CYSA Flashcards
You need to add a new network route on a Linux host. Which command syntax should you use?
a. add route
b. nslookup
c. ifconfig route add
d. ip route add
D. ip route add
Which type of VPN is firewall friendly?
a. IPsec
b. SSL
c. PPTP
d. L2TP
B. SSL
Which IPsec configuration provides confidentiality?
a. IPsec does not provide confidentiality
b. Authentication header
c. Transport Mode
d. Encapsulating security payload
D. Encapsulating security payload
You have used the ‘chrony’ package to configure an NTP server in Linux. Which command show connected time consumers?
a. chronyc activity
b. chronyc clients
c. date
d. timedatectl
B. chronyc clients
You have created a new VLAN. The DHCP server exists on a separate network. You need to ensure that clients receive their IP configuration through DHCP. Which solution represents the least amount of administrative effort?
a. Enable a shorter DHCP lease interval
b. Configure a DHCP relay agent on the new VLAN
c. Install a new DHCP server on the new VLAN
d. Enable DNS forwarding
b. Configure a DHCP relay agent on the new VLAN
Which type of DNS zone record resolves IP addresses to DNS names?
a. AAAA
b. A
c. PTR
d. CNAME
c. PTR
How many bits exist in the IPv6 address space?
a. 32
b. 64
c. 128
d. 16
c. 128
To which layer of the OSI model does traffic routing apply?
a. Layer 4 (Transport)
b. Layer 2 (Data Link)
c. Layer 3 (Network)
d. Layer 5 (Session)
c. Layer 3 (Network)
Which port is normally used for NTP communication?
a. 123
b. 80
c. 110
d. 443
a. 123
Which TCP/IP protocol resolves IP addresses to MAC addresses?
a. ARP
b. UDP
c. TCP
d. ICMP
a. ARP
Which Wi-Fi authentication method facilitates central log event monitoring for network authentication?
a. WPA Enterprise
b. WPS
c. WPA PSK
d. WEP
a. WPA Enterprise
Which benefits can be derived from creating VLANS?
a. Network integrity
b. Network encryption
c. Improved network throughput
d. Network traffic isolation
c. Improved network throughput
d. Network traffic isolation
You need a VMware virtual machine’s virtual network adapter to connect directly to the physical network. Which type of network connection should the adapter be configured with?
a. VMnet5
b. Host-only
c. Bridged
d. NAT
c. Bridged
You have created a new public IP address resource in the Microsoft Azure cloud, but your existing virtual machine does not show a public IP address. What is the problem?
a. The public IP address must be associated with the virtual machine network adapter
b. Cloud virtual machines cannot have public IP addresses
c. The public IP address must exist before the virtual machine is deployed
d. The Azure portal web page needs to be refreshed
c. The public address must exist before the virtual machine is deployed
Your existing Microsoft Azure virtual network is currently configured with an IPv4 address range of 10.0.0.0/16. Future virtual machines deployed to this virtual network will be configured with addresses in the 192.168.0.0/24 IPv4 address range. What should you do to ensure the virtual machines will communicate correctly in the cloud?
a. Create a subnet using the 192.168.0.0/24 range
b. Add the 192.168.0.0/24 range to the virtual network
c. Create a new vnet using the 192.168.0.0/24 range
d. The 192.168.0.0/24 range cannot be used with vnets
a. Create a subnet using the 192.168.0.0/24
b. Add the 192.168.0.0/24 range to the virtual network
Which Linux command can be used to display network interfaces and associated IP addresses?
a. lsmod
b. chmod
c. ipconfig
d. ip a
D. ip a
Which DNS option digitally signs records in a DNS zone?
a. HTTPS
b. SSH
c. DNSSEC
d. Vendor class identifiers
c. DNSSEC
You need to configure IPsec on a Windows server. Where should you configure this?
a. Add the IPsec settings in the Windows registry
b. Create an IPsec configuration in Active Directory
c. Add an inbound rule in Windows Defender
d. Add a Connection Security Rule in the Windows Defender advanced settings
d. Add a connection security rule in the Windows Defender advanced settings
Which protocol removes the need for configuring IP settings on each station?
a. FTP
b. SSH
c. DNS
d. DHCP
d. DHCP
You need to configure a default route through an Internet Gateway for your AWS environment. Which IP address should you specify when adding a new route to a routing table in AWS?
a. ::/1
b. 127.0.0.1
c. ::/0
d. 0.0.0.0/0
d. 0.0.0.0/0
Which Wi-Fi authentication method forwards network connection request to a centralized authentication server?
a. WPA2 Enterprise
b. WEP
c. WPS
d. WPA2 PSK
a. WPA2 Enterprise
You need to ensure that custom code running within a Microsoft Azure virtual machine has access to read blobs in an Azure storage account. What should you do FIRST?
a. Run the custom code in a Docker container
b. Configure a managed identify for the virtual machine
c. Assign storage account permissions to the virtual machine
d. Embed storage account credentials within the custom code
b. Configure a managed identify for the virtual machine
Which authentication options are available when deploying a Linux virtual machine in the Microsoft Azure Cloud?
a. Username
b. Password
c. PKI
d. SSH public key authentication
d. SSH public key authentication
Which type of cloud works best for multiple organizations with the same type of computing and security needs?
a. Public
b. Private
c. Hybrid
d. Community
d. Community