Beyond the Basic LAN

Question 1

What is the common name for the class of hardware that is 802.11i compliant?

A) WPA
B) WPA2
C) TKIP
D) 802.1x

Answer 1

B) WPA2

WPA2 is correct. WPA was the intermediate standard between WEP and WPA2; TKIP was the original name for what became WPA; and 802.1x (d) is just an authentication protocol in 802.11i.

Question 2

In an open network environment, what is the name of the tool Mike uses just to look at and capture cookies?

A) Cookie Monster
B) Wireshark
C) Cookie Cadger
D) Kali Linux

Answer 2

C) Cookie Cadger

Cookie Cadger is correct. Cookie Monster is the Sesame Street character who loves to eat cookies; Wireshark is used to see the TCP stream, and Kali Linux is the operating system that includes these tools.

Question 3

If Jackie adds an unauthorized WAP to a network because she wants faster access, what has she installed?

A) Rogue access point
B) Evil twin
C) Malware
D) Trojan

Answer 3

A) Rogue access point

Rogue access point is correct. An evil twin is installed to do something “bad” within the network. Malware and Trojans are programs, not actual devices.

Question 4

Which suite of utilities does Mike use in the video to crack WEP encryption?

A) aircrack - ng
B) Kali Linux
C) dd-wrt

Answer 4

A) aircrack - ng

The correct answer is aircrack -ng.

Question 5

Which of these is an effective way to keep WPA/WPA2 secure?

A) Keeping your machine disconnected from the network
B) Locking your office
C) Using long, complicated, private shared keys
D) You can’t secure WPA/WPA2, use WEP instead

Answer 5

C) Using long, complicated, private shared keys

Using long, complicated, private shared keys is correct.

Question 6

How many digits does the WPS pin/key contain?

A) 4
B) 8
C) 64
D) 125

Answer 6

B) 8

8 is correct.

Question 7

True or false: You do not need to be able to read log files to efficiently utilize the capabilities of WIDS.

A) True
B) False

Answer 7

B) False

False. Logs are the output received from WIDS. If you can’t read them, WIDS will not do you much good.

Question 8

Which antenna type would be best used at a sporting event, requiring 360⁰ coverage in three dimensions (spherical)?

A) Omni
B) Directional
C) Dipole
D) Patch

Answer 8

A) Omni

Omni is the only antenna type that has 360⁰ spherical coverage making it effective for a large area such as an arena. Dipole is the most common antenna but does not have full 360⁰ spherical coverage. Dipole has a 360⁰ flat (donut-shaped) coverage. Directional has a pattern that is effective for pointing in a precise area. Patch is a 180⁰ low-profile antenna that mounts on a flat surface.

Question 9

True or false: Emulation and virtualization are the same thing.

A) True
B) False

Answer 9

B) False

False. Emulators use software to simulate an entirely different hardware platform (such as a modern computer emulating an old Atari) in order to run software made for that other platform. Virtualization enables one physical computer to power more than one virtual machine, each of which can still only run software that is compatible with the underlying hardware platform.

Question 10

Which of the following is true about containers?

A) Containers cannot access other containers
B) Containers run independent of all network resources
C) Containers run a single program and all its dependencies
D) Containers are only available on virtual machines

Answer 10

C) Containers run a single program and all its dependencies

A container runs a single program and all its dependencies. A container can access other containers, and the container uses network resources. Although a container is virtual in nature, it does not need to run on a virtual machine.

Question 11

What is the name of the IaaS provider Mike uses in his example?

A) AWS
B) Dropbox
C) TotalSem
D) Microsoft

Answer 11

A) AWS

AWS is correct.

Question 12

What does SaaS stand for?

A) Smiling at a Sunset
B) Simple access authority Software
C) Software as a Service
D) Service authentication access Service

Answer 12

C) Software as a Service

Software as a Service is correct.

Question 13

Which of the following are virtual deployment models?

A) VDE
B) VDI
C) Public cloud
D) Community cloud
E) All of the above

Answer 13

E) All of the above

The correct answer is all of the above. Virtual Desktop Environment (VDE), Virtual Desktop Infrastructure (VDI), public and community clouds are all deployment models of virtualized work environments. Depending on the environment, mobility needs, and security, some or all of these deployment models may be used.

Question 14

What connection method on mobile devices is most secure?

A) Hardware tethering
B) Hotspots
C) NFC
D) Bluetooth

Answer 14

A) Hardware tethering

The correct answer is hardwire tethering. Mobile devices have high security issues. For tight security, hardwire tethering is the most secure without hotspots, NFC, or Bluetooth enabled. The other methods build more fortified security with use of passwords and single sign-on.

Question 15

A company gives its employees identical mobile devices and stipulates that they are only to be used for work activities. Which type of deployment model is this?

A) Bring your own device (BYOD)
B) Corporate owned, personally enabled (COPE)
C) Corporate owned, business only (COBO)
D) Choose your own device (CYOD)

Answer 15

C) Corporate owned, business only (COBO)

COBO is correct.

Question 16

Mobile devices can be protected by which of the following actions?

A) Policies enforcement on rooting and sideloading
B) Periodic inspections
C) Staying current on manufacturers’ updates
D) All of the above

Answer 16

D) All of the above

The correct answer is all of the above. Mobile devices are subject to being unsecure or in some cases reconfigured to be unsecure. It is best to have a strong policy on how a mobile device can be modified, with rooting and sideloading fully disclosed, as well as inspections to enforce policy and verifying patching updates are installed.

Question 17

If a mobile device is lost or stolen, which of these would keep its data secure?

A) Context-aware authentication
B) Storage segmentation
C) Full device encryption
D) Application management

Answer 17

C) Full device encryption

Full device encryption is correct. Context-aware authentication looks only at when and where users attempt to access data. Storage segmentation separates work data from personal data, and application management is a process that operates on an application-by-application basis (not on the entire device).

Question 18

What type of physical security control is a man trap?

A) Deterrent physical control
B) Preventative physical control
C) Detective physical control
D) Compensating control

Answer 18

B) Preventative physical control

Preventative physical control is correct. Deterrent physical controls (such as lighting, signs, and security guards) are visible in order to discourage actors from trying to gain access. Detective physical controls include alarms and log files. Compensating physical controls are temporary fixes when another control is weakened (such as an extra guard to watch a broken fence).

Question 19

What type of fire suppression does Mike refer to as the “gold standard” in server rooms?

A) Halon
B) Water
C) FM-200
D) Class C fire extinguisher

Answer 19

C) FM-200

FM-200 is correct. Halon is not used anymore due to environmental concerns; water would ruin equipment (and has other dangers as well); and a class C fire extinguisher would work, but its corrosive powder could ruin valuable equipment.