issue and still provide coverage where needed? (Choose two.)

A

C. Enable MAC filtering
D. Disable SSID broadcast

Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use.
A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following wireless security technologies continuously supplies new keys for WEP?

A

A.
TKIP

TKIP is a suite of algorithms that works as a “wrapper” to WEP, which allows users of legacy WLAN equipment to upgrade to TKIP without replacing hardware. TKIP uses the original WEP programming but “wraps” additional code at the beginning and end to encapsulate and modify it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A network administrator has been tasked with securing the WLAN.

Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?

A

A.
WPA2 CCMP

CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services:

Data confidentiality; ensures only authorized parties can access the information

Authentication; provides proof of genuineness of the user

Access control in conjunction with layer management

Because CCMP is a block cipher mode using a 128-bit key, it is secure against attacks to the 264 steps of operation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

An access point has been configured for AES encryption but a client is unable to connect to it.

Which of the following should be configured on the client to fix this issue?

A

B.
CCMP

CCMP is an encryption protocol designed for Wireless LAN products that implement the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC (CCM) of the AES standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A security administrator wishes to increase the security of the wireless network.

Which of the following BEST addresses this concern?

A

A.
Change the encryption from TKIP-based to CCMP-based.

CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This initialization vector makes cracking a bit more difficult.

22
Q

The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption.

Which of the following would be configured to provide more secure connections?

A

B.
WPA2 CCMP

CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This initialization vector makes cracking a bit more difficult.

23
Q

A system administrator wants to enable WPA2 CCMP.

Which of the following is the only encryption used?

A

D.
AES

Cipher Block Chaining Message Authentication Code Protocol (CCMP) makes use of 128-bit AES encryption with a 48-bit initialization vector.

24
Q

Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office.

Which of the following would BEST help Jane when deploying a new access point?

A

A.
Placement of antenna

You should try to avoid placing access points near metal (which includes appliances) or near the ground. Placing them in the center of the area to be served and high enough to get around most obstacles is recommended. On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided.

25
Q

A security team has identified that the wireless signal is broadcasting into the parking lot.

To reduce the risk of an attack against the wireless network from the parking lot, which of the following controls should be used? (Choose two.)

A

A. Antenna placement
F. Power levels

Placing the antenna in the correct position is crucial. You can then adjust the power levels to exclude the parking lot.

26
Q

Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls?

A

B.
Consider antenna placement

Cinderblock walls, metal cabinets, and other barriers can reduce signal strength significantly. Therefore, antenna placement is critical.

27
Q

Ann, a security administrator, has concerns regarding her company’s wireless network. The network is open and available for visiting prospective clients in the conference room, but she notices that many more devices are connecting to the network than should be.

Which of the following would BEST alleviate Ann’s concerns with minimum disturbance of current functionality for clients?

A

C.
Lower the antenna’s broadcasting power.

Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.

28
Q

After reviewing the firewall logs of her organization’s wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street.

Which of the following would be the BEST option to begin addressing the issue?

A

A.
Reduce the power level of the AP on the network segment

Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.

29
Q

An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance.

Which of the following antennas would be BEST for this situation?

A

B.
Yagi

A Yagi-Uda antenna, commonly known simply as a Yagi antenna, is a directional antenna consisting of multiple parallel dipole elements in a line, usually made of metal rods. It consists of a single driven element connected to the transmitter or receiver with a transmission line, and additional parasitic elements: a so-called reflector and one or more directors. The reflector element is slightly longer than the driven dipole, whereas the directors are a little shorter. This design achieves a very substantial increase in the antenna’s directionality and gain compared to a simple dipole.

30
Q

A company has recently implemented a high density wireless system by having a junior technician install two new access points for every access point already deployed. Users are now reporting random wireless disconnections and slow network connectivity.

Which of the following is the MOST likely cause?

A

D.
A site survey was not conducted

To test the wireless AP placement, a site survey should be performed.

31
Q

A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner.

Which of the following is the BEST way to run the malware scanner?

A

C.
Boot from CD/USB

Antivirus companies frequently create boot discs you can use to scan and repair your computer. These tools can be burned to a CD or DVD or installed onto a USB drive. You can then restart your computer and boot from the removable media. A special antivirus environment will load where your computer can be scanned and repaired.

32
Q

A company administrator has a firewall with an outside interface connected to the Internet and an inside interface connected to the corporate network.

Which of the following should the administrator configure to redirect traffic destined for the default HTTP port on the outside interface to an internal server listening on port 8080?

A

C.
Create a static PAT from port 80 on the outside interface to the internal interface on port 8080

Static PAT translations allow a specific UDP or TCP port on a global address to be translated to a specific port on a local address. In this case, the default HTTP port (80) is the global address to be translated, and port 8080 is the specific port on a local address.

33
Q

An overseas branch office within a company has many more technical and non-technical security incidents than other parts of the company.

Which of the following management controls should be introduced to the branch office to improve their state of security?

A

D.
Continuous security monitoring processes

Continuous monitoring may involve regular measurements of network traffic levels, routine evaluations for regulatory compliance, and checks of network security device configurations. It also points toward the never-ending review of what resources a user actually accesses, which is critical for preventing insider threats.

34
Q

Which of the following is a directional antenna that can be used in point-to-point or point-to-multi- point WiFi communication systems? (Choose two.)

A

A. Backfire
E. Dish

Both the Backfire and the Dish antennae are high gain antenna types that transmit a narrow beam of signal. It can therefore be used as a point-to-point antenna over short distances, but as point-to- multi-point antenna over longer distances.

35
Q

Which of the following would be MOST appropriate to secure an existing SCADA system by preventing connections from unauthorized networks?

A

C.
Implement a firewall to protect the SCADA system

Firewalls manage traffic using filters, which is just a rule or set of rules. A recommended guideline for firewall rules is, “deny by default; allow by exception”. This means that if a network connection is not specifically allowed, it will be denied.

36
Q

The common method of breaking larger network address space into smaller networks is known as:

A

A.
subnetting.

Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.

37
Q

While securing a network it is decided to allow active FTP connections into the network.

Which of the following ports MUST be configured to allow active FTP connections? (Choose two.)

A

A. 20
B. 21

FTP (File Transfer Protocol) makes use of ports 20 and 21

38
Q

An administrator needs to secure a wireless network and restrict access based on the hardware address of the device.

Which of the following solutions should be implemented?

A

B.
Enable MAC filtering

MAC addresses are also known as an Ethernet hardware address (EHA), hardware address or physical address. Enabling MAC filtering would allow for a WAP to restrict or allow access based on the hardware address of the device.

39
Q

A security administrator must implement a firewall rule to allow remote employees to VPN onto the company network. The VPN concentrator implements SSL VPN over the standard HTTPS port.

Which of the following is the MOST secure ACL to implement at the company’s gateway firewall?

A

D.
PERMIT TCP FROM ANY 1024-65535 TO 199.70.5.23 443

The default HTTPS port is port 443. When configuring SSL VPN, you can change the default port for HTTPS to a port within the 1024-65535 range. This ACL will allow traffic from VPNs using the 1024-65535 port range to access the company network via company’s gateway firewall on port 443.

40
Q

It is MOST important to make sure that the firewall is configured to do the following:

A

B.
Deny all traffic and only permit by exception.

Firewalls manage traffic using filters, which is just a rule or set of rules. A recommended guideline for firewall rules is, “deny by default; allow by exception”.

41
Q

An administrator needs to secure RADIUS traffic between two servers.

Which of the following is the BEST solution?

A

A.
Require IPSec with AH between the servers

IPsec is used for a secure point-to-point connection traversing an insecure network such as the Internet. Authentication Header (AH) is a primary IPsec protocol that provides authentication of the sender’s data.

42
Q

Ann, the Chief Information Officer (CIO) of a company, sees cloud computing as a way to save money while providing valuable services. She is looking for a cost-effective solution to assist in capacity planning as well as visibility into the performance of the network.

Which of the following cloud technologies should she look into?

A

B.
MaaS

Monitoring-as-a-service (MaaS) is a cloud delivery model that falls under anything as a service (XaaS). MaaS allows for the deployment of monitoring functionalities for several other services and applications within the cloud.

43
Q

Ann, the network administrator, is receiving reports regarding a particular wireless network in the building. The network was implemented for specific machines issued to the developer department, but the developers are stating that they are having connection issues as well as slow bandwidth. Reviewing the wireless router’s logs, she sees that devices not belonging to the developers are connecting to the access point.

Which of the following would BEST alleviate the developer’s reports?

A

A.
Configure the router so that wireless access is based upon the connecting device’s hardware address.

MAC addresses are also known as an Ethernet hardware address (EHA), hardware address or physical address. Enabling MAC filtering would allow for a WAP to restrict or allow access based on the hardware address of the device.

44
Q

An organization recently switched from a cloud-based email solution to an in-house email server. The firewall needs to be modified to allow for sending and receiving email.

Which of the following ports should be open on the firewall to allow for email traffic? (Choose three.)

A

C. TCP 25
E. TCP 110
F. TCP 143

Port 25 is used by Simple Mail Transfer Protocol (SMTP) for routing e-mail between mail servers.
Port 110 is used for Post Office Protocol v3 (POP3), which is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection.
Port 143 is used by Internet Message Access Protocol (IMAP) for the management of email messages.

45
Q

A technician wants to securely collect network device configurations and statistics through a scheduled and automated process.

Which of the following should be implemented if configuration integrity is most important and a credential compromise should not allow interactive logons?

A

A.
SNMPv3

SNMPv3 provides the following security features:

Message integrity–Ensures that a packet has not been tampered with in transit.

Authentication–Determines that the message is from a valid source.

Encryption–Scrambles the content of a packet to prevent it from being learned by an unauthorized source.

46
Q

A security administrator is tasked with ensuring that all devices have updated virus definition files before they are allowed to access network resources.

Which of the following technologies would be used to accomplish this goal?

A

B.
NAC

Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies.

47
Q

The loss prevention department has purchased a new application that allows the employees to monitor the alarm systems at remote locations. However, the application fails to connect to the vendor’s server and the users are unable to log in.

Which of the following are the MOST likely causes of this issue? (Choose two.)

A

A. URL filtering
E. Firewall rules

A URL filter is used to block URLs (websites) to prevent users accessing the website.

Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network.
Three possible actions can be taken based on the rule’s criteria:

Block the connection
Allow the connection
Allow the connection only if it is secured

48
Q

Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface.

Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?

A

D.
Sensitivity of the files

Cloud computing has privacy concerns, regulation compliance difficulties, use of open-/closed- source solutions, and adoption of open standards. It is also unsure whether cloud-based data is actually secured (or even securable).

49
Q

An active directory setting restricts querying to only secure connections.

Which of the following ports should be selected to establish a successful connection?

A

C.
636

Port 636 is used for secure LDAP (LDAPS).

50
Q

Signed digital certificates used to secure communication with a web server are MOST commonly associated with the following ports:

A

D.
443

HTTPS authenticates the website and corresponding web server with which one is communicating. HTTPS makes use of port 443.

Security + 401 (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions