Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Advanced Information Security > Chapter 5 > Flashcards

Chapter 5 Flashcards

1
Q

Where should an organization’s web server be placed?

DMZ
Honeynet
Extranet
Intranet

A

DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?

Extranet
Internet
Intranet
MAN

A

Extranet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You want to create a collection of computers on your network that appear to have valuable data but actually store fake data that could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the attacker’s methods.

Which feature should you implement?

NIDS
NIPS
Honeynet
Extranet

A

Honeynet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A honeypot is used for which purpose?

To prevent sensitive data from being accessed

To entrap intruders

To disable an intruder’s system

To delay intruders in order to gather auditing data

A

To delay intruders in order to gather auditing data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following devices can apply quality of service and traffic-shaping rules based on what created the network traffic?

Network access control

All-in-one security appliances

Proxy server

Application-aware devices

A

Application-aware devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You are the office manager of a small financial credit business. Your company handles personal financial information for clients seeking small loans over the internet. You are aware of your obligation to secure clients records, but the budget is an issue for your company.

Which item would provide the BEST security for this situation?

All-in-one security appliance

Firewall on your gateway server to the internet

Proxy server with access controls

Network access control system

A

All-in-one security appliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You are implementing security at a local high school that is concerned with students accessing inappropriate material on the internet from the library’s computers. The students use the computers to search the internet for research paper content. The school budget is limited.

Which content filtering option would you choose?

Allow all content except for the content you have identified as restricted.

Block all content except for content you have identified as permissible.

Block specific DNS domain names.

Restrict content based on content categories.

A

Restrict content based on content categories.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following BEST describes a honeyfile?

A single file setup to entice and trap attackers.

A file that has been digitally signed.

A default file in the /etc/security directory.

A file used to authenticate.

A

A single file setup to entice and trap attackers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks.

You are concerned that these computers could pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless antivirus software and the latest operating system patches are installed.

Which solution should you use?

VLAN
DMZ
NAC
NIDS

A

NAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A proxy server can be configured to do which of the following?

Allow all content except for the content you have identified as restricted.

Act as a unified threat security device or web security gateway.

Block all content except for the content you have identified as permissible.

Restrict users on the inside of a network from getting out to the internet.

A

Restrict users on the inside of a network from getting out to the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks?

Circuit proxy
Bastion or sacrificial host
Kernel proxy
Multi-homed

A

Bastion or sacrificial host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted internet?

Padded cell
Intranet
Extranet
DMZ

A

DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following is the MOST likely to happen if the firewall managing traffic into the DMZ fails?

Nothing will happen - all devices will stay protected.

Only the servers in the DMZ are compromised, but the LAN will stay protected.

The LAN is compromised, but the DMZ stays protected.

All devices in the DMZ and LAN will be compromised.

A

Only the servers in the DMZ are compromised, but the LAN will stay protected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to internet users.

Which solution should you use?

Use firewalls to create a DMZ. Place the web server inside the DMZ and the private network behind the DMZ.

Use a single firewall. Put the web server and the private network behind the firewall.

Use firewalls to create a DMZ. Place the web server and the private network inside the DMZ.

Use a single firewall. Put the web server in front of the firewall and the private network behind the firewall.

A

Use firewalls to create a DMZ. Place the web server inside the DMZ and the private network behind the DMZ.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How many network interfaces does a dual-homed gateway typically have?

4
1
3
2

A

3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What needs to be configured on a firewall to allow traffic directed to the public resource in the DMZ?

Subnet
VPN
FTP
Packet filters

A

Packet filters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information.

How should you place devices on the network to best protect the servers? (Select two.)

Put the database server on the private network.
Put the web server on the private network.
Put the web server inside the DMZ.
Put the database server inside the DMZ.

A

Put the database server on the private network.
Put the web server inside the DMZ.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In which of the following situations would you most likely implement a demilitarized zone (DMZ)?

You want to encrypt data sent between two hosts using the internet.

You want internet users to see a single IP address when accessing your company network.

You want to protect a public web server from attack.

You want to detect and respond to attacks in real time.

A

You want to protect a public web server from attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following is another name for a firewall that performs router functions?

Screening router
Screened subnet
Screened-host gateway
Dual-homed gateway

A

Screening router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following is the BEST solution to allow access to private resources from the internet?

Subnet
VPN
Packet filters
FTP

A

VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following describes how access control lists can be used to improve network security?

An access control list identifies traffic that must use authentication or encryption.

An access control list filters traffic based on the frame header, such as source or destination MAC address.

An access control list filters traffic based on the IP header information, such as source or destination IP address, protocol, or socket number.

An access control list looks for patterns of traffic between multiple packets and takes action to stop detected attacks.

A

An access control list filters traffic based on the IP header information, such as source or destination IP address, protocol, or socket number.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following are features of an application-level gateway? (Select two.)

Stops each packet at the firewall for inspection

Reassembles entire messages

Verifies that packets are properly sequenced

Uses access control lists

Allows only valid packets within approved sessions

A

Stops each packet at the firewall for inspection

Reassembles entire messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?

Packet-filtering firewall
Application-level gateway
Circuit-level gateway
VPN concentrator

A

Circuit-level gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Jessica needs to set up a firewall to protect her internal network from the internet. Which of the following would be the BEST type of firewall for her to use?

Stateful
Tunneling
Software
Hardware

A

Hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling.

You want to protect the laptop from internet-based attacks. Which solution should you use?

VPN concentrator
Proxy server
Host-based firewall
Network-based firewall

A

Host-based firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

You have just installed a packet-filtering firewall on your network. Which options are you able to set on your firewall? (Select all that apply.)

Checksum
Destination address of a packet
Digital signature
Port number
Source address of a packet
Sequence number
Acknowledgement number

A

Destination address of a packet
Port number
Source address of a packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

When designing a firewall, what is the recommended approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ.

Open all ports; close ports that show improper traffic or attacks in progress.

Open all ports; close ports that expose common network attacks.

Close all ports; open ports 20, 21, 53, 80, and 443.

Close all ports.

A

Close all ports; open only ports required by applications inside the DMZ.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

You connect your computer to a wireless network available at the local library. You find that you can access all of the websites you want on the internet except for two.

What might be causing the problem?

A firewall is blocking ports 80 and 443.

A proxy server is blocking access to the websites.

The router has not been configured to perform port forwarding.

Port triggering is redirecting traffic to the wrong IP address.

A

A proxy server is blocking access to the websites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which of the following best describes a stateful inspection?

Designed to sit between a host and a web server and communicate with the server on behalf of the host.

Allows all internal traffic to share a single public IP address when connecting to an outside entity.

Determines the legitimacy of traffic based on the state of the connection from which the traffic originated.

Offers secure connectivity between many entities and uses encryption to provide an effective defense against sniffing.

A

Determines the legitimacy of traffic based on the state of the connection from which the traffic originated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which of the following are characteristics of a packet-filtering firewall? (Select two.)

Filters IP address and port
Filters based on URL
Filters based on sessions
Stateful
Stateless

A

Filters IP address and port
Stateless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

You want to connect your small company network to the internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. Which type of Network Address Translation (NAT) should you implement?

Static
Restricted
Dynamic
Shared

A

Dynamic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Which NAT implementation assigns two IP addresses to the public NAT interface, allowing traffic to flow in both directions?

PAT
Dynamic and static
Static
Dynamic

A

Dynamic and static

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which device is NAT typically implemented on?

Gateway router
AD server
RADIUS server
ISP router

A

Gateway router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which problem does NAT help address?

IPSec not working properly
The shortage of IPv6 addresses
Registering IP addresses with an ISP
The shortage of IPv4 addresses

A

The shortage of IPv4 addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

At which layer of the OSI model do NAT routers operate?

Layer 5 (Session layer)
Layer 1 (Physical layer)
Layer 7 (Application layer)
Layer 3 (Network layer)

A

Layer 3 (Network layer)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

How many concurrent connections does NAT support?

90
300
Unlimited
5,000

A

5,000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Which of the following does a NAT router use to associate a port number with a request from a private host?

PAT
IPv4
Dynamic NAT
Static NAT

A

PAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

A network device is given an IP address of 172.16.0.55. Which type of network is this device on?

Class C private network
IPv6 private network
Class A private network
Class B private network

A

Class B private network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network.

You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website.

What should you use to allow access?

DNS A record
DNS CNAME record
Multicast
Static NAT
Dynamic NAT

A

Static NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

You are the network administrator for a small company that implements NAT to access the internet. However, you recently acquired five servers that must be accessible from outside your network. Your ISP has provided you with five additional registered IP addresses to support these new servers, but you don’t want the public to access these servers directly. You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside.

Which method of NAT translation should you implement for these servers?

Static
Overloading
Restricted
Dynamic

A

Static

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization’s order database.

Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports.

Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection.

Which key steps should you take when implementing this configuration? (Select two.)

Configure the browser to send HTTPS requests directly to the Wi-Fi network without going through the VPN connection

Configure the browser to send HTTPS requests through the VPN connection

Configure the VPN connection to use IPsec

Configure the VPN connection to use MS-CHAPv2

Configure the VPN connection to use PPTP

A

Configure the browser to send HTTPS requests directly to the Wi-Fi network without going through the VPN connection

Configure the VPN connection to use IPsec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

A group of salesmen would like to remotely access your private network through the internet while they are traveling. You want to control access to the private network through a single server.

Which solution should you implement?

IDS
IPS
VPN concentrator
DMZ

A

VPN concentrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

A VPN is primarily used for which of the following purposes?

Allow the use of network-attached printers

Support secured communications over an untrusted network

Allow remote systems to save on long-distance charges

Support the distribution of public web documents

A

Support secured communications over an untrusted network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Which VPN implementation uses routers on the edge of each site?

Always-on VPN
Site-to-site VPN
Host-to-host VPN
Remote access VPN

A

Site-to-site VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Which VPN tunnel style routes only certain types of traffic?

Split
Site-to-site
Host-to-host
Full

A

Split

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Which IPSec subprotocol provides data encryption?

AES
SSL
AH
ESP

A

ESP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

In addition to Authentication Header (AH), IPsec is comprised of what other service?

Extended Authentication Protocol (EAP)
Advanced Encryption Standard (AES)
Encapsulating Security Payload (ESP)
Encryption File System (EFS)

A

Encapsulating Security Payload (ESP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Which statement BEST describes IPsec when used in tunnel mode?

IPsec in tunnel mode may not be used for WAN traffic

Packets are routed using the original headers, and only the payload is encrypted

The identities of the communicating parties are not protected

The entire data packet, including headers, is encapsulated

A

The entire data packet, including headers, is encapsulated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Which VPN protocol typically employs IPsec as its data encryption mechanism?

L2F
PPP
L2TP
PPTP

A

L2TP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Which of the following VPN protocols is no longer considered secure?

TLS
IPsec
PPTP
SSL

A

PPTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

You are investigating the use of website and URL content filtering to prevent users from visiting certain websites.

Which benefits are the result of implementing this technology in your organization? (Choose two.)

Identification and disposal of infected content

Prevention of phishing attempts

Prevention of emails containing threats

An increase in bandwidth availability

Enforcement of the organization’s internet usage policy

A

An increase in bandwidth availability

Enforcement of the organization’s internet usage policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Travis is sending a highly confidential email to Craig that contains sensitive data. Which of the following should Travis implement to ensure that only Craig is able to read the email?

Anti-phishing software
Virus scanner
Encryption
Spam filter

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Which of the following types of proxies would you use to remain anonymous when surfing the internet?

VPN
Forward
Content filter
Reverse

A

Forward

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

As the security analyst for your organization, you have noticed an increase in emails that attempt to trick users into revealing confidential information. Which web threat solution should you implement to protect against these threats?

Anti-phishing software
Proxies
Data loss prevention
Encryption

A

Anti-phishing software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Which of the following are functions of gateway email spam filters? (Select two.)

Blocks email from specific senders

Blocks users from visiting websites with malicious content

Filters messages containing specific content

Blocks phishing attempts, which try to access confidential information

Helps enforce an organization’s internet usage policy

A

Blocks email from specific senders

Filters messages containing specific content

56
Q

You are configuring web threat protection on the network and want to block emails coming from a specific sender. Which of the following should be configured?

Spam filter
Virus scanner
Encryption
Anti-phishing software

A

Spam filter

57
Q

As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)

Encryption
Proxies
Virus scanner
Data loss prevention
Spam filters

A

Virus scanner
Spam filters

58
Q

You are configuring web threat protection on the network and want to prevent users from visiting www.videosite.org. Which of the following needs to be configured?

Content filtering
Virus scanner
Website filtering
Anti-phishing software

A

Website filtering

59
Q

Which of the following types of proxies can be used for web filtering?

Transparent
Reverse
VPN
Content filter

A

Transparent

60
Q

You are configuring web threat protection on the network and have identified a website that contains malicious content. Which of the following should you configure?

Anti-phishing software
Content filtering
Web threat filtering
Virus scanner

A

Web threat filtering

61
Q

Which of the following NAC agent types would be used for IoT devices?

Dissolvable
Agentless
Permanent
Zero-trust

A

Agentless

62
Q

Which of the steps in the Network Access Control (NAC) implementation process occurs once the policies have been defined?

Review
Apply
Test
Plan

A

Apply

63
Q

Which of the following defines all the prerequisites a device must meet in order to access a network?

Authentication
Zero-trust security
Identity Services Engine (ISE)
Authorization

A

Authentication

64
Q

Which of the following NAC agent types creates a temporary connection?

Zero-trust
Agentless
Dissolvable
Permanent

A

Dissolvable

65
Q

What is Cisco’s Network Access Control (NAC) solution called?

Network Address Translation (NAT)
Network Access Protection
Talos
Identity Services Engine (ISE)

A

Identity Services Engine (ISE)

66
Q

Which of the following NAC agent types is the most convenient agent type?

Permanent
Zero-trust
Dissolvable
Agentless

A

Permanent

67
Q

You are part of a committee that is meeting to define how Network Access Control (NAC) should be implemented in the organization. Which step in the NAC process is this?

Review
Apply
Define
Plan

A

Plan

68
Q

Which of the following BEST describes zero-trust security?

Only devices that pass authentication are trusted.

Only devices that pass authorization are trusted.

All devices are trusted.

Only devices that pass both authentication and authorization are trusted.

A

Only devices that pass both authentication and authorization are trusted.

69
Q

Which of the following applies the appropriate policies in order to provide a device with the access it’s defined to receive?

Authorization
Zero-trust security
Identity Services Engine
Authentication

A

Authorization

70
Q

You are configuring the security settings for your network. You have decided to configure a policy that requires any computer connecting to the network to run at least Windows 10 version 2004. Which of the following have you configured?

NAT
ISE
NAC
NAP

A

NAC

71
Q

You are the security analyst for your organization and have discovered evidence that someone is attempting to brute-force the root password on the web server. Which classification of attack type is this?

Passive
Active
External
Inside

A

Active

72
Q

Perpetrators attempt to compromise or affect the operations of a system.

Active Attack
Passive Attack
External Attack
Inside Attack

A

Active Attack

73
Q

Unauthorized individuals try to breach a network from off-site.

Active Attack
Passive Attack
External Attack
Inside Attack

A

External Attack

74
Q

Attempting to find the root password on a web server by brute force.

Active Attack
Passive Attack
External Attack
Inside Attack

A

Active Attack

75
Q

Attempting to gather information without affecting the flow of information on the network.

Active Attack
Passive Attack
External Attack
Inside Attack

A

Passive Attack

76
Q

Sniffing network packets or performing a port scan.

Active Attack
Passive Attack
External Attack
Inside Attack

A

Passive Attack

77
Q

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

Backdoor
DDoS
Spamming
Replay

A

DDoS

78
Q

In which of the following zones would a web server most likely be placed?

High-trust zone
Low-trust zone
Medium-trust zone
No-trust zone

A

Low-trust zone

79
Q

Which area of focus helps to identify weak network architecture or design?

Documentation
Network baseline
Entry points
Inherent vulnerabilities

A

Documentation

80
Q

Which classification of attack type does packet sniffing fall under?

External
Passive
Active
Inside

A

Passive

81
Q

Which area of focus do public-facing servers, workstations, Wi-Fi networks, and personal devices fall under?

Network segmentation
Inherent vulnerabilities
Network baseline
Entry points

A

Entry points

82
Q

Your network devices are categorized into the following zone types:

No-trust zone
Low-trust zone
Medium-trust zone
High-trust zone

Your network architecture employs multiple VLANs for each of these network zones. Each zone is separated by a firewall that ensures only specific traffic is allowed.

Which of the following is the secure architecture concept that is being used on this network?

Network firewalling
Virtual local area networking
Network segmentation
Trust-zone networking

A

Network segmentation

83
Q

Your organization has started receiving phishing emails. You suspect that an attacker is attempting to find an employee workstation they can compromise. You know that a workstation can be used as a pivot point to gain access to more sensitive systems.

Which of the following is the MOST important aspect of maintaining network security against this type of attack?

Identifying inherent vulnerabilities

User education and training

Network segmentation

Documenting all network assets in your organization

Identifying a network baseline

A

User education and training

84
Q

Which of the following is commonly created to segment a network into different zones?

DMZ
VLANs
DNS
VPNs

A

VLANs

85
Q

While developing a network application, a programmer adds functionally that allows her to access the running program without authentication so she can capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application.

Which type of security weakness does this describe?

Buffer overflow
Backdoor
Weak password
Privilege escalation

A

Backdoor

86
Q

An attacker was able to gain unauthorized access to a mobile phone and install a Trojan horse so that he or she could bypass security controls and reconnect later.

Which type of attack is this an example of?

Backdoor
Social engineering
Privilege escalation
Replay

A

Backdoor

87
Q

In an effort to increase the security of your organization, programmers have been informed they can no longer bypass security during development.

Which vulnerability are you attempting to prevent?

Privilege escalation
Backdoor
Social engineering
Replay

A

Backdoor

88
Q

Which of the following are characteristics of a complex password? (Select two.)

Consists of letters and numbers only

Has a minimum of six characters

Has a minimum of eight characters

Has a maximum of fifteen characters

Consists of letters, numbers, and symbols

A

Has a minimum of eight characters

Consists of letters, numbers, and symbols

89
Q

An attacker has gained access to the administrator’s login credentials. Which type of attack has most likely occurred?

Privilege escalation
Backdoor
Buffer overflow
Password cracking

A

Password cracking

90
Q

When setting up a new wireless access point, what is the first configuration change that should be made?

Encryption protocol
SSID
Default login
MAC filtering

A

Default login

91
Q

You’ve just deployed a new Cisco router that connects several network segments in your organization.

The router is physically located in a server room that requires an ID card to gain access. You’ve backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer by connecting it to the console port on the router. You’ve configured the management interface with a username of admin and a password of password.

What should you do to increase the security of this device?

Use an SSH client to access the router configuration.

Include hard-coded passwords and hidden service accounts.

Move the device to a secure data center.

Use a stronger administrative password.

A

Use a stronger administrative password.

92
Q

A relatively new employee in the data entry cubical farm was assigned a user account similar to the other data entry employees’ accounts. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas.

This situation indicates which of the following has occurred?

Social engineering
External attack
Physical security
Privilege escalation

A

Privilege escalation

93
Q

An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?

Impersonation
Replay
Privilege escalation
Social engineering

A

Privilege escalation

94
Q

Travis and Craig are both standard users on the network. Each user has a folder on the network server that only they can access. Recently, Travis has been able to access Craig’s folder.

This situation indicates which of the following has occurred?

Privilege escalation
Replay
Social engineering
External attack

A

Privilege escalation

95
Q

Which common design feature among instant messaging clients make them less secure than other means of communicating over the internet?

Real-time communication
Freely available for use
Peer-to-peer networking
Transfer of text and files

A

Peer-to-peer networking

96
Q

Which type of application allows users to share and access content without using a centralized server?

Peer-to-peer software
Instant messaging
Real-time communication
Group Policy

A

Peer-to-peer software

97
Q

Which of the following methods did Microsoft introduce in Windows 10 to help distribute OS updates?

Peer-to-peer software
Group Policy
File Transfer Protocol
Server download

A

Peer-to-peer software

98
Q

Which of the following is a benefit of P2P applications?

Shared resources
Strong security
Real-time communication
Low-upload bandwidth

A

Shared resources

99
Q

What do application control solutions use to identify specific applications?

Application signatures
Flags
Packet inspection
Whitelists

A

Application signatures

100
Q

Which of the following is susceptible to social engineering exploits?

Instant messaging
Peer-to-peer software
Group Policy
Real-time communication

A

Instant messaging

101
Q

Which of the following is considered a major problem with instant messaging applications?

Transfer of text and files
Freely available for use
Loss of productivity
Real-time communication

A

Loss of productivity

102
Q

You are the security analyst for your organization and have recently noticed a large amount of spim on the company mobile devices. Employees rely on the IM app to communicate with each other.

Which of the following countermeasures should you implement?

Create a blacklist.
Disable instant messaging.
Encrypt all IM traffic.
Use an IM blocker.

A

Use an IM blocker.

103
Q

You have implemented a new application control solution. After monitoring traffic and use for a while, you have noticed an application that continuously circumvents blocking.

How should you configure the application control software to handle this application?

Block
Drop
Flag
Tarpit

A

Tarpit

104
Q

You are implementing a new application control solution.

Prior to enforcing your application whitelist, you want to monitor user traffic for a period of time to discover user behaviors and log violations for later review.

How should you configure the application control software to handle applications not contained in the whitelist?

Block
Tarpit
Flag
Drop

A

Flag

105
Q

Which of the following scenarios would typically utilize 802.1x authentication?

Controlling access through a router

Controlling access through a switch

Authenticating VPN users through the internet

Authenticating remote access clients

A

Controlling access through a switch

106
Q

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You’ve had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet.

The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so that only library computers are permitted connectivity to the internet.

What can you do?

Remove the hub and place each library computer on its own access port.

Create a VLAN for each group of four computers.

Configure port security on the switch.

Create static MAC addresses for each computer and associate each address with a VLAN.

A

Configure port security on the switch.

107
Q

You manage a single subnet with three switches. They are connected to provide redundant paths between the switches.

Which feature prevents switching loops and ensures there is only a single active path between any two switches?

Spanning Tree Protocol
PoE
802.1x
Bonding
Trunking

A

Spanning Tree Protocol

108
Q

When configuring VLANs on a switch, which type of switch ports are members of all VLANs defined on the switch?

Trunk ports

Any port not assigned to a VLAN

Uplink ports

Each port can only be a member of a single VLAN

Gigabit and higher Ethernet ports

A

Trunk ports

109
Q

Which of the following best describes the concept of a virtual LAN?

Devices connected through the internet that can communicate without using a network address.

Devices in separate networks (different network addresses) logically grouped as if they were in the same network.

Devices on the same network logically grouped as if they were on separate networks.

Devices connected by a transmission medium other than a cable (microwave, radio transmissions).

Devices on different networks that can receive multicast packets.

A

Devices on the same network logically grouped as if they were on separate networks.

110
Q

Which of the following switch attacks associates the attacker’s MAC address with the IP address of the victim’s devices?

ARP spoofing/poisoning
MAC spoofing
DNS poisoning
Cross-site scripting (XSS)

A

ARP spoofing/poisoning

111
Q

ARP spoofing/poisoning (Choose 1)

Causes packets to fill up the forwarding table and consumes so much of the switch’s memory that it enters a state called Fail Open Mode.

The source device sends frames to the attacker’s MAC address instead of to the correct device

Can be used to hide the identity of the attacker’s computer or impersonate another device on the network

Should be disabled on the switch’s end user (access) ports before implementing the switch configuration into the network

A

The source device sends frames to the attacker’s MAC address instead of to the correct device

112
Q

Dynamic Trunking Protocol

Causes packets to fill up the forwarding table and consumes so much of the switch’s memory that it enters a state called Fail Open Mode.

The source device sends frames to the attacker’s MAC address instead of to the correct device

Can be used to hide the identity of the attacker’s computer or impersonate another device on the network

Should be disabled on the switch’s end user (access) ports before implementing the switch configuration into the network

A

Should be disabled on the switch’s end user (access) ports before implementing the switch configuration into the network

113
Q

MAC Flooding

Causes packets to fill up the forwarding table and consumes so much of the switch’s memory that it enters a state called Fail Open Mode.

The source device sends frames to the attacker’s MAC address instead of to the correct device

Can be used to hide the identity of the attacker’s computer or impersonate another device on the network

Should be disabled on the switch’s end user (access) ports before implementing the switch configuration into the network

A

Causes packets to fill up the forwarding table and consumes so much of the switch’s memory that it enters a state called Fail Open Mode.

114
Q

MAC spoofing

Causes packets to fill up the forwarding table and consumes so much of the switch’s memory that it enters a state called Fail Open Mode.

The source device sends frames to the attacker’s MAC address instead of to the correct device

Can be used to hide the identity of the attacker’s computer or impersonate another device on the network

Should be disabled on the switch’s end user (access) ports before implementing the switch configuration into the network

A

Can be used to hide the identity of the attacker’s computer or impersonate another device on the network

115
Q

Which of the following attacks, if successful, causes a switch to function like a hub?

ARP poisoning
Replay attack
MAC flooding
MAC spoofing

A

MAC flooding

116
Q

Which of the following is a typical goal of MAC spoofing?

Reroute local switch traffic to a specified destination

Cause incoming packets to broadcast to all ports

Cause a switch to enter fail open mode

Bypass 802.1x port-based security

A

Bypass 802.1x port-based security

117
Q

Which protocol should you disable on the user access ports of a switch?

TCP
IPsec
DTP
PPTP

A

DTP

118
Q

You are adding switches to your network to support additional VLANs. Unfortunately, the new switches are from a different vendor than the current switches.

Which standard do you need to ensure that the switches are supported?

802.11
802.1Q
802.1x
802.3

A

802.1Q

119
Q

When configuring VLANs on a switch, what is used to identify which VLAN a device belongs to?

MAC address
Host name
Switch port
IP address

A

Switch port

120
Q

Which 802.1Q priority is IP phone traffic on a voice VLAN tagged with by default?

8
5
3
1

A

5

121
Q

The IT manager has asked you to create four new VLANs for a new department. As you are going through the VLAN configurations, you find some VLANs numbered 1002-1005. However, they are not in use.

What should you do with these VLANs?

Delete them since they are not being used.

Renumber them and assign them to ports on the switch.

Nothing. They are reserved and cannot be used or deleted.

Configure them so they can be used on the new network.

A

Nothing. They are reserved and cannot be used or deleted.

122
Q

The IT manager has asked you to create a separate VLAN to be used exclusively for wireless guest devices to connect to.

Which of the following is the primary benefit of creating this VLAN?

You can load-balance wireless guest network traffic to have a lower priority than the rest of the traffic on the network.

You can control broadcast traffic and create a collision domain for just the wireless guest devices.

You can control security by isolating wireless guest devices within this VLAN.

You can create a wireless guest network more affordably with a VLAN than you can with a router.

A

You can control security by isolating wireless guest devices within this VLAN.

123
Q

A virtual LAN can be created using which of the following?

Gateway
Hub
Router
Switch

A

Switch

124
Q

Which of the following is an appropriate definition of a VLAN?

A device used to route traffic between separate networks.

A device used to filter WAN traffic.

A physical collection of devices that belong together and are connected to the same wire or physical switch.

A logical grouping of devices based on service need, protocol, or other criteria.

A

A logical grouping of devices based on service need, protocol, or other criteria.

125
Q

You manage a network that uses a single switch. All ports within your building connect through the single switch.

In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access.

Which feature should you implement?

VLANs
NAT
DMZ
Port authentication

A

VLANs

126
Q

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer.

What should you use for this situation?

VLAN
VPN
Port security
Spanning Tree Protocol

A

VLAN

127
Q

You are creating a VLAN for voice over IP (VoIP). Which command should you use?

switchport voice vlan [number]
switchport vlan voice [number]
switchport vlan voip [number]
switchport voip vlan [number]

A

switchport voice vlan [number]

128
Q

Which of the following should be configured on the router to filter traffic at the router level?

Anti-spoofing rules
Access control list
Telnet
SSH

A

Access control list

129
Q

You’ve just deployed a new Cisco router that connects several network segments in your organization.

The router is physically located in a cubicle near your office. You’ve backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with the username admin01 and the password P@ssW0rd. You have used the MD5 hashing algorithm to protect the password.

What should you do to increase the security of this device?

Change the default administrative username and password.

Move the router to a secure server room.

Use a Telnet client to access the router configuration.

Use encrypted Type 7 passwords.

A

Move the router to a secure server room.

130
Q

Which of the following happens by default when you create and apply a new ACL on a router?

All traffic is permitted.
All traffic is blocked.
ACLs are not created on a router.
The ACL is ignored until applied.

A

All traffic is blocked.

131
Q

Which type of ACL should be placed as close to the source as possible?

Basic
Extended
Advanced
Standard

A

Extended

132
Q

You are deploying a brand new router. What is one of the first things you should do?

Configure anti-spoofing rules.

Update the firmware.

Secure the configuration file.

Configure SSH to access the router configuration.

A

Update the firmware.

133
Q

Which of the following can make passwords useless on a router?

Storing the router configuration file in a secure location

Using the MD5 hashing algorithm to encrypt the password

Using SSH to remotely connect to a router

Not controlling physical access to the router

A

Not controlling physical access to the router

134
Q

You’ve just deployed a new Cisco router that connects several network segments in your organization.

The router is physically located in a server room that requires an ID for access. You’ve backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password.

What should you do to increase the security of this device? (Select two.)

Use a web browser to access the router configuration using an HTTP connection.

Use an SSH client to access the router configuration.

Change the default administrative username and password.

Use encrypted Type 7 passwords.

Use TFTP to back up the router configuration to a remote location.

A

Use an SSH client to access the router configuration.

Change the default administrative username and password.

135
Q

You’ve just deployed a new Cisco router that connects several network segments in your organization.

The router is physically located in a locked server closet. You use an FTP client to regularly back up the router configuration to a remote server in an encrypted file. You access the router configuration interface from a notebook computer that is connected to the router’s console port. You’ve configured the device with the username admin01 and the password P@ssW0rd. You have used the MD5 hashing algorithm to protect the password.

What should you do to increase the security of this device?

Use encrypted Type 7 passwords.

Move the router to a secure data center.

Use SCP to back up the router configuration to a remote location.

Use an SSH client to access the router configuration.

A

Use SCP to back up the router configuration to a remote location.

136
Q

You have configured your ACL to block outgoing traffic from a device with the IP address 192.168.1.52. Which type of ACL have you configured?

Basic
Advanced
Extended
Standard

A

Standard

137
Q

Which of the following does a router use to determine where packets are forwarded to?

Access control list
Anti-spoofing rules
Routing table
Firewall

A

Routing table

Advanced Information Security (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions