Lesson 9 - Questions Flashcards

1
Q

A recent security evaluation concluded that your company’s network design is too consolidated. Hosts with wildly different functions and purposes are grouped together on the same logical area of the network. In the past, this has enabled attackers to easily compromise large swaths of network hosts. What technique(s) do you suggest will improve the security of the network’s design, and why?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You are discussing a redesign of network architecture with a client, and they want to know what the difference between an extranet and Internet is. How can you explain it?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why is subnetting useful in secure network design?

A

How can an enterprise DMZ be implemented?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What type of network requires the design to account for east-west traffic?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Why might an ARP poisoning tool be of use to a threat actor performing network reconnaissance?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How could you prevent a malicious attacker from engineering a switching loop from a host connected to a standard switch port?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What port security feature mitigates ARP poisoning?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a dissolvable agent?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

True or false? Band selection has a critical impact on all aspects of the security of a wireless network?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The network manager is recommending the use of “thin” access points to implement the wireless network. What additional appliance or software is required and what security advantages should this have?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a pre-shared key?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Is WPS a suitable authentication method for enterprise networks?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You want to deploy a wireless network where only clients with domain-issued digital certificates can join the network. What type of authentication mechanism is suitable?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why are many network DoS attacks distributed?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is an amplification attack?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is meant by scheduling in the context of load balancing?

A
17
Q

What mechanism provides the most reliable means of associating a client with a particular server node when using load balancing?

A
18
Q

True or false? A virtual IP is a means by which two appliances can be put in a fault tolerant configuration to respond to requests for the same IP address?

A
19
Q

What field provides traffic marking for a QoS system at layer 3?

A