IT0201 REVIEWER Flashcards

1
Q

What type of attack occurs when data goes beyond the memory areas allocated to application?

RAM spoofing

Buffer overflow

RAM injection

SQL injection

A

Buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following statements describes a distributed denial of service (DDoS) attack?

A botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks

An attacker sends an enormous quantity of data that a server cannot handle

An attacker monitors network traffic to learn authentication credentials

One computer accepts data packets based on the MAC address of another computer

A

A botnet of zombies, coordinated by an attackers, overwhelms a servers with DoS attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Employees in an organization report that the network access is slow. Further investigation reveals that one employee downloaded a third-party scanning program for the printer.

What type of malware may have been introduced?

Worm

Trojan horse

Phishing

Spam

A

Worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Employees in an organization report that they cannot access the customer database on the main server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization receives a threatening email demanding payment for the decryption of the database file.

What type of attack has the organization experienced?

Man-in-the-middle attack

Ransomware

Trojan horse

DoS attack

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A penetration test carried out by an organization identified a backdoor on the network. What action should the organization take to find out if their systems have been compromised?

Look for unauthorized accounts

Scan the systems for viruses

Look for policy changes in Event Viewer

Look for usernames that do not have passwords

A

Look for unauthorized accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What non-technical method could a cybercriminal use to gather sensitive information from an organization?

Pharming

Social engineering

Ransomware

Man-in-the-middle

A

Social engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A secretary receives a phone call from someone claiming that their manager is about to give an important presentation but the presentation files are corrupted.

The caller sternly asks that the secretary email the presentation right away to a personal email address. The caller also states that the secretary is being held personally responsible for the success of this presentation.

What type of social engineering tactic is the caller using?

Familiarity

Trusted partners

Intimidation

Urgency

A

Intimidation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

All employees in an organization receive an email stating that their account password will expire immediately and that they should reset their password within five minutes.

Which of the following statements best describes this email?

It is an impersonation attack

It is a piggyback attack

It is a hoax

It is a DDoS attack

A

It is a hoax

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which best practices can help defend against social engineering attacks?

Select three correct answers

Do not provide password resets in a chat window

Deploy well-designed firewall appliances

Resist the urge to click on enticing web links

Add more security guards

Educate employees regarding security policies

Enable a policy that states that the IT department should supply information over the phone only to managers

A

Do not provide password resets in a chat window

Resist the urge to click on enticing web links

Educate employees regarding security policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What do you call an impersonation attack that takes advantage of a trusted relationship between two systems?

Spoofing

Man-in-the-middle

Spamming

Sniffing

A

Spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the server to crash.

What do you call this type of attack?

Packet injection

Man-in-the-middle

DoS

SQL injection

A

DoS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can they use to identify specific details about vulnerabilities?

Infragard

NIST/NICE framework

ISO/IEC 27000 model

CVE national database

A

CVE national database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

When considering network security, what is the most valuable asset of an organization?

financial resources

data

personnel

customers

A

data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which resource is affected due to weak security setting for a device owned by the company, but housed in another location?

social networking

removable media

cloud storage device

hard copy

A

cloud storage device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which Cisco group is responsible for investigating and mitigating potential vulnerabilities in Cisco products?

Cisco Talos Intelligence Group

Cisco Product Security Incident Response Team

Cybersecurity Infrastructure and Security Agency

National Cyber Security Alliance

A

Cisco Product Security Incident Response Team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is an attack vector?

It refers to attacks carried out specifically by internal users.

It refers to a threat group that launches DDoS attacks.

It is a tool by which a threat actor uses to attack an organization.

It is a path by which a threat actor can gain access to a server, host, or network.

A

It is a path by which a threat actor can gain acccess to a server, host, or network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Match the common data loss vectors to the description.

Improper Access -Control

Email/Social -Networking

Unencrypted -Devices

Removable Media -

An employee could perform an unauthorized transfer of data to a USB drive. In addition, a USB drive containing valuable corporate data could be lost.

Intercepted email or IM messages could be captured and reveal confidential information.

If the data is not stored using an encryption algorithm, then the thief can retrieve valuable confidential data from stolen corporate laptop.

Stolen passwords or weak passwords which have been compromised can provide an attacker easy access to corporate data.

A

Improper Access Control - Stolen passwords or weak passwords which have been compromised can provide an attacker easy access to corporate data.

Email/Social Networking - Intercepted email or IM messages could be captured and reveal confidential information.

Unencrypted Devices - If the data is not stored using an encryption algorithm, then the thief can retrieve valuable confidential data from stolen corporate laptop.

Removable Media - An employee could perform an unauthorized transfer of data to a USB drive. In addition, a USB drive containing valuable corporate data could be lost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which term in network security is used to describe a potential danger to an asset suc as data or the network itself?

Threat

Vulnerability

Risk

Exploit

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which statement describes the network security term attack surface?

It is the total sum of the vulnerabilities in each system that are accessible to an attacker.

It is the mechanism that is used to leverage a vulnerability to compromise an asset.

It is a weakness in a system or its design that could be exploited by a threat.

It is the likelihood that a particular threat will exploit a particular vulnerability of an asset and result in an undesirable consequence.

A

It is the total sum of the vulnerabilities in each system that are accessible to an attacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The IT department performs a thorough assessment of security posture for the company data center operation. The risk of potential loss or compromise of critical data is identified. In discussion with the magenement team, a decision is reached that the critical data should be replicated to a cloud service provider and further insured with an insurance company. Which risk management strategy is employed?

Risk avoidance

Risk tranfer

Risk reduction

Risk acceptance

A

Risk transfer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Match the type of hackers to the description.

piece them together

Gray Hat Hackers -

Black Hat Hackers -

White Hat Hackers -

They are ethical hackers who use their programming skills for good, ethical, and legal purposes. They may perform network penetration tests to compromise networks and system by using their knowledge of computer security systems to discover network vulnerabilities

They are individuals who commit crimes and do arguable unethical things, but not for personal gain or to cause damage. An example would be someone who compromises a network without permission and then discloses the vulerability publicly.

They are unethical criminals who violate computer and network security for personal gain, or for malicious reaosns, such as attacking networks.

A

Gray Hat Hackers - They are individuals who commit crimes and do arguable unethical things, but not for personal gain or to cause damage. An example would be someone who compromises a network without permission and then discloses the vulerability publicly.

Black Hat Hackers - They are unethical criminals who violate computer and network security for personal gain, or for malicious reaosns, such as attacking networks.

White Hat Hackers - They are ethical hackers who use their programming skills for good, ethical, and legal purposes. They may perform network penetration tests to compromise networks and system by using their knowledge of computer security systems to discover network vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which term refers to the type of threat actors who are either self-employed working for large cybercrime organizations?

State-Sponsored

Hacktivists

Vulnerability brokers

Cybercriminals

A

Cybercriminals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which statement describes the characteristics of the indicators of attack (IOA)?

They help cybersecurity personnel identify what has happened in an attack and develop defenses against the attack.

They are shared through the system AIS (Automated Indicator Sharing) and help to limit the size of attack surface.

They focus on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets.

They focus on identifying malware files, IP addresses of servers that are used in attacks, filenames, and characteristic changes made to end system software, among others.

A

They focus on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are two reasons that internal threats from within an organization may cause greater damage than external threats? (Choose two.)

Internet users can easily conceal their attacking trails.

State-Sponsored hacking is typically carried out by internal users.

Internal users have direct access to the building and its infrastructure devices.

Internal users may have knowledge of the corporate network, its resources, and its confidential data.

Internal users have better access to attacking tool

A

Internal users have direct access to the building and its infrastructure devices.

Internal users may have knowledge of the corporate network, its resources, and its confidential data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Which attack is being used when threat actors position themselves betwen a sourcce and destinatoin to transparently monitor, capture, and control the communication? Address Spoofing Attack ICMP Attack Amplification and Reflection Attacks Session Hijacking MiTM Attack
MiTM Attack
26
Which attack is being used when threat actors gain access to the physical network, and then use an MiTM attack to capture and manipulate a legitimate user's traffic? Session Hijacking Address Spoffing Attack Amplification and Reflection Attacks MiTM Attack ICMP Attack
Session Hijacking
27
Which attack is being used when threat actors initiate a simultaneous, coordinated attack from multiple source machines? Address Spoofing Attack ICMP Attack Amplification and Reflection Attacks MiTM Attack Session Hijacking
Amplification and Reflectoin Attacks
28
Which attack is being used when threat actors use pings to discover subnets and hosts on a protected network, to generate flood attacks, and to alter host routing tables? Address Spoofing Attack Amplification and Reflection Attacks ICMP Attack Session Hijacking MiTM Attack
ICMP Attack
29
Which attack being used is when a threat actor creates packets with false source IP address information to either hide the identity of the sender, or to pose as another legitimate user? Session Hijacking MiTM Attack Address Spoofing Attack Amplification and Reflection Attacks ICMP Attack
Address Spoofing Attack
30
Which attack exploits the three-way handshake? TCP reset attack UDP flood attack TCP SYN Flood attack TCP session hijacking DoS attack
TCP SYN Flood attack
31
Two hosts have established a TCP connection and are exchanging data. A threat actor sends a TCP segment with the RST bit set to both hosts informing them to immediately stop using the TCP connection. Which attack is this? DoS attack TCP SYN Flood attack UDP flood attack TCP reset attack TCP session hijacking
TCP reset attack
32
Which attack is being used when the threat actor spoofs the IP address of one host, predicts the next sequence number, and sends an ACK to the other host? DoS attack TCP reset attack UDP flood attack TCP session hijacking TCP SYN Flood attack
TCP session hijacking
33
A program sends a flood of UDP packets from a spoofed host to a server on the subnet sweeping through all the known UDP ports looking for closed ports. This will cause the server to reply with an ICMP port unreachable message. Which attack is this? TCP session hijacking TCP reset attack TCP SYN Flood attack UDP flood attack DoS attack
UDP flood attack
34
Which field in an IPv6 packet is used by the router to determine if a packet has expired and should be dropped? TTL Hop Limit Address Unreachable No Route to Destination
Hop Limit
35
An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this? port redirection man in the middle trust exploitation buffer overflow
man in the middle
36
Which field in the IPv4 header is used to prevent a packet from traversing a network endlessly? Differentiated Services Time-to-Live Acknowledgment Number Sequence Number
Time-to-Live
37
What is involved in an IP address spoofing attack? Bogus DHCPDISCOVER messages are sent to consume all the available IP addresses on a DHCP server. A legitimate network IP address is hijacked by a rogue node. A rogue DHCP server provides false IP configuration parameters to legitimate DHCP clients. A rogue node replies to an ARP request with its own MAC address indicated for the target IP address.
A legitimate network IP address is hijacked by a rogue node
38
Which type of attack involves the unauthorized discovery and mapping of network systems and services? DoS reconnaissance trust expoitation access
reconnaissance
39
In which TCP attack is the cybercriminal attempting to overwhelm a target host with half-open TCP connections? reset attack SYN flood attack port scan attack session hijacking attack
SYN flood attack
40
How is optional network layer information carried by IPv6 packets? inside the Flow Label field inside an options field that is part of the IPv6 packet header inside an extension header attached to the main IPv6 packet header inside the payload carried by the IPv6 packet
inside an extension header attached to the main IPv6 packet header
41
A threat actor wants to interrupt a normal TCP communication between two hosts by sending a spoofed packet to both endpoints. Which TCP option bit would the threat actor set in the spoofed packet? ACK RST SYN FIN
RST
42
A threat actor uses a program to launch an attack by sending a flood of UDP packets to a server on the network. The program sweeps through all of the known ports trying to find closed ports. It causes the server to reply with an ICMP port unreachable message and is similar to a DoS attack. Which two programs could be used by the threat actor to launch the attack? (Choose two.) Smurf UDP Unicorn Low Orbit Ion Cannon WireShark ping
UDP Unicorn Low Orbit Ion Cannon
43
Which term describes a field in the IPv4 packet header used to detect corruption in the IPv4 header? TTL protocol source IPv4 address header checksum
header checksum
44
What kind of ICMP message can be used by threat actors to map an internal IP network? ICMP router discovery ICMP mask reply ICMP echo request ICMP redirects
ICMP mask reply
45
Users in a company have complained about network performance. After investigation, the IT staff has determined that an attacker has used a specific technique that affects the TCP three-way handshake. What is the name of this type of network attack? session hijacking DDoS SYN flood DNS poisoning
SYN flood
46
What enables a threat actor to impersonate the default gateway and receive all traffic that is sent to hosts that are not on the local LAN segment? DNS Tunneling iFrame attacks ARP cache positioning Cross-site scripting
ARP cache positioning
47
What should a cybersecurity analysts look for to detect DNS tunneling? gratutious ARP requests longer than average DNS queries Incorrect MAC to IP address mappings rogue DHCP servers
longer than average DNS queries
48
A threat actor accesses a list of user email addresses by sending database commands through an insecure login page. What type of attack is this? SQL injection iFrame attack cross-side scripting client-side scripting
SQL injection
49
In what type of attack are HTTP redirect messages used to send users to malicious websites? HTTP 302 cushioning domain shadowing cross-site scripting iFrame attack
HTTP 302 cushioning
50
Which action best describes a MAC address spoofing attack? altering the MAC address of an attacking host to match that of a legitimate host bombarding a switch with fake source MAC addresses flooding the LAN with excessive traffic forcing the election of a rogue root bridg
altering the MAC address of an attacking host to match that of a legitimate host
51
What is an objective of a DHCP spoofing attack? to attack a DHCP server and make it unable to provide valid IP addresses to DHCP clients to gain illegal access to a DHCP server and modify its configuration to provide false DNS server addresses to DHCP clients so that visits to a legitimate web server are directed to a fake server to intercept DHCP messages and alter the information before sending to DHCP clients
to provide false DNS server addresses to DHCP clients so that visits to a legitimate web server are directed to a fake server
52
What is the primary means for mitigating virus and Trojan horse attacks? encryption antisniffer software antivirus software blocking ICMP echo and echo-replies
antivirus software
53
What method can be used to mitigate ping sweeps? deploying antisniffer software on all network devices installing antivirus software on hosts blocking ICMP echo and echo-replies at the network edge using encrypted or hashed authentication protocols
blocking ICMP echo and echo-replies at the network edge
54
What worm mitigation phase involves actively disinfecting infected systems? inoculation containment treatment quarantine
treatment
55
What is the result of a DHCP starvation attack? Legitimate clients are unable to lease IP addresses. Clients receive IP address assignments from a rogue DHCP server. The IP addresses assigned to legitimate clients are hijacked. The attacker provides incorrect DNS and default gateway information to clients.
Legitimate clients are unable to lease IP addresses.
56
Which term is used for bulk advertising emails flooded to as many end users as possible? Adware Phishing Spam Brute force
Spam
57
Which type of DNS attack involves the cybercriminal compromising a parent domain and creating multiple subdomains to be used during the attacks? amplification and reflection cache poisoning tunneling shadowing
shadowing
58
Which protocol would be the target of a cushioning attack? DHCP DNS HTTP ARP
HTTP
59
Which language is used to query a relational database? C++ Python SQL Java
SQL
60
Which two attacks target web servers through exploiting possible vulnerabilities of input functions used by an application? (Choose two.) cross-site scripting trust exploitation port scanning SQL injection port redirection
cross-site scripting SQL injection
61
In which type of attack is falsified information used to redirect users to malicious Internet sites? DNS cache poisoning ARP cache poisoning domain generation DNS amplification and reflection
DNS cache poisoning
62
What is a characteristic of a DNS amplification and reflection attack? Threat actors hide their phishing and malware delivery sites behind a quickly-changing network of compromised DNS hosts. Threat actors use a DoS attack that consumes the resources of the DNS open resolvers. Threat actors use malware to randomly generate domain names to act as rendezvous points. Threat actors use DNS open resolvers to increase the volume of attacks and to hide the true source of an attack
Threat actors use DNS open resolvers to increase the volume of attacks and to hide the true source of an attack
63
Which device must connect to another device to gain accecss to the network? switch end devices wireless access point router
end devices
64
Which device connects wireless clients to the network? switch router wireless access point (WAP) end device
wireless access point (WAP)
65
Which device uses MAC addresses to determine the exit port? wireless LAN Controller end device switch router
switch
66
Which of the following is most likely NOT the source of a wireless DoS attack? Radio interference Malicious user Rogue AP improperly configured devices
Rogue AP
67
True or False. A rogue AP is a misconfigured AP connected to the network and a possible source of DoS attacks.
False
68
What type of attack is an "evil twin AP" attack? Wireless intruder MiTM DoS Radio interference
MiTM
69
City Center Hospital provides WLAN connectivity to its employees. The security policy requires that communication between employees mobile devices and the acecss points must be encrypted. What is the purpose of this requirement? to ensure that users who connect to an AP are employees of the hospital to prevent the contents of intercepted messages from being read to prevent a computer virus on a mobiel device from infecting other devices to block denial of service attacks originating on the Internet
to prevent the contents of intercepted messages from being read
70
What is a feature that can be used by an administrator to prevent unauthorized users from connecting to a wireless access point? proxy server MAC filtering software firewall WPA encryption
MAC filtering
71
What is an advantage of SSID cloaking?​ It provides free Internet access in public locations where knowing the SSID is of no concern. It is the best way to secure a wireless network. Clients will have to manually identify the SSID to connect to the network. SSIDs are very difficult to discover because APs do not
Clients will have to manuually identify the SSID to cconnect to the network.
72
For which discovery mode will an AP generate the most traffic on a WLAN? passive mode open mode active mode mixed mode
passive mode
73
At a local college, students are allowed to connect to the wireless network without using a password. Which mode is the access point using? open passive network shared-key
open
74
An employee connects wirelessly to the company network using a cell phone. The employee then configures the cell phone to act as a wireless access point that will allow new employees to connect to the company network. Which type of security threat best describes this situation? denial of service cracking rogue access point spoofing
rogue access point
75
The company handbook states that employees cannot have microwave ovens in their offices. Instead, all employees must use the microwave ovens located in the employee cafeteria. What wireless security risk is the company trying to avoid? accidental interference rogue access points improperly configured devices interception of data
accidental interference
76
Which two roles are typically performed by a wireless router that is used in a home or small business? (Choose two.) Ethernet switch repeater access point WLAN controller RADIUS authentication server
Ethernet switch Access point
77
What method of wireless authentication is dependent on a RADIUS authentication server? WEP WPA2 Enterprise WPA2 Personal WPA Personal
WPA2 Enterprise
78
Which wireless encryption method is the most secure? WEP WPA2 with TKIP WPA WPA2 with AES
WPA2 with AES
79
Which parameter is commonly used to identify a wireless network name when a home wireless AP is being configured? BESS ESS SSID ad hoc
SSID
80
Which wireless parameter refers to the frequency bands used to transmit data to a wireless access point? SSID security mode channel settings scanning mode
channel settings
81
Which device can control and manage a large number of corporate APs? router WLC LWAP switch
WLC
82
A wireless engineer is comparing the deployment of a network using WPA2 versus WPA3 authentication. How is WPA3 authentication more secure when deployed in an open WLAN network in a newly built company-owned cafe shop? WPA3 requires the use of a 192-bit cryptographic suite WPA3 uses OWE to encrypt wireless traffic WPA3 prevents brute force attacks by using SAE WPA3 uses DPP to securely onboard available IoT devices
WPA3 uses OWE to encrypt wireless traffic
83
What allows a switch to make duplicate copies of traffic passing through it, and then send it out a port with a network monitor attached? Port Mirroring ACL AAA Server VPN
Port Mirroring
84
What is a series of commands that control whether a device forwards or drops packets based on information found in the packet header? VPN ACL Port Mirroring AAA Server
ACL
85
What provides statistics on packet flows passing through a networking device? Syslog Servers NTP NetFlow SNM
NetFlow
86
What is a private network that is created over a public network? ACL AAA Server VPN Port Mirroring
VPN
87
What sets the date and time on network devices? SNMP NTP Syslog Servers NetFlow
NTP
88
What gathers a variety of statistics for devices that are configured to send and log status messages? Syslog NTP SNMP NetFlow
Syslog
89
Which option allows administrators to monitor and manage network devices? SNMP NetFlow Syslog NTP
NetFlow
90
What authenticates users to allow access to specific network resources and records what the user does while connected to the resource? AAA Server VPN Port Mirroring ACL
AAA Server
91
What is the purpose of a personal firewall on a computer? to protect the computer from viruses and malware to filter the traffic that is moving in and out of the PC to increase the speed of the Internet connection to protect the hardware against fire hazard
to filter the traffic that is moving in and out of the PC
92
What is the main difference between the implementation of IDS and IPS devices? An IDS needs to be deployed together with a firewall device, whereas an IPS can replace a firewall. An IDS uses signature-based technology to detect malicious packets, whereas an IPS uses profile-based technology. An IDS would allow malicious traffic to pass before it is addressed, whereas an IPS stops it immediately. An IDS can negatively impact the packet flow, whereas an IPS can not.
An IDS would allow malicious traffic to pass before it is addressed, whereas an IPS stops it immediately.
93
Which protocol provides authentication, integrity, and confidentiality services and is a type of VPN? ESP MD5 IPsec AES
IPsec
94
What is a feature of the TACACS+ protocol? It hides passwords during transmission using PAP and sends the rest of the packet in plaintext. It encrypts the entire body of the packet for more secure communications. It utilizes UDP to provide more efficient packet transfer. It combines authentication and authorization as one process.
It encrypts the entire body of the packet for more secure communications
95
Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts? stateful packet inspection packet filtering application filtering URL filtering
stateful packet inspection
96
Which statement describes the Cisco Cloud Web Security? It is a security appliance that provides an all-in-one solution for securing and controlling web traffic. It is a cloud-based security service to scan traffic for malware and policy enforcement. It is a secure web server specifically designed for cloud computing. It is an advanced firewall solution to guard web servers against security threats.
It is a cloud-based security service to scan traffic for malware and policy enforcement.
97
Which two statements are true about NTP servers in an enterprise network? (Choose two.) There can only be one NTP server on an enterprise network. NTP servers control the mean time between failures (MTBF) for key network devices. NTP servers ensure an accurate time stamp on logging and debugging information. All NTP servers synchronize directly to a stratum 1 time source. NTP servers at stratum 1 are directly connected to an authoritative time source
NTP servers ensure an accurate time stamp on logging and debugging information NTP servers at stratum 1 are directly connected to an authoritative time source.
98
How is a source IP address used in a standard ACL? It is the address to be used by a router to determine the best path to forward packets. It is the criterion that is used to filter traffic. It is the address that is unknown, so the ACL must be placed on the interface closest to the source address. It is used to determine the default gateway of the router that has the ACL applied.
It is the criterion that is used to filter traffic.
99
Which network service allows administrators to monitor and manage network devices? NTP SNMP syslog NetFlow
SNMP
100
What is a function of a proxy firewall? filters IP traffic between bridged interfaces connects to remote servers on behalf of clients drops or forwards traffic based on packet header information uses signatures to detect patterns in network traffic
connects to remote servers on behalf of clients
101
What network monitoring technology enables a switch to copy and forward traffic sent and received on multiple interfaces out another interface toward a network analysis device? port mirroring NetFlow SNMP network tap
port mirroring