80% OF QUESTIONS.DOC

Question 1

Match core standards and descriptions: 802.11i

Answer 1

Requires encryption key protocols TKIP and AES
Key Caching, pre-authentication (Used for VoIP)
WPA2

Question 2

Match core standards and descriptions: This can be cracked in approximately 5 minutes

Answer 2

WEP

Question 3

Match core standards and descriptions: 802.11X

Answer 3

Uses a central authentication server - which provides key management.
Also called Enterprise Mode

Question 4

Match core standards and descriptions: Part of this standard has been cracked

Answer 4

WPA

Question 5

A TCP _____ segment is a request to open a connection.

Answer 5

SYN

Question 6

A Windows host sends a TCP segment with source port number 1200 and destination port number 80. The sending host is a/an _____.

Answer 6

Webserver

Question 7

What is the structure of a MAC address?

Answer 7

3 byte OUI followed by a 3 byte vendor assigned number

Question 8

Exploit programs that can be remotely controlled by an attacker are _____.

Answer 8

BOTS

Question 9

Collecting and logging information about what employees do when they use a system is _____.

Answer 9

Auditing

Question 10

A wireless host sends a packet to a server on the companys wired Ethernet LAN via an access point. How many frames will be involved in this oneway transmission?

Answer 10

2

Question 11

In wireless LANs the protocol must be reliable because radio transmission is itself inherently unreliable. The steps taken in wireless LAN transmission are as follows: Sender listens for traffic 1. If there is traffic, the sender waits 2. If there is no traffic: 2a. If there has been no traffic for less than a preset amount of time, waits a random amount of time, then returns to Step 1. 2b, If there has been no traffic for more than a preset amount of time, sends without waiting 3. Receiver immediately sends back an acknowledgement 4. If sender does not receive the acknowledgement, it retransmits What is this protocol called? Choose the correct answer from the following list.

Answer 11

CSMA/CA+ACK

Question 12

Programs that masquerade as system files are called?

Answer 12

Trojan Horses

Question 13

When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually _____.

Answer 13

Passes the packet without notifying the administrator

Question 14

Requiring someone to prove his or her identity is _____.

Answer 14

?

Question 15

The total length of an IP address is ____ bits.

Answer 15

32

Question 16

PSK prevents the use of weak keys

Answer 16

FALSE

Question 17

When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall _____.

Answer 17

Drops the packet

Question 18

The process of proving a users identity is called

Answer 18

Authentication

Question 19

Programs that hackers use to break into computers are_____.

Answer 19

Exploits

Question 20

Consider the client computer message (put onto the network) of: “My 48-bit ethernet address is A3-4E-C0-1D-BE-EF. Please give me a 32-bit address.” What is the protocol in use?

Answer 20

DHCP

Question 21

DHCP sends a PC a or an _____.

Answer 21

IP Address and Subnet Mask

Question 22

The main benefit of IPv6 over IPv4 is _____.

Answer 22

The ability to support more possible hosts

Question 23

How many host addresses are available for the network 10.5.4.0 255.255.255.0?

Answer 23

256

Question 24

128.171.17.13:1234 is _____.

Answer 24

A socket

Question 25

Unsolicited commercial e-mail is _____.

Answer 25

Spam

Question 26

Which of the following is not part of AAA?

Answer 26

Auditing

Question 27

Four-way closes use ____ segments.

Answer 27

FIN

Question 28

Consider the following story: “On Wednesday, a man dressed as an armored truck employee with the company AT Systems walked into a BB&T bank in Wheaton about 11 a.m., was handed more than $500,000 in cash and walked out, a source familiar with the case said. It wasn’t until the actual AT Systems employees arrived at the bank, the next day that bank officials realized they’d been had.” Choose the best description of what just happened from the list below.

Answer 28

Social Engineering

Question 29

Which of the following can spread more rapidly?

Answer 29

Worms

Question 30

A router must use the ARP process ______.

Answer 30

Whenever it forwards an IP packet to a host that is not in its ARP cache

Question 31

Pieces of code programs that are executed after the virus or worm has spread are called _____.

Answer 31

Payloads

Question 32

To see whether a target host can be reached, you normally would send it an ICMP _____ message.

Answer 32

Echo

Question 33

_____ is the general name for proofs of identity in authentication.

Answer 33

Credentials

Question 34

The network part of an IP address is _____ bits long.

Answer 34

The size of the network part varies

Question 35

Routers use dynamic routing protocols to constantly talk to each other, sharing routing information. What sort of information is exchanged? Pick all that apply.

Answer 35

?

Question 36

Which of the following is NOT one of the three major security planning principles?

Answer 36

Perimeter defense

Question 37

The Internet Control Message Protocol is the internet layer supervisory protocol. Which of the following diagnostic tools takes advantage of the ICMP protocol? Choose all that apply.

Answer 37

Ping

Question 38

A routing table has 34,569 rows. Rows 12,921 and 26,731 match the destination IP address in an incoming packet. How many rows must the router check for matches?

Answer 38

34,569

Must check all rows

Question 39

A router will discard a packet if the TTL value reaches _____.

Answer 39

0

Question 40

How many host addresses are available for the network 10.5.4.0 255.255.0.0?

Answer 40

65536

Question 41

Tricking users into doing something against their best interests is _____.

Answer 41

Social Engineering

Question 42

IPv6 is slowly replacing IPv4. Why is this the case?

Answer 42

More devices are coming online, and version four has insufficient capacity

Question 43

The default behavior of a stateful firewall regarding connection-opening attempts is to block all connections initiated by _____.

Answer 43

External Hosts

Question 44

What happens if two nearby access points use the same channel?

Answer 44

They will interfere with each other

Question 45

When an attacker sets up an access point outside the firm to entice internal hosts to associate with it, this is a/an _____.

Answer 45

Evil Twin

Question 46

A mask has _____ bits.

Answer 46

32

Question 47

Setting up hosts to protect themselves is _____.

Answer 47

?
firewalling
 b. self-defense
 c. patching
 d. host hardening

Question 48

The general name for malware on a users PC that collects sensitive information and sends this information to an attacker is _____.

Answer 48

Spyware

Question 49

Which of the following secures communication between the wireless computer and the server (or a point near the server)?

Answer 49

VPNs

Question 50

Which of the following is more serious?

Credit card theft or Identity theft?

Answer 50

Identity Theft

Question 51

The password ‘Security7’ can be defeated most quickly by a _____.

Answer 51

Hybrid mode dictionary attack

Question 52

A user picks the password tiger. This is likely to be cracked most quickly by a/an _____.

Answer 52

Dictionary Attack

Question 53

Which of the following segments is NOT acknowledged?

Answer 53

RST

Question 54

The password ‘7u3&’ can be defeated most quickly by a _____.

Answer 54

Brute Force Attack

Question 55

How many host addresses are available for the network 10.5.4.0 255.255.254.0?

Answer 55

512

Question 56

How long does it take an attacker to crack WEP today with readily available software?

Answer 56

A few minutes

Question 57

Active Directory match with description:

At the highest level in an Active Directory design is the __________.

Answer 57

Forest

Question 58

Active Directory match with description:A __________ contains one or more domains that are in a common relationship.

Answer 58

Tree

Question 59

Active Directory match with description:An _________ is a grouping of related objects within a domain. This is similar to the idea of having subfolders in a folder.

Answer 59

Organisational Units

Question 60

Active Directory match with description:Servers that have the Active Directory Domain Services installed on them are:

Answer 60

Domain Controllers

Question 61

Active Directory match with description:Every resources is called an _____________ and is associated with a domain.

Answer 61

Object

Question 62

To allow a connection from an internal host to one or more external hosts requires an ACL rule if a stateful firewall is used.

Answer 62

False

Question 63

Managing Accounts by grouping them. Match type of group to description: Used to provide access to resources in any domain within a forest.

Answer 63

Universal

Question 64

Managing Accounts by grouping them. Match type of group to description: Used when there is a single domain, or to manage resources in a particular domain, so that the global and universal groups can access those resources.

Answer 64

Domain Local

Question 65

Managing Accounts by grouping them. Match type of group to description: Used on stand alone servers that are not part of a domain; this type of group does not go beyond the home server.

Answer 65

Local

Question 66

Managing Accounts by grouping them. Match type of group to description: Used to manage group accounts from the same domain so that those accounts can access resources in the same and in other domains.

Answer 66

Global

Question 67

PSK mode uses authentication servers.

Answer 67

FALSE

Question 68

Routers usually are connected in a/an _____ topology.

Answer 68

Mesh

Question 69

Consider the client computer message (put onto the network) of: “Hello host 10.19.8.12 what is your 48-bit MAC address?” What is the protocol in use?

Answer 69

ARP

Question 70

To drive around a city looking for working access points that are unprotected is _____.

Answer 70

War Driving

Question 71

A benefit of using firewalls is that it eliminates the need to harden each host and therefore saves money.

Answer 71

False

Question 72

A Windows host sends a TCP segment with source port number 80 and destination port number 1200. It is a/an _____.

Answer 72

Email Server

Question 73

UDP is (3)

Answer 73

Connection-less
Unreliable
Operates at the transport layer

Question 74

TCP is (2)

Answer 74

Reliable

Operates at the Transport layer

Question 75

To deliver an arriving packet to a destination host on a subnet connected to router, the router needs to know the destination hosts _____.

Answer 75

IP address and Data-link layer address

Question 76

There are currently two (2) dominant wireless LAN standards in use. Pick the correct answers from the 802.11 standards list below.

Answer 76

802. 11A

802. 11G

Question 77

A/an _____ specifies a particular application on a particular host.

Answer 77

Socket

Question 78

What does a router do with ARP request messages?

Answer 78

It broadcasts them

Question 79

Routing decisions are done on a combination of best IP match and metrics. Use the following list of routing table rows with their speed metrics, to choose the best match row.

a. Row 852 Prefix /18 Metric 57
b. Row 67 Prefix /12 Metric 30
c. Row 245 Prefix /18 Metric 50
d. Row 1148 Prefix /17 Metric 130

Answer 79

Biggest prefix and Lowest metric

A

Question 80

In _____, when a wireless host wishes to send, it first sends a message to the wireless access point asking for permission to send. When the access point sends back a response, the host sending the original message may transmit. All other hosts must wait.

Answer 80

CSMA/CA+ACK

Question 81

The main version of Internet Protocol in use today is IP version _____.

Answer 81

IPv4

Question 82

Consider the dotted decimal mask of 255.255.0.0, how many 1s are there in the binary equivalent?

Answer 82

16

Question 83

Vulnerabilities are occasionally found in even the best security products. Consequently, companies must _____.

Answer 83

Have defense in depth

Question 84

DoS attacks are attacks on _____.

Answer 84

Availability

Question 85

Passwords should be at least _____ characters long.

Answer 85

8

Question 86

What do the ones (1’s) in a network mask correspond to in IP addresses?

Answer 86

The Network part

Question 87

IPv6 is the next generation of Internet Protocol. How many bits long is an IPv6 address?

Answer 87

128

Question 88

Which of the following may drive the adoption of IPv6?

Answer 88

A growing number of hosts in developing countries (especially China and India).
A growing number of mobile devices.

Question 89

A way back into a system that an attacker can use to get into the compromised computer later is called a _____.

Answer 89

Backdoor