Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

My Network+N10-008 > Network Hardening Techniques > Flashcards

Network Hardening Techniques Flashcards

1
Q

Your primary concern when hardening your network is the fact that you are
vulnerable to several DoS attacks that involve your IGP and EGP protocols.
What hardening technique addresses this challenge most directly?
a. Control plane policing
b. Geofencing
c. SNMP
d. Dynamic ARP inspection

A

Answer: a. Control plane policing (CoPP) can help in this situation. Because
your IGP and EGP routing protocols are part of the control plane, you can
use CoPP to watch the amount of traffic that is permitted to your CPU. In this
way, you can prevent many different types of DoS attacks that target the control plane.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What protocol makes 802.1X possible?
a. SSH
b. Telnet
c. SNMPv3
d. EAP

A

Answer: d. Extensible Authentication Protocol (EAP) is a flexible solution that
is used in many network environments to support a wide variety of authentication and authorization scenarios. EAP is the featured technology of 802.1X.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What device hardening technique might be found in a row of stores in a shopping mall to ensure that the different stores are segmented from each other?
a. Default VLAN
b. DHCP snooping
c. Private VLAN
d. Dynamic ARP inspection

A

Answer: c. Private VLANs add segmentation capabilities beyond what is typical for VLAN communication. You can create segmentation within an IP subnet by using this technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is not a network hardening best practice?
a. Use SNMPv3
b. Disable unneeded services
c. Implement role-based access
d. Change to default passwords

A

Answer: d. Network hardening best practices include using SNMPv3
instead of earlier versions, disabling unneeded ports and unneeded services,
and changing default passwords to something other than the known default
passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following means that if you have not been explicitly granted
access, then access is denied?
a. Implicit deny
b. Explicit deny
c. Allow
d. BPDU

A

Answer: a. An implicit deny clause (in a firewall rule) means that if the proviso
in question has not been explicitly granted, then access is denied.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What do most public networks, including WiFi hotspots, use to require users
to agree to some condition before they use the network or Internet?
a. PSKs
b. Proper antenna placement
c. Appropriate signal power levels
d. Captive portalssw

A

Answer: d. A public network or a WiFi hotspot may use a captive portal,
which requires users to agree to some condition before they can use the network or Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

My Network+N10-008 (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions