Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security + 401 > 51-100 > Flashcards

51-100 Flashcards

1
Q

A company has several conference rooms with wired network jacks that are used by both employees and guests. Employees need access to internal resources and guests only need access to the Internet.

Which of the following combinations is BEST to meet the requirements?

A

D. 802.1x and VLANs

802.1x is a port-based authentication mechanism. It’s based on Extensible Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall.

How could this BEST be accomplished?

A

C. Create a virtual switch

A Hyper-V Virtual Switch implements policy enforcement for security, isolation, and service levels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached.

Which of the following cloud service options would support this requirement?

A

B. MaaS

Monitoring-as-a-service (MaaS) is a cloud delivery model that falls under anything as a service (XaaS). MaaS allows for the deployment of monitoring functionalities for several other services and applications within the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Joe, a security administrator, believes that a network breach has occurred in the datacenter as a result of a misconfigured router access list, allowing outside access to an SSH server.

Which of the following should Joe search for in the log files?

A

D. Connections to port 22

Log analysis is the art and science of reviewing audit trails, log files, or other forms of computer- generated records for evidence of policy violations, malicious events, downtimes, bottlenecks, or other issues of concern.

SSH uses TCP port 22. All protocols encrypted by SSH also use TCP port 22, such as SFTP, SHTTP, SCP, SExec, and slogin.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to combine the security controls of some of the network devices in the organization.

Which of the following methods would BEST accomplish this goal?

A

A. Unified Threat Management

When you combine a firewall with other abilities (intrusion prevention, antivirus, content filtering, etc.), what used to be called an all-in-one appliance is now known as a unified threat management (UTM) system. The advantages of combining everything into one include a reduced learning curve (you only have one product to learn), a single vendor to deal with, and—typically—reduced complexity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A company has established a network-level connection with several business partners to facilitate business transactions. Each business partner interacts with the same four application servers within the company.

Which of the following defense types should the company implement to protect the remainder of the organization from those partners?

A

A. DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall.

Which of the following BEST describes this new network?

A

D. DMZ

A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization’s local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term “demilitarized zone”, an area between nation states in which military operation is not permitted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following devices would MOST likely have a DMZ interface?

A

A. Firewall

The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A security analyst needs to ensure all external traffic is able to access the company’s front-end servers but protects all access to internal resources.

Which of the following network design elements would MOST likely be recommended?

A

A. DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following network architecture concepts is used to securely isolate at the boundary between networks?

A

C. DMZ

A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

When designing a new network infrastructure, a security administrator requests that the intranet web server be placed in an isolated area of the network for security purposes.

Which of the following design elements would be implemented to comply with the security administrator’s request?

A

A. DMZ

A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following BEST describes a demilitarized zone?

A

A. A buffer zone between protected and unprotected networks

A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following would allow the organization to divide a Class C IP address range into several ranges?

A

D. Subnetting

Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Choose two.)

A

C. 10.4.4.165
D. 10.4.4.189

With the given subnet mask, a maximum number of 30 hosts between IP addresses 10.4.4.161 and 10.4.4.190 are allowed. Therefore, option C and D would be hosts on the same subnet, and the other options would not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains?

Server 1: 192.168.100.6
Server 2: 192.168.100.9
Server 3: 192.169.100.20

A

D. /29

Using this option will result in all three servers using host addresses on different broadcast domains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?

A

D. Subnetting

Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access.

Which of the following should the company configure to protect the servers from the user devices? (Choose two.)

A

E. Create a server VLAN
F. Create an ACL to access the server

We can protect the servers from the user devices by separating them into separate VLANs (virtual local area networks).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices.

Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees’ devices are connected?

A

B. VLAN

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols.

Which of the following should he do to segment that traffic from the other traffic?

A

B. Create a voice VLAN

It is a common and recommended practice to separate voice and data traffic by using VLANs. Separating voice and data traffic using VLANs provides a solid security boundary, preventing data applications from reaching the voice traffic. It also gives you a simpler method to deploy QoS, prioritizing the voice traffic over the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

An administrator connects VoIP phones to the same switch as the network PCs and printers.

Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?

A

A. Create three VLANs on the switch connected to a router

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

An administrator needs to segment internal traffic between layer 2 devices within the LAN.

Which of the following types of network design elements would MOST likely be used?

A

C. VLAN

22
Q

Pete, a security administrator, is informed that people from the HR department should not have access to the accounting department’s server, and the accounting department should not have access to the HR department’s server. The network is separated by switches.

Which of the following is designed to keep the HR department users from accessing the accounting department’s server and vice-versa?

A

B. VLANs

23
Q

According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department.

Which of the following would be the simplest way to accomplish this?

A

D. VLAN

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches.

24
Q

Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10.

DIAGRAM
PC1 PC2
[192.168.1.30]–[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]–[10.2.2.10] LOGS
10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN 10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK 10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK

Given the above information, which of the following can be inferred about the above environment?

A

D. The router implements NAT

Network address translation (NAT) allows you to share a connection to the public Internet via a single interface with a single public IP address. NAT maps the private addresses to the public address. In a typical configuration, a local network uses one of the designated “private” IP address subnets. A router on that network has a private address (192.168.1.1) in that address space, and is also connected to the Internet with a “public” address (10.2.2.1) assigned by an Internet service provider.

25
Q

An administrator wishes to hide the network addresses of an internal network when connecting to the Internet.

The MOST effective way to mask the network address of the users would be by passing the traffic through a:

A

D. NAT

NAT serves as a basic firewall by only allowing incoming traffic that is in response to an internal system’s request.

26
Q

A security analyst is reviewing firewall logs while investigating a compromised web server. The following ports appear in the log:

22, 25, 445, 1433, 3128, 3389, 6667

Which of the following protocols was used to access the server remotely?

A

C. RDP

RDP uses TCP port 3389

27
Q

Which of the following is a programming interface that allows a remote computer to run programs on a local machine?

A

A. RPC

Remote Procedure Call (RPC) is a programming interface that allows a remote computer to run programs on a local machine.

28
Q

Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?

A

B. VPN gateway

VPNs are usually employed to allow remote access users to connect to and access the network, and offer connectivity between two or more private networks or LANs. A VPN gateway (VPN router) is a connection point that connects two LANs via a non-secure network such as the Internet.

29
Q

Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic?

A

C. Quality of Service

Quality of Service (QoS) facilitates the deployment of media-rich applications, such as video conferencing and Internet Protocol (IP) telephony, without adversely affecting network throughput.

30
Q

An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light.

Which of the following is MOST likely causing this issue?

A

C. Network Access Control

Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control.

31
Q

A computer is put into a restricted VLAN until the computer’s virus definitions are up-to-date.

Which of the following BEST describes this system type?

A

C. NAC

Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control.

32
Q

Which of the following is required to allow multiple servers to exist on one physical server?

A

C. Virtualization

Virtualization allows a single set of hardware to host multiple virtual machines.

33
Q

A corporation is looking to expand their data center but has run out of physical space in which to store hardware.

Which of the following would offer the ability to expand while keeping their current data center operated by internal staff?

A

A. Virtualization

Virtualization allows a single set of hardware to host multiple virtual machines.

34
Q

The server administrator has noted that most servers have a lot of free disk space and low memory utilization.

Which of the following statements will be correct if the server administrator migrates to a virtual server environment?

A

B. The administrator may more on licensing but less on hardware and equipment.

Migrating to a virtual server environment reduces cost by eliminating the need to purchase, manage, maintain and power physical machines. The fewer physical machines you have, the less money it costs.

35
Q

Due to limited resources, a company must reduce their hardware budget while still maintaining availability.

Which of the following would MOST likely help them achieve their objectives?

A

A. Virtualization

Because Virtualization allows a single set of hardware to host multiple virtual machines, it requires less hardware to maintain the current scenario.

36
Q

Pete, a security engineer, is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally, the MAC addresses of all five servers appear on the same switch port.

Which of the following is MOST likely the cause?

A

D. The system is virtualized

Virtualization allows a single set of hardware to host multiple virtual machines.

37
Q

Which of the following offers the LEAST amount of protection against data theft by USB drives?

A

D. Cloud computing

Cloud computing refers to performing data processing and storage elsewhere, over a network connection, rather than locally. Because users have access to the data, it can easily be copied to a USB device.

38
Q

A company’s business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services.

Which of the following network elements would be used to support the new business model?

A

A. Software as a Service

Software as a Service (SaaS) allows for on-demand online access to specific software applications or suites without having to install it locally. This will allow the data center to continue providing network and security services.

39
Q

The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network.

Which of the following would BEST meet the CIO and CRO’s requirements?

A

A. Software as a Service

Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.

40
Q

An IT director is looking to reduce the footprint of their company’s server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company.

Which of the following BEST describes this arrangement?

A

A. Infrastructure as a Service

Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.

41
Q

of the following offerings typically allows the customer to apply operating system patches?

A

D. Infrastructure as a Service

Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.

42
Q

Which of the following technologies can store multi-tenant data with different security requirements?

A

D. Cloud computing

One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.

43
Q

Multi-tenancy is a concept found in the following:

A

C. Cloud computing

One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.

44
Q

Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?

A

D. Layer 7 firewall

An application-level gateway firewall filters traffic based on user access, group membership, the application or service used, or even the type of resources being transmitted. This type of firewall operates at the Application layer (Layer 7) of the OSI model.

45
Q

Concurrent use of a firewall, content filtering, antivirus software and an IDS system would be considered components of:

A

C. Layered security

Layered security is the practice of combining multiple mitigating security controls to protect resources and data.

46
Q

A network engineer is designing a secure tunneled VPN.

Which of the following protocols would be the MOST secure?

A

A. IPsec

Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication.

47
Q

Configuring the mode, encryption methods, and security associations are part of the following:

A

A. IPsec

IPSec can operate in tunnel mode or transport mode. It uses symmetric cryptography to provide encryption security. Furthermore, it makes use of Internet Security Association and Key Management Protocol (ISAKMP).

48
Q

A company’s legacy server requires administration using Telnet.

Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Choose two.)

A

A. IPv6
C. IPSec

Telnet supports IPv6 connections.

IPv6 is the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPsec is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec is a compulsory component for IPv6.

IPsec operates at Layer 3 of the OSI model, whereas Telnet operates at Layer 7.

49
Q

A network administrator needs to provide daily network usage reports on all layer 3 devices without
compromising any data while gathering the information.

Which of the following would be configured to provide these reports?

A

B. SNMPv3

Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities.

50
Q

Matt, a security administrator, wants to configure all the switches and routers in the network in order to securely monitor their status.

Which of the following protocols would he need to configure on each device?

A

B. SNMPv3

Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities.

Security + 401 (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions