CND2 Flashcards
What number indicates a router advertisement?
9
What passes empty frames across the network so that the computers ready to send information to any other computer can insert data into the frame including the destination identifier?
Token Ring
What layer in TCP/IP performs modulation, bit and frame synchronization, and error detection?
Network Access Layer
In classful IP addressing, the router uses what octet to determine address class?
1st octet
What IP class is referred to as 16/s
B
What configuration vulnerability exists due to the misconfiguration of computing and network devices?
Default password and settings
Improper password management vulnerability comes under which type of network security vulnerability?
Configuration Vulnerabilities
What type of encryption do digital certificates use?
Asymmetric
What is a limitation of hashing?
Fixed length string?
What is a thumbprint on a Digital Certificate?
Specifies the hash value for the certificate, verifies the certificate’s integrity
What protocol provides centralized authentication, authorization, and accounting for remote access servers to communicate with a central server?
RADIUS
Which of the following is a network security protocol used for authentication, authorization, and accounting for a network device like switches, routers and firewalls through one or more centralized servers?
TACACS+
What security requirement refers to the need of security for various components of IS - computers, networks, etc
Discipline Security
What security requirement refers to the compliance requirement with various standards
Assurance Security
Which part of a security policy implementation focuses on security disciplines, safeguards, procedures, and more?
Policy Description
What does security concept of operation do?
Defines roles and responsibilities
What are the responsibilities of a network admin while configuring the firewall security policies?
- Authentication of service or application
2. Enable anti-spoofing protection
What policy defines the guidelines for processing, storing, and transmitting sensitive information?
Information Protection Policy
What does user account policy not define
Remote Access
What ISO standard addresses cybersecurity?
ISO/IEC 27032
What does ISO/IEC 27033-1 to -5 address?
Network Security
What ISO standard covers customer privacy?
ISO/IEC 27018
What ISO is known as ‘security metrics’?
ISO/IEC 27004
What ISO defines ‘information security controls’?
ISO/IEC 27002
What is a type of inherence factors?
Signature
What tool traces the location of missing laptops for recovery?
Ztrace Gold
What type of malware can hide the payload part of the data packet?
Trojans
What type of malware can change the host by deleting files and reformatting the hard drive?
Virus
What command is used to access the Windows Registry?
regedit
What is the command for kernal configuration parameters in Linux?
/etc/sysct1.conf
What Linux Netstat command is used to know the processes that are accepting connections and a list of open ports?
netstat -a
What does ‘/etc/crontab’ in Linux list?
System-wide periodic jobs
If a network administrator wants to reduce the impact of unsolicited incoming emails to the email server of his/her organization, which of the following setting will helps to do this?
DNS-based blacklists (DNSBL) servers
What does a sys log server not provide
authentication for its messages
What should be enabled in the Email server to prevent spoofed email addresses?
Sender Policy Framework (SPF)
Enabling IP-directed broadcasts will allow an attacker to perform what using a spoofed address?
Sending ICMP ECHO requests to another user broadcast address
What minimizes the consumption of host resources?
Physical Network Security Devices
What is the process of mapping virtual networks to the underlying physical network
Virtual Network Embedding
What allows an attacker to remotely control a virtual machine
Management console vulnerabilities
Network isolation is based on what?
IPsec
What firewall works as a proxy server?
Application Level Gateway
What is considered while analyzing the security capability of a firewall solution?
Which type of firewall technologies it should support
What protocol do firewalls use for token-based authentication?
RADIUS
What OS does Netstat.exe work in?
Windows
An exploit-based approach works based on which principle?
Packet-oriented pattern
What is a browser-based firewall/VPN/Proxy server that generates scheduled reports on firewall traffic?
Firewall Analyzer
What can detect an unexpected generation of a sequence of repeated commands?
Stateful protocol analysis
What is not a function of IDS?
Vulnerability assessment
What IDS detects patterns such as bandwidth?
Anomaly
What classification is HIDS and NIDS
Protected System
What causes an IDS false alarm
IDS bug
What is not detected by Wireless Intrusion Prevention System?
Wireless Protocol Attacks
What does a NBA not detect?
Unsecure WLAN devices
What creates VPN connections and performs encapsulations?
VPN concentrator
In which VPN, can a new site be easily added and only a central site needs to be updated?
Star
What is a weak protocol that could allow a MITM attack on a VPN system?
IKE
What is sent by RADIUS client to request the information for a permitted connection?
Accounting-request
What terminates a VPN session?
Firewall
What is sent in response to an access-request?
access-challenge
What enables outside users to access TELNET?
Access Control List
What VPN protocols use 128 bit encryption?
L2TP/IPSEC
PPTP
What acts as a resource reservation control mechanism for a VPN
QoS
What affects the connectivity between the client and the gateway in an undesireable way?
Network Address Translation
What standard should VPNs follow?
FIPS
LAWN uses which modulation technique?
Frequency-hopping Spread Spectrum (FHSS)
What antenna concentrates EM energy?
Reflector Antenna
What standard does MAN use?
802.16 Wi-MAX
In what attack does an attacker set up a rogue access point outside corporate network and tricks employees to connect to it?
Client Mis-Association
What SNMP command notifies SNMP managers about an event occurring?
TRAPS
What SNMP command retrieves object identifiers?
Get Next
What is true about router-based monitoring techniques?
The functionality is hardcoded into the router
What layer does SNMP function?
Application
What notifies SNMP managers about an event occurring in the network?
TRAPS
A stealth scan is detected by observing large amounts of what type of packet?
RST
In Xmas scan what response tells the attacker that the port is closed?
RST
What framework supports IT governance and management toolset to enable managers to bridge the gap between control requirements, technical issues and business risks?
COBIT
What does qualysguard help you perform?
Discovery
Which vulnerability phase uses different spoof protection mechanisms?
Mitigation
What is the functionality of the Retina CS tool?
Vulnerability assessment
What does Nexpose do?
Vulnerability Assessment
What is considered when picking the right vulnerability assessment tool?
Must create a baseline
What is the process of comparing the data stored in the crashed system with the data stored in the other disk
Parity Check
What do you use R-studio for?
Recover lost data
What tool helps in recovering data lost in RAID storage media?
Disk Internals
What backup tool is used with MACs
ChronoSync
What helps to recover the entire contents of a broken NAS
ZAR X
What does Norton Ghost help with?
Recover data from Windows-based systems
What phase lets an IR team decide whether an incident response is required?
Detection and Analysis
What is a CAT 0 incident
Exercise / Network Training
What is carried out in parallel with forensic investigation?
Containment
Vulnerability Analysis is performed in what phase?
Eradication
What phase determines course of action for an incident?
Recovery
