Network

Question 1

Layer 1

Answer 1

Physical

Question 2

Layer 2

Answer 2

Data Link

Question 3

Layer 3

Answer 3

Network

Question 4

Layer 4

Answer 4

Transport

Question 5

Layer 5

Answer 5

Session

Question 6

Layer 6

Answer 6

Presentation

Question 7

Layer 7

Answer 7

Application

Question 8

Physical

Answer 8

Layer 1

Question 9

Data Link

Answer 9

Layer 2

Question 10

Network

Answer 10

Layer 3

Question 11

Transport

Answer 11

Layer 4

Question 12

Session

Answer 12

Layer 5

Question 13

Presentation

Answer 13

Layer 6

Question 14

Application

Answer 14

Layer 7

Question 15

Usually, layer 6 (______) and 7 (_____) are _____ together.

Answer 15

Usually, layer 6 (presentation) and 7 (application) are joined together.

Question 16

At layer 2, devices are identified by

Answer 16

MAC addresses

Question 17

At layer 3, devices are identified by

Answer 17

IP addresses

Question 18

Protocol that translates L3 addresses to L2 addresses

Answer 18

ARP, from IP to MAC

Question 19

Security in depth is also called

Answer 19

layered security

Question 20

A server that manages several VPN tunnels is called

Answer 20

A VPN Concentrator

Question 21

A general vulnerability of having a UTM appliance is…

Answer 21

It’s Single Point of Failure (SPoF)

Question 22

A Web Security Gateway can be used as a _____ ______ prevention measure.

Answer 22

data loss

Question 23

A Web Security Gateway’s main role is

Answer 23

applying corporate policies to internet traffic

Question 24

A WAF operates on layer…

Answer 24

7 (application)

Question 25

MOU

Answer 25

Memorandum of Understanding

Question 26

BPA

Answer 26

Blanket Purchase Agreement

Question 27

ISA

Answer 27

Internet Service Agreement

Question 28

To prevent access to the network through exposed ports you can use

Answer 28

MAC Filtering

Question 29

A control that detects a DoS attack and halt its traffic is called

Answer 29

Flood guards

Question 30

To authenticate to wired and wireless networks to a central database using EAP you can use…

Answer 30

802.1x

Question 31

802.1x encapsulates…

Answer 31

EAP

Question 32

A supplicant is a…

Answer 32

client device trying to access a network

Question 33

A DMZ creates an area

Answer 33

between the public internet and the internal network whereby the internal network can access outside resources, and only some resources can access the inside network

Question 34

NAT allows

Answer 34

using two sets of IP addresses, internal and external, and translate between them

Question 35

NAC

Answer 35

Network Access Control

Question 36

In zero-trust, NAC is implemented with

Answer 36

Credentials and Posture Assessment

Question 37

Segmentation of resources in a network creates

Answer 37

VLANs

Question 38

IPv4 and IPv6 operate at the ____ layer

Answer 38

network (layer 3)

Question 39

IPv6 is ____-bits

Answer 39

128 bits (16 bytes). It uses hex!

Question 40

SAN

Answer 40

Storage Area Network

Question 41

FC/FCP

Answer 41

Fiber Channel (Protocol)

Question 42

SCSI

Answer 42

Small Computer System Interface

Question 43

SCSI is used to control _____ devices

Answer 43

storage

Question 44

FCP is used alongside with SCSI to control ______

Answer 44

storage devices

Question 45

FCoE

Answer 45

Fiber Channel over Ethernet

Question 46

iSCSI

Answer 46

Internet SCSI, L3 protocol between datacenters.

Question 47

NetBIOS operates on layer

Answer 47

layer 5 (session)

Question 48

NetBIOS is often used to access

Answer 48

printers and NAS

Question 49

SNMP

Answer 49

Simple Network Management Protocol

Question 50

IPsec modes

Answer 50

transport (host-to-host), tunnel (site-to-site)

Question 51

Common attack to MAC filtering

Answer 51

MAC spoofing

Question 52

Types of EAP

Answer 52

LEAP (Cisco), PEAP

Question 53

Storage segmentation

Answer 53

Place controls on data access from a BYOD cellphone

Question 54

TCP Wrappers

Answer 54

Host-based ACL for services under UNIX

Question 55

RADIUS

Answer 55

AAA Protocol for network resources

Question 56

TACACS+

Answer 56

AAA Protocol, less robust accounting than RADIUS, but better encryption

Question 57

Kerberos

Answer 57

Authentication protocol

Question 58

KDC

Answer 58

Key Distribution Center (Kerberos)

Question 59

LDAP

Answer 59

Directory Service Protocol for Authentication, TCP 389

Question 60

Secure LDAP

Answer 60

LDAP over SSL

Question 61

SAML

Answer 61

XML-based standard for AA

Question 62

Identity Federation

Answer 62

SSO method that allows access to multiple networks

Question 63

Transitive Trust Authentication

Answer 63

Process of being authenticated by an entity because you’re trusted by another trusted entity. Usually in a PKI.

Question 64

SDV

Answer 64

Software-defined visibility, allows monitoring of cloud network assets.

Question 65

Tool for monitoring open ports on Windows

Answer 65

Netstat

Question 66

Tool for monitoring open ports on Windows

Answer 66

Netstat

Question 67

Windows NTFS permissions

Answer 67

Read, Write, Modify, List folder, R+X, Full Control

Question 68

Windows sharing permissions

Answer 68

Read, Change, Full Control

Question 69

Where to put omnidirectional WAP

Answer 69

Center of building

Question 70

Where do switches store MAC-to-port

Answer 70

CAM, Content Addressable Memory

Question 71

SRTP

Answer 71

Secure Real-time Protocol, used for audio and video

Question 72

Centralized VPN and dial-up

Answer 72

RADIUS

Question 73

An updated version of RADIUS is called

Answer 73

Diameter

Question 74

Attestation

Answer 74

Authentication of software or device state, instead of identity

Question 75

LDAP over SSL port

Answer 75

689

Question 76

LDAP over TLS port

Answer 76

636

Question 77

636 port

Answer 77

LDAP over TLS

Question 78

689 port

Answer 78

LDAP over SSL

Question 79

TLS is _____ and ____ than SSL

Answer 79

Newer and safer

Question 80

Because TLS is newer than SSL, its LDAP port is

Answer 80

out of scheme (636)

Question 81

Managed PDU

Answer 81

Managed Power Distribution Units, on-rack

Question 82

In terms of networks, SCADA systems should always be

Answer 82

segmented and isolated from the internet

Question 83

DMZs are now called

Answer 83

Screened subnets

Question 84

S/MIME is used in the _____ layer

Answer 84

presentation

Question 85

Common SNMP vuln

Answer 85

default community strings

Question 86

IPSec provides full ___

Answer 86

CIA

Question 87

Transport IPSec encrypts

Answer 87

only data

Question 88

Tunnel IPSec encrypts

Answer 88

data and header

Question 89

What IPSec mode is used for VPNs

Answer 89

Tunnel (site-to-site) mode

Question 90

In IPSec key management is provided by the ___

Answer 90

IKE, Internet Key Exchange

Question 91

POP port is

Answer 91

110

Question 92

IMAP port

Answer 92

143

Question 93

Secure POP port

Answer 93

995

Question 94

Secure IMAP port

Answer 94

993

Question 95

IMAP ports end in

Answer 95

3

Question 96

POP ports end in

Answer 96

0 and 5

Question 97

Secure email starts at ___ (ports)

Answer 97

990

Question 98

995

Answer 98

Secure POP

Question 99

993

Answer 99

Secure IMAP

Question 100

Protocols to read email

Answer 100

POP and IMAP

Question 101

Protocol to send email

Answer 101

SMTP

Question 102

SMTP port

Answer 102

25

Question 103

SMTPS

Answer 103

465

Question 104

465

Answer 104

SMTPS

Question 105

25

Answer 105

SMTP

Question 106

SMTPS encrypts using

Answer 106

TLS

Question 107

In a LAN, what IPSec mode should be used

Answer 107

Transport mode, because you need the IP header

Question 108

NGFW

Answer 108

Next Generation Firewall

Question 109

NGFW also adds ___/___ capabilities

Answer 109

NIDS/NIPS

Question 110

An active HIDS

Answer 110

blocks the intrusion

Question 111

HIDS

Answer 111

Host Intrusion Detection System

Question 112

EDR

Answer 112

Endpoint Detection and Response

Question 113

Measure Boot in W10 provides boot _____

Answer 113

attestation

Question 114

A screened subnet usually contains

Answer 114

public facing servers and bastion hosts

Question 115

Extranets enable __ communication

Answer 115

B2B

Question 116

VLAN basic types

Answer 116

Port-based, MAC address-based, Protocol-based (IP)

Question 117

VLANs that depend on IP addresses are called _____-based VLANs

Answer 117

Protocol-based VLANs

Question 118

A common VPN solution combines ____ along with IPSec

Answer 118

L2TP

Question 119

L2TP

Answer 119

Layer 2 tunneling protocol

Question 120

____ _____ is when VPNs allow only some traffic to go through the VPN while other types of traffic go through the normal internet

Answer 120

split tunneling

Question 121

When all traffic is routed through a VPN it is called ____ _____.

Answer 121

full tunnelling.

Question 122

BPDU guard

Answer 122

prevents misconfigurations and BDPU attacks by detecting loops in the network topology. Anomalies need to reenable interfaces manually

Question 123

DHCP snooping

Answer 123

Inspects DHCP traffic for rogue servers and drops that traffic

Question 124

A nontransparent proxy

Answer 124

modifies traffic

Question 125

Sensors, Collectors, Aggregators

Answer 125

Sensors can be host or network based, collectors retrieve data using SNMP from sensors, Aggregators unify them

Question 126

Protocol Analyze

Answer 126

intercepts and analyzes network traffic, but only specific segments between certain hosts

Question 127

TKIP replacement in WPA2

Answer 127

CCMP

Question 128

An _____ ____ creates, maintains, and manages identity information for an organization

Answer 128

identity provider