Chapter 16 - Network Security

Question 1

Angela, an IT staff member at ACME Inc., notices that communication with the company’s web server is very slow. After investigating, she determines that the cause of the slow response is a computer on the internet sending a very large number of malformed web requests to ACME’S web server. What type of attack is described in this scenario?

access attack
denial of service (DoS) attack
malware attack
reconnaissance attack

Answer 1

denial of service (DoS) attack

Question 2

Jeremiah was browsing the internet from his personal computer when a random website offered a free
program to clean his system. After the executable was downloaded and running, the operating system
crashed. Crucial operating system related files had been corrupted and Jeremiah’s computer required a
full disk format and operating system re-installation. What type of attack is described in this scenario?

access attack
denial of service (DoS) attack
malware attack
reconnaissance attack

Answer 2

malware attack

Question 3

A computer is used as a print server for ACME Inc. The IT staff failed to apply security updates to this computer for over 60 days. Now the print server is operating slowly, and sending a high number of
malicious packets to its NIC. What type of attack is described in this scenario?

access attack
denial of service (DoS) attack
malware attack
reconnaissance attack

Answer 3

denial of service (DoS) attack

Question 4

Sharon, an IT intern at ACME Inc., noticed some strange packets while revising the security logs
generated by the firewall. A handful of IP addresses on the internet were sending malformed packets to
several different IP addresses, at several different random port numbers inside ACME Inc. What type of
attack is described in this scenario?

access attack
denial of service (DoS) attack
malware attack
reconnaissance attack

Answer 4

reconnaissance attack

Question 5

George needed to share a video with a co-worker. Because of the large size of the video file, he decided to run a simple FTP server on his workstation to serve the video file to his co-worker. To make things easier, George created an account with the simple password of “file” and provided it to his co-worker on Friday.

Without the proper security measures or a strong password, the IT staff was not surprised to learn on Monday that George’s workstation had been compromised and was trying to upload work related documents to the internet. What type of attack is described in this scenario?

access attack
denial of service (DoS) attack
malware attack
reconnaissance attack

Answer 5

access attack

Question 6

Arianna found a flash drive lying on the pavement of a mall parking lot. She asked around but could notfind the owner. She decided to keep it and plugged it into her laptop, only to find a photo folder. Feeling curious, Arianna opened a few photos before formatting the flash drive for her own use. Afterwards, Arianna noticed that her laptop camera was active. What type of attack is described in this scenario?

access attack
denial of service (DoS) attack
malware attack
reconnaissance attack

Answer 6

malware attack

Question 7

Which device controls traffic between two or more networks to help prevent unauthorized access?

AAA Server
firewall
ESA/WSA
IPS

Answer 7

firewall

Question 8

Which device is used by other network devices to authenticate and authorize management access?

AAA Server
firewall
ESA/WSA
IPS

Answer 8

AAA Server

Question 9

Which backup policy consideration is concerned with using strong passwords to protect the backups and for restoring data?

frequency
storage
security
validation

Answer 9

security

Question 10

This zone is used to house servers that should be accessible to outside users.

inside
outside
internet
DMZ

Answer 10

DMZ

Question 11

Which is appropriate for providing endpoint security?

a AAA server
antivirus software
a server-based firewall
an ESA/WSA

Answer 11

antivirus software

Question 13

Which component is designed to protect against
unauthorized communications to and from a
computer?

antimalware
security centre
firewall
antivirus
port scanner

Answer 13

firewall

Question 14

Which command will block login attempts on
RouterA for a period of 30 seconds if there are 2
failed login attempts within 10 seconds?

RouterA(config)# login block-for 30
attempts 10 within 2

RouterA(config)# login block-for 2
attempts 30 within 10

RouterA(config)# login block-for 10
attempts 2 within 30

RouterA(config)# login block-for 30
attempts 2 within 10

Answer 14

RouterA(config)# login block-for 30
attempts 2 within 10

Question 15

What is the purpose of the network security
accounting function?

to keep track of the actions of a user
to provide challenge and response
questions
to determine which resources a user can
access
to require users to prove who they are

Answer 15

to keep track of the actions of a user

Question 16

What type of attack may involve the use of tools
such as nslookup and fping?

access attack
denial of service attack
reconnaissance attack
worm attack

Answer 16

reconnaissance attack

Question 17

Which benefit does SSH offer over Telnet for
remotely managing a router?

encryption
authorization
TCP usage
connections via multiple VTY lines

Answer 17

encryption

Question 18

What is one of the most effective security tools
available for protecting users from external
threats?

password encryption techniques
router that run AAA services
firewalls
patch servers

Answer 18

firewalls

Question 19

Which type of network threat is intended to
prevent authorized users from accessing
resources?

reconnaissance attacks
access attacks
DoS attacks
trust exploitation

Answer 19

DoS attacks

Question 20

Which three services are provided by the AAA
framework? (Choose three.)

accounting
automation
authorization
autoconfiguration
autobalancing
authentication

Answer 20

authorization, authentication and accounting,

Question 21

Which malicious code attack is self-contained
and tries to exploit a specific vulnerability in a
system being attacked?

Trojan horse
social engineering
virus
worm

Answer 21

Worm

Question 22

Some routers and switches in a wiring closet
malfunctioned after an air conditioning unit
failed. What type of threat does this situation
describe?

environmental
electrical
maintenance
configuration

Answer 22

environmental

Question 23

What does the term vulnerability mean?

a weakness that makes a target susceptible
to an attack
a known target or victim machine
a potential threat that a hacker creates
a method of attack to exploit a target
a computer that contains sensitive
information

Answer 23

a weakness that makes a target susceptible
to an attack

Question 24

What three configuration steps must be
performed to implement SSH access to a
router? (Choose three.)

a user account
an IP domain name
a unique hostname
a password on the console line
an enable mode password
an encrypted password

Answer 24

a user account
an IP domain name
a unique hostname

Question 25

What is the objective of a network
reconnaissance attack?

denying access to resources by legitimate
users
discovery and mapping of systems
unauthorized manipulation of data
disabling network systems or services

Answer 25

discovery and mapping of systems

Question 26

For security reasons a network administrator
needs to ensure that local computers cannot
ping each other. Which settings can accomplish
this task?

smartcard settings
firewall settings
file system settings
MAC address settings

Answer 26

firewall settings

Question 27

A network administrator establishes a
connection to a switch via SSH. What
characteristic uniquely describes the SSH
connection?

remote access to the switch through the use
of a telephone dialup connection

remote access to a switch where data is
encrypted during the session

direct access to the switch through the use
of a terminal emulation program

out-of-band access to a switch through the
use of a virtual terminal with password
authentication

on-site access to a switch through the use
of a directly connected PC and a console
cable

Answer 27

remote access to a switch where data is
encrypted during the session