4.0 Network Security Flashcards

1
Q

what would you configure on a switch to segment traffic?

A

VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is the purpose of a network scan?

A

to gather information about hosts within a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is the purpose of banner grabbing?

A

to gain information about remote systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what is the purpose of the spanning tree protocol?

A

prevents broadcast storms caused by two ports on a switch being connected to each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what device uses an ACL to filter traffic

A

Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

where is IP filtering configured?

A

ACL in a firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what type of filter allows SMTP traffic through a firewall?

A

port filter (blocking TCP port 25)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what would you manipulate to block access to a network for a specific computer?

A

Firewall’s ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what is the name of bogus server with false data designed to lure attackers?

A

Honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what technique is commonly done to identify open ports on a server?

A

port scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what is the general purpose of disabling unnecessary services on a server?

A

to harden the server

hardening a device makes it more secure than the default configuration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

where should updates for production servers be applied first?

A

to a test server that mimics the production server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

an attacker creates an evil twin and then collects data from anyone that connects to it. what type of attack is this?

A

MITM attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

an attacker connects to a switch and is then able to connect to existing VLANs on the same switch. what type of attack is this?

A

VLAN hopping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what kind of threat is possible from a disgruntled employee?

A

an insider threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what type of attack is launched from a single host against a single host?

A

DoS attack

17
Q

what is the name of an unauthorized wireless network with a different name than a legitimate wireless network?

A

Rogue access point

18
Q

what type of attack floods a switch with traffic, with the goal of redirecting traffic to an attacker’s computer?

A

ARP poisoning

19
Q

an attacker impersonates a service technician to gain access to a building. What is this called?

A

Social engineering

20
Q

what type of attack is launched from several hosts against a single host?

A

DDoS attack

21
Q

what is the name of a malicious wireless network with the same name as a legitimate wireless network?

22
Q

what type of filtering on a router can restrict access based on a hardware address?

A

MAC filtering

23
Q

what information is required by a user to access a WPA2 protected network?

A

Passphrase or pre-shared key

24
Q

what is the strongest encryption wireless protocol (listed in the CompTIA objectives)?

25
what does EAP provide?
A framework for authentication and authorization EAP (extensible authentication protocol)
26
what type of encryption does WPA2-PSK use?
CCMP-AES
27
what can be used on a network to restrict access based on hardware address?
MAC filtering
28
wireless guests are redirected to a page requiring them to enter credentials before they can access the internet. What is this called?
A captive portal
29
what is syslog?
a message-logging standard a syslog server is a centralized server that can collect logs from multiple devices
30
users must log in with a smart card, a PIN, and a password. what kind of authentication is this?
Dual-factor authentication It is sometimes called multi-factor authentication, but it only used two types of authentication - something you have (smart card) and something you know (PIN and password)
31
a smartcard is used for what factor of authentication?
something you have
32
a password is used for what factor of authentication?
something you know
33
a fingerprint reader is used for what factor of authentication?
something you are
34
name the three primary factors of authentication
something you know, something you have, something you are
35
what are asset tracking tags used for in an organization?
Inventory they also help to recover lost devices
36
what physical security feature should default to a fail open state if power is lost?
Door locks