Chapter 12 - Industrial and Enterprise Networking

Question 1

3 unlicensed bands by the FCC

Answer 1

900Mhz, 2.4Ghz, 5Ghz

Question 2

ISM Bands

Answer 2

Industrial, scientific, and medial. 900Mhz, 2.4Ghz

Question 3

UNII Bands

Answer 3

Unlicensed National Information Infrastructure. 5GHz

Question 4

Number of channels FCC released for the 2.4GHz band

Answer 4

14

Question 5

Number of configurable channels in the 2.4GHz band

Answer 5

11

Question 6

Non overlapping channels in the 2.4GHz band

Answer 6

1,6,11

Question 7

Max Data speeds for 802.11b

Answer 7

11mbps

Question 8

Data rate shifting

Answer 8

Ability to reduce transmission speeds without restarting a connection to accommodate for various distances from an AP. EXAMPLE: 1mbps when farthest. 11mbps when a little closer. All 802.11 WLAN technologies have this

Question 9

Frequency and max speed of 802.11g

Answer 9

2.4GHz, 54mbps

Question 10

Frequency and max speed of 802.11a

Answer 10

5Ghz, 54mbps

Question 11

Frequency and max speed of 802.11b

Answer 11

2.4GHz, 11mbps

Question 12

Frequency and max speed of 802.11n

Answer 12

2.4GHz or 5GHz, up to 250mbps

Question 13

Although 802.11g devices operate on the same frequency as 802.11b devices, 801.11b devices can’t be software upgraded to 802.11g because

Answer 13

802.11g uses a different chipset to attain the 54mbps speeds at 2.4GHz

Question 14

Although you can use 802.11b equipment in an 802.11g environment, what happens?

Answer 14

All clients must use the 802.12b modulation technique, DSSS. This is not as efficient and results in speeds

Question 15

DSSS

Answer 15

Direct sequence spread spectrum. Modulation technique used by 802.11b devices.

Question 16

OFDM

Answer 16

Orthogonal frequency division multiplexing. Modulation technique used by 802.11g devices

Question 17

How wide are each of the 14 channels in the 2.4Ghz range?

Answer 17

22MHz wide

Question 18

Common devices that operate on (and interfere with) the 2.4Ghz bamd

Answer 18

Microwaves, cordless phones, Bluetooth devices

Question 19

Number of channels available to 802.11a devices, which operate on the 5Ghz band

Answer 19

12 non-overlapping channels at first. 11 more added in 2004

Question 20

DFS

Answer 20

Dynamic frequency selection. Feature of 802.11a that detects radar signals operating at the 5GHz band and marks that specific channel as unavailable to clients

Question 21

TPC

Answer 21

Transmit power control. Feature of 802.11a devices that allows for changing the power of transmission. Example: reducing to 5mW reduces transmission radius and improves performance for clients in I,mediate area

Question 22

MIMO

Answer 22

Multiple input, multiple output. Feature of 802.11n that allows for multiple trams,otters and recovers to increase data throughout.

Question 23

802 standard that introduced DFS, TPC

Answer 23

802.11h

Question 24

Max antennae on an 802.11n device

Answer 24

8

Question 25

Year 802.11 ratified

Answer 25

1997

Question 26

Band for 802.11

Answer 26

2.4GHz

Question 27

Number of channels for 802.11

Answer 27

3

Question 28

Data transmission rates of 802.11

Answer 28

1, 2 Mbps

Question 29

Year 802.11a ratified

Answer 29

1999

Question 30

Band for 802.11a

Answer 30

5Ghz

Question 31

Number of channels for 802.11a

Answer 31

Up to 23

Question 32

Data transmission rates of 802.11a

Answer 32

54mbps

Question 33

Year 802.11b ratified

Answer 33

1999

Question 34

Band for 802.11b

Answer 34

2.4GHz

Question 35

Number of channels for 802.11b

Answer 35

3

Question 36

Data transmission rates of 802.11b

Answer 36

11mbps

Question 37

Year 802.11g ratified

Answer 37

2003

Question 38

Band for 802.11g

Answer 38

2.4Ghz

Question 39

Number of channels for 802.11g

Answer 39

3

Question 40

Data transmission rates of 802.11g

Answer 40

54GHz

Question 41

Year 802.11n ratified

Answer 41

2010

Question 42

Band for 802.11n

Answer 42

2.4GHz or 5GHz

Question 43

Number of channels for 802.11n

Answer 43

Varies

Question 44

Data transmission rates of 802.11n

Answer 44

100+ Mbps

Question 45

2 installation types of all 802.11 WLAN stamdards

Answer 45

Ad hoc and infrastructure

Question 46

Ad hoc wlan network

Answer 46

No access point. PCs connect directly to each other

Question 47

Downsides of ad hoc wlan

Answer 47

Doesn’t scale well

Question 48

BSS / BSA

Answer 48

Basic service set or basic service area. Describes the services provided to clients connected to an Ap in infrastructure mode, in a defined area

Question 49

Distribution system

Answer 49

Connection from the AP to the wired network

Question 50

SSID

Answer 50

Security Set Identifier. 32 character Id that refers to a wireless network and defines its BSS

Question 51

ESS

Answer 51

Extended service set. When two or more APs use the same SSID on different channels, with overlapping BSA of 10% or more. This allows clients to roam in the same network from one AP to another.

Question 52

Factors that affect signal strenth

Answer 52

Distance, barriers, protocols used, interference

Question 53

RADIUS

Answer 53

Security protocol that manages authorization, central access, accounting supervision. Users connect to the network by being authenticated by the radius server

Question 54

What is the maximum data rate of IEEE 802.11b?

Answer 54

11Mbps

Question 55

What is the maximum data rate of IEEE 802.11g?

Answer 55

54Mbps

Question 56

What is the maximum data rate of IEEE 802.11a?

Answer 56

54Mbps

Question 57

What is the frequency range of IEEE 802.11b?

Answer 57

2.4GHz

Question 58

What is the frequency range of IEEE 802.11g?

Answer 58

2.4GHz

Question 59

What is the frequency range of IEEE 802.11a?

Answer 59

5GHz

Question 60

APs come set up with what type of security enabled by default?

Answer 60

None

Question 61

Why would we use WPA instead of basic WEP?

Answer 61

Values of WPA keys can change dynamically while the system is being used. Also WEP sucks.

Question 62

Which IEEE committee has been sanctioned by WPA and is called WPA2?

Answer 62

IEE 802.11i standard

Question 63

The IEEE 802.11b/g basic standard has how many non-overlapping channels?

Answer 63

Three

Question 64

The first step in asset management is to inventory all the components on the network.​
(A) True
(B) False

Answer 64

Answer : (A)

Question 65

Cipher locks are not designed for physical security, such as on an outside door.
(A) True
(B) False

Answer 65

Answer : (A)

Question 66

Any device in an ICS that is motorized and can control the physical system is called a fieldbus.
(A) True
(B) False

Answer 66

Answer : (B)

Question 67

Every security policy should include a response policy, which specifically defines the characteristics of an event that qualifies as a formal incident and the steps that should be followed as a result.
(A) True
(B) False

Answer 67

Answer : (A)

Question 68

The first step of a response policy should be to secure the area.​
(A) True
(B) False

Answer 68

Answer : (B)

Question 69

A ______________ is an enclosure made of a conductive material that is designed to block electromagnetic signals, including Wi-Fi.​

Answer 69

Answer : Faraday cage

Question 70

A _____________ is a small network that is segmented from the rest of the network, and contains computers, called test beds.​

Answer 70

Answer : testing lab

Question 71

Microsoft sometimes releases a major group of patches to Windows or a Microsoft application, which it calls a __________________.

Answer 71

Answer : service pack

Question 72

The goal of a disaster recovery plan is to ensure ______________.​

Answer 72

Answer : business continuity

Question 73

________________ is a process of investigating deeper data on a computer and will essentially autopsy the computer to discover hidden data, such as deleted files and file fragments, and who has accessed that data and when.

Answer 73

Answer : Computer forensics

Question 74

An active card, which contains an internal battery, can provide a usable range of up to what distance? 
(A) ​100 m 
(B) ​150 m
(C) ​200 m
(D) ​250 m

Answer 74

Answer : (B)

Question 75

What type of software is a correction, improvement, or enhancement to a piece of software?​ 
(A) ​patch 
(B) ​upgrade
(C) ​rollback 
(D) ​kludge

Answer 75

Answer : (A)

Question 76

​In computer forensics, hidden data such as deleted files and file fragments are known as what term? 
(A) ​ambient data 
(B) ​transient data 
(C) ​tombstone data 
D) ​low level data

Answer 76

Answer : (A)

Question 77

Which team role is the person on call who first notices or is alerted to a problem?​ 
(A) ​manager 
(B) ​dispatcher 
(C) ​technical support specialist 
(D) ​public relations specialist

Answer 77

Answer : (B)

Question 78

What team member role coordinates the resources necessary to solve a problem?​ 
(A) ​dispatcher 
(B) ​manager 
(C) ​technical support specialist 
(D) ​public relations specialist

Answer 78

Answer : (B)

Question 79

What team member role focuses on only one thing: solving the problem as quickly as possible?​ 
(A) ​dispatcher 
(B) ​manager 
(C) ​technical support specialist
(D) ​public relations specialist

Answer 79

Answer : (C)

Question 80

What team member role, if necessary, learns about the situation and the response and then acts as official spokesperson for the organization to the public or other interested parties?​ 
(A) ​dispatcher 
(B) ​manager 
(C) ​technical support specialist 
(D) ​public relations specialist

Answer 80

Answer : (D)

Question 81

Which of the following is NOT a step that should be taken as part of a ​response policy?
(A) ​Secure the area and disconnect devices from the network
(B) ​Create documentation detailing the scene
(C) ​Attempt to access files to determine if they are compromised
(D) ​Protect the chain of custody of evidence

Answer 81

Answer : (C)

Question 82

What should be the first step of a response policy?​
(A) ​Determine if escalation is necessary
(B) ​Secure the area
(C) ​Document the scene
(D) ​Monitor evidence and data collection )

Answer 82

Answer : (A

Question 83

At what type of recovery site would computers, devices, and connectivity necessary to rebuilt a network exist, and all are appropriately configured, updated, and connected to match your network's current state?​
 (A) ​cold site 
(B) ​warm site 
C) ​temp site
(D) ​hot site

Answer 83

Answer : (D)

Question 84

Which type of recovery site is a place where computers, devices, and connectivity necessary to rebuild a network exist, with some pieces ​appropriately configured, updated, or connected? 
(A) ​cold site 
(B) ​warm site 
(C) ​hot site 
(D) ​temp site

Answer 84

Answer : (B)

Question 85

Which type of disaster recovery site is a place where the computers, devices, and connectivity necessary to rebuild a network exist, but they are not appropriately configured, updated, or connected? 
(A) ​cold site 
(B) ​temp site 
(C) ​warm site 
(D) ​hot site

Answer 85

Answer : (A)

Question 86

What type of physical security solution involves a device that scans an individual's unique physical characteristics?​ 
(A) ​proximity access 
(B) ​biorecognition access 
(C) ​AIT access 
(D) ​keypad access

Answer 86

Answer : (B)

Question 87

The time period in which a change can be implemented is known as what option below?​ 
(A) ​change period 
(B) ​maintenance window
(C) ​work order time
 (D) ​service affecting work interval

Answer 87

Answer : (B)

Question 88

In order to provide access to a historian by personnel working on the corporate network that are not authorized to work on the ICS network, where should the historian be placed?​ 
(A) ​DMZ 
(B) corporate network 
(C) ​Internet
 (D) ​private network

Answer 88

Answer : (A)

Question 89

What is a historian?​
(A) ​A centralized database of collected and analyzed data and control activities.
(B) ​A server that collects and stores raw data.
(C) ​A supervisory computer or server, which can control the physical system.
(D) ​Computers, including hardware and software, that people use to monitor and manage the physical systems.

Answer 89

Answer : (A)

Question 90

What type of device can be used to erase contents of a hard drive using a magnetic field?​ 
(A) ​electromagnetic resonance chamber 
(B) ​degausser
(C) ​targeted magneto-wipe 
(D) ​polarized magnet Answer : (B)

Answer 90

Answer : (B)

Question 91

If a destructive program is running that might be destroying evidence, what should be done?​
(A) ​Perform an immediate full backup
(B) ​Attempt to end the process
(C) ​Pull the power cable
D) ​Record the destruction using a video capture of the screen

Answer 91

Answer : (C)

Question 92

Upon receipt of what type of notification is a company required to activate a defensible policy for the preservation of relevant data?​ 
(A) subpoena 
(B) ​legal hold 
(C) ​discovery request 
(D) ​chain of custody notice

Answer 92

Answer : (B)

Question 93

Which of the following is responsible for acquiring real-time data from the physical system and managing the physical system or presenting the data to humans?

a. RTU
b. PLC
c. SCADA
d. HMI

Answer 93

Answer: C

Question 94

The ________ is a centralized database of collected and analyzed data and control activities.

Answer 94

Answer: historian

Question 95

True or False: It is considered best practice to segment your ICS/SCADA network from the corporate network.

Answer 95

Answer: True

Question 96

Which of the following is an enclosure made of a conductive material that is designed to block electromagnetic signals, including Wi-Fi?

a. human machine interface
b. Faraday cage
c. closed loop system
d. programmable logic controller

Answer 96

Answer: B

Question 97

The first step in asset management is to determine the cost and benefits of certain types of hardware and software.

Answer 97

Answer: False

Question 98

Which of the following terms best describe a major change to a software package that enhances the functionality and features of the software, while also correcting bugs and vulnerabilities?

a. service pack
b. rollback
c. backlevel
d. upgrade

Answer 98

Answer: D

Question 99

After a major change is approved, a _______ is usually assigned to the project.

Answer 99

Answer: change coordinator

Question 100

Which of the following collect power from a badge reader’s power field in order to transmit data? a. passive cards b. fingerprint scanner c. active cards d. mantraps

Answer 100

Answer: A

Question 101

True or False. A cold site is a place where the computers, devices, and connectivity necessary to rebuild a network exist, and all are appropriately configured, updated, and connected to match a network’s current state.

Answer 101

Answer: False

Question 102

A _____ plan accounts for the worst-case scenarios, from a far-reaching hurricane to a military or terrorist attack. a. continuity b. contingency c. disaster recovery d. survivability

Answer 102

Answer: C

Question 103

Which ICS component senses attributes of the physical system and converts analog data to
digital data, but cannot control the physical system?
A. SCADA
B. RTU
C. PLC
D. HMI

Answer 103

Answer: B. RTU

Question 104

Which server controls the physical system in an ICS system? 
A. Acquisitions server 
B. I/O server 
C. MTU 
D. Historian

Answer 104

Answer: C. MTU

Question 105

What should you place between the corporate network and the ICS network? 
A. VLAN 
B. Dial-up connection 
C. Redundant RTUs 
D. DMZ

Answer 105

Answer: D. DMZ

Question 106

Which business document fills the gap between an informal handshake and the legally 
binding signatures on contracts? 
A. SLA 
B. SOW 
C. MOU 
D. RFP

Answer 106

Answer: C. MOU

Question 107

Your company has developed a Web site that includes a small program that collects real-time
data on mortgage rates in specific geographic areas, and uses that information to calculate
mortgage payment amounts based on the user’s inputted data. The program was written by an
independent software developer, who has granted your company a license to incorporate the
program into your Web site for your customers’ use. Which document was used?
A. SLA
B. MLA
C. RFP
D. SOW

Answer 107

Answer: B. MLA

Question 108

Your team is in the process of implementing what you thought would be a relatively minor
update to the NOS. You’ve hit a small but time-consuming snag, and it’s now obvious that
the update won’t be completed until about an hour after your maintenance window passes.
What should you do immediately?
A. Consult the vendor documentation.
B. Roll back the update and try again later.
C. Bring the system back online and allow users to access any services that are available.
D. Inform technical staff and users of the problem and what to expect.

Answer 108

Answer: D. Inform technical staff and users of the problem and what to expect.

Question 109

Which of the following cards specifically contains an internal lithium battery? 
A. Smart card 
B. Active card 
C. Passive card 
D. Proximity card

Answer 109

Answer: B. Active card

Question 110

Which type of disaster recovery site is the most expensive? 
A. Hot site 
B. Ambient site 
C. Warm site 
D. Cold site

Answer 110

Answer: A. Hot site

Question 111

What process ensures that exact duplicates of servers are available if needed in the event of a 
disaster? 
A. Business continuity 
B. Server mirroring 
C. Network redundancy 
D. Contingency plan

Answer 111

Answer: B. Server mirroring

Question 112

While troubleshooting a network connection issue on a corporate workstation, you’ve just
discovered that the workstation has been used for illegal gambling activities. You’ve notified
your supervisor, and she said she’s on her way to collect the computer for an investigation.
While you’re waiting for your supervisor to arrive, what should you do?
A. Play games on the computer to pass the time.
B. Close all running programs.
C. Start investigating browser history.
D. On a separate device or on a sheet of paper, make notes on everything that you’ve seen
and done so far.

Answer 112

Answer: D. On a separate device or on a sheet of paper, make notes on everything that you’ve
seen and done so far. Answer: They use the Internet for connectivity

Question 113

Industrial systems become part of the IoT when ________________.

Answer 113

Answer: They use the Internet for connectivity.

Question 114

What is the primary difference between an open loop system and a closed loop system?

Answer 114

Answer: An open loop system has no sensors and makes decisions based on predetermined
expectations, events, or past history. A closed loop system makes decisions based on real-time
data.

Question 115

Which network components should be documented in asset management documentation?

Answer 115

Answer: Nodes or hardware devices on the network, and each software package purchased by
the organization

Question 116

A service pack is a collection of ____________________.

Answer 116

Answer: Patches

Question 117

What is the basic process for backleveling an operating system upgrade?

Answer 117

Answer: Prior to the upgrade, make a complete backup of the system; to backlevel, restore the
entire system from the backup; uninstall an operating system upgrade only as a last resort.

Question 118

How can a mantrap provide multifactor authentication?

Answer 118

Answer: A separate form of identification might be required for each door, such as a badge for
the first door and a fingerprint scan for the second door

Question 119

What kind of device erases the contents of a magnetic hard drive?

Answer 119

Answer: Degausser

Question 120

What kind of information can computer forensics recover that eDiscovery cannot?

Answer 120

Answer: Ambient data, such as deleted files and file fragments, and who has accessed that data
and when

Question 121

While upgrading a sales rep’s corporate desktop computer, you notice some HR files for
several coworkers from several different departments. You’re pretty sure the sales rep
shouldn’t have access to this information, so you call your supervisor for assistance. He says
he’s on his way. Should you shut down the computer? Why or why not?

Answer 121

Answer: No. There is no evidence of ongoing damage from a running program, so the computer
should remain powered up until your supervisor decides how to transport it.

Question 122

When your supervisor arrives, she has a document with her for you to sign, indicating the
condition of the computer, how you kept it secure while you waited for her, and the transfer
of responsibility for the computer from you to her. What kind of document is it?
Answer: Chain of custody

Answer 122

Answer: Chain of custody

Question 123

The first step in asset management is to inventory all the components on the network.​ (A) True (B) False

Answer 123

Answer : (A)