Network Security - Objective 4

Question 1

Type of encryption used by WPA

Answer 1

RC4 (Rivest Cipher 4)

Question 2

Geofencing

Answer 2

Uses GPS or RFID to define real-world boundaries where barriers can be active or passive

Question 3

NAC

Answer 3

Network Access Control

Permits or denies access to the network based on a device’s characteristics

Question 4

Difference between active & passive geofencing

Answer 4

Whether an alert is sent or only a log created

Question 5

Wireless client isolation a.k.a. AP isolation

Answer 5

Devices on a wireless network can’t communicate with each other

Question 6

Guest network isolation

Answer 6

The guest network does not have access to other networks on the access point

Question 7

Encryption protocol used by SNMP3

Answer 7

DES

Question 8

CRAM-MD5

Answer 8

MD5 variant used in email systems

Question 9

DAC

Answer 9

Discretionary Access Control

An access control method where access is determined by the owner of the resource

Question 10

MAC
(not the address)

Answer 10

Mandatory Access Control

An access control policy where the computer system gets to decide who gets access to what objects

Question 11

RBAC

Answer 11

Role-based Access Control

Access model that is controlled by the system but focuses on a set of permissions versus an individuals permissions

Question 12

Zero-Trust

Answer 12

A security framework that requires users to be authenticated and authorized before being granted access to applications or data

Question 13

Transport layer protocols used by RADIUS & TACACS+, respectively

Answer 13

UDP & TCP

Question 14

802.1x

Answer 14

A standardized framework that’s used for port-based network access control (NAC) on both wired and wireless networks

Question 15

3-roles in 802.1x authentication

Answer 15

• supplicant
• Authenticator
• authentication server

Question 16

3 examples of devices that can act as an authenticator in an 802.1X network

Answer 16

• Switch
• WAP
• VPN concentrator

Question 17

EAP

Answer 17

Extensible Authentication Protocol [actually a series of them]

Allows for numerous different mechanisms of authentication performed using 802.1x

Question 18

EAP-MD5

Answer 18

Utilizes simple passwords and the challenge handshake
authentication process to provide remote access
authentication

Question 19

EAP-TLS

Answer 19

Uses public key infrastructure with a digital certificate
being installed on both the client and the server

Question 20

EAP-TTLS

Answer 20

Requires a digital certificate on the server and a password
on the client for its authentication

Question 21

EAP-FAST

Answer 21

EAP Flexible Authentication via Secure Tunneling

Uses a protected access credential to establish mutual
authentication between devices

Question 22

PEAP

Answer 22

Protected EAP

Uses server certificates and Microsoft’s Active Directory
databases to authenticate a client’s password

Question 23

Reason to disable dynamic switchport mode on your switchports

Answer 23

To prevent switch spoofing

Question 24

RD Gateway

Answer 24

Remote Desktop Gateway

A server role that uses RDP over HTTPS & port 443 to provide a connection using the SSL/TLS protocols for remote users accessing an internal network

Question 25

3 things an RD gateway does for remote access

Answer 25

• create an encrypted connection
• control access to network resources based on permissions and group policies
• Monitor the status of the gateway and any RDP connection passing through the gateway

Question 26

4 remote access authentication protocols

Answer 26

• PAP unencrypted, not used
• CHAP
• MS-CHAP
• EAP can use more than just UN/PW (Use EAP/TLS in conjunction with a RADIUS or TACACS+ server)

Question 27

VNC

Answer 27

Virtual Network Computing

Designed for thin client architecture and things like virtual desktop infrastructure (VDI)

Question 28

2 ways of accessing a virtual desktop

Answer 28

• web browser
• specialized thin client device that uses a PXE network boot image that loads up a specialized client that can connect to the centralized server

Question 29

Difference between full tunnel & split tunnel VPN

Answer 29

Full tunnel routes & encrypts all traffic & split only does the traffic bound for the headquarters. Which you use determines which network you are logically a part of & therefore can access the resources of.

Question 30

When not to use a split tunnel VPN

Answer 30

On an untrusted Wi-Fi network

Question 31

Clientless VPN

Answer 31

VPN in a web browser (https)

Question 32

Protocol used instead of SSL or TLS for streaming or VoIP data in a VPN

Answer 32

DTLS datagram transport layer security

Question 33

L2TP

Answer 33

Layer 2 Tunneling Protocol

Early tunneling protocol - no native encryption

Question 34

L2F

Answer 34

Layer 2 Forwarding

Unused now (Cisco tunneling protocol for the P2P protocol)

Question 35

PPTP
A pro and a con

Answer 35

Point-to-Point Tunneling Protocol

Supports dial-up networks but also lacks native security features except when used with Microsoft Windows

Question 36

IPSec

Answer 36

IP Security

Provides authentication and encryption of packets to create a secure encrypted communication path between two computers

Question 37

4 protocols used to establish VPN connection

Answer 37

• L2TP
• L2F
• PPTP
• IPSec

Question 38

What is a SIEM

Answer 38

Security Information and Event Management

Provides real-time or near-real-time analysis of security alerts generated by network hardware & applications

Question 39

When should log analysis occur?

Answer 39

Regularly

Question 40

5 functions performed by SIEM

Answer 40

• Log collection
• Normalization
• Correlation
• Aggregation
• Reporting

Question 41

SIEM normalization

Answer 41

Maps log messages into a common data model, enabling the organization to connect and analyze related events

Question 42

SIEM correlation

Answer 42

Links the logs and events from different systems or
applications into a single data feed

Question 43

SIEM aggregation

Answer 43

Reduces the volume of event data by consolidating duplicate
event records and merging them into a single record

Question 44

X

Answer 44

Y

Question 45

How a SIEM takes data

Answer 45

Using the Syslog protocol (UDP 514 or TCP 1468), & with it classified on a scale of 0-7

Question 46

Port Security

Answer 46

Prevents unauthorized access to a switchport by identifying and limiting the MAC addresses of the hosts that are allowed. Can be done statically, dynamically, or both.

Question 47

2 Ways port security can create a list of authorized MAC addresses

Answer 47

• static configuration
• dynamic learning

Question 48

Port Security static configuration

Answer 48

Allows an administrator to define the static MAC addresses to use on a given switchport

Question 49

Port Security dynamic learning

Answer 49

Defines a maximum number of MAC addresses for a port and blocks new devices that are not on the learned list

A.k.a. Sticky MAC

Question 50

DAI

Answer 50

Dynamic ARP Inspection

Validates the address resolution protocol, or ARP, packets in your network

Question 51

How an ARP database is built

Answer 51

From replies to ARP requests

Question 52

DHCP snooping

Answer 52

Provides security by
- inspecting DHCP traffic
- filtering untrusted DHCP messages
- building and maintaining a DHCP snooping binding table

Question 53

2 things to configure to allow DHCP snooping

Answer 53

Switches and VLANs

Question 54

RA-Guard

Answer 54

IPv6 Router Advertisement Guard

Mitigates attack vectors based on forged ICMPv6 router advertisement messages

Question 55

What OSI layer does RA-guard operate at?

Answer 55

Layer 2

Question 56

CPP

Answer 56

Control Plane Policing

Configures a QoS filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS routers and switches

Question 57

2 types of attacks mitigated by SNMPv3

Answer 57

• on-path/MITM
• replay

Question 58

3 different types of VLANS

Answer 58

• Primary
• Secondary isolated
• Secondary community

Question 59

Secondary isolated VLAN

Answer 59

Switchports can only reach
the primary VLAN

Question 60

Secondary community VLAN

Answer 60

Switchports can communicate with each other and the primary VLAN

Question 61

Promiscuous Port (P-Port)

Answer 61

Can communicate with anything connected to the primary or secondary VLANs

Question 62

Default VLAN is known as…

Answer 62

VLAN 1

Question 63

Native VLAN

Answer 63

VLAN where untagged traffic is put once it is received on a trunk port. It is also the default VLAN.

Question 64

9 things to secure SNMP

Answer 64

1. Use v3
2. Whitelist the MIB
3. Use authPriv
4. Strong passwords for admins
5. Roll separation between polling/receiving traps (for reading)
6. Users & groups (for writing)
7. ACLs
8. Patching
9. Separate management network

Question 65

ACL line entry for an implicit deny

Answer 65

deny ip any any

Question 66

Is it better to use explicit allow or deny when configuring MAC filtering?

Answer 66

Allow

Question 67

9 things to help secure wireless networks

Answer 67

1. MAC filtering
2. Antenna placement
3. Antenna power levels
4. Pre-shared keys with strong passwords
5. Guest network isolation
6. Wireless client isolation
7. EAP instead of pre-shared key
8. Geofencing
9. Captive portals

Question 68

7 considerations with IoT

Answer 68

1. Understand your endpoints
2. Track & manage your devices
3. Patch vulnerabilities
4. Conduct test & evaluation before adding to the production network
5. Change default credentials
6. Use encryption protocols
7. Segment IoT devices

Question 69

2 things CPP helps protect a network from

Answer 69

• Reconnaissance
• DoS

Question 70

Geofencing

Answer 70

Uses GPS or RFID to define real-world boundaries where barriers can be active or passive

Question 71

CVE

Answer 71

Common Vulnerabilities Exposures

A list of publicly disclosed information, security, vulnerabilities, and exposures

Question 72

Remote Desktop Gateway

Answer 72

Provides a secure connection using the SSL/TLS protocols to the server via RDP

Question 73

In-Band Management

Answer 73

Technology that enables managed devices to be managed by any authorized host that is connected to a non-management network.

Question 74

Out-of-Band Management

Answer 74

Method to connect to and administer a managed device that does not use a standard user-network connected host as the administrative console.

E.g. computer connected to the consul port of a switch or use of a management network

Question 75

LDAP

Answer 75

Lightweight Directory Access Protocol

A database used to centralize information about your clients and your objects on your network

Question 76

How LDAP performs authentication

Answer 76

Validation of a username and password against an LDAP server

Question 77

Kerberos

Answer 77

Performs secure, mutual authentication and authorization within a Windows environment

Question 78

How 802.1x usually provides authentication

Answer 78

EAP provides authentication credentials which are checked against a Radius, LDAP, or TACACS+ server

Question 79

File transfer protocol that supports resuming interrupted transfers

Answer 79

SFTP

Question 80

Attacks stateless firewalls vulnerable to

Answer 80

DoS and IP spoofing

Question 81

Where stateless firewalls are best used

Answer 81

An internal network

Question 82

Biggest difference between RDP and VNC

Answer 82

RDP is a resource-sharing method. Multiple users can independently connect to the same device.
VNC is a screen-sharing method. A remote user can control a device while the local user can watch (and does not lose the ability to control the device). It is useful for tech support and education.

Question 83

TACACS+

Answer 83

Terminal Access Controller Access Control System
A network security protocol used for AAA services

Question 84

3 servers often placed in screened subnets

Answer 84

Email
Web
FTP

Question 85

4 ways IPSs identify intrusions

Answer 85

• Signatures (exact)
• Anomalies (compared to baseline)
• Behaviors (not exact signatures but more general)
• Heuristics (AI learning your network)

Question 86

Technique commonly used in man-in-the-middle attacks

Answer 86

ARP poisoning

Question 87

Private VLAN

Answer 87

A.K.A port isolation
A technique where a VLAN contains switch ports that are restricted to
using a single uplink
- Primary
- Secondary isolated
- Secondary community

Question 88

3 common methods of captive portal implementation

Answer 88

• HTTP redirect
• ICMP redirect
• DNS redirect

Question 89

Authentication protocol designed to send data over insecure networks while using strong native encryption

Answer 89

Kerberos

Question 90

Discovery protocols

Answer 90

Protocols that can get detailed information such as the IP addresses, system version, and device information from supporting devices directly

Question 91

3 primary discovery protocols

Answer 91

• Simple network management protocol (SNMP)
• Link layer discovery protocol (LLDP)
• Ping