Network Security Operations

Question 1

Which type of firewall initiates a new connection on behalf of the client and presents its own IP to the server when a client initiates a connection to a server?

Answer 1

Circuit level

Question 2

Which feature of a firewall allows an organization to use private non-routable networks while enabling communication to the internet?

Answer 2

Port Address Translation (PAT)

Question 3

What is the meaning of “state” when referring to stateful inspection in firewalls?

Answer 3

It refers to the connection state of a conversation between two computers.

Question 4

What can a user install to detect malicious software?

Answer 4

Antivirus

Question 5

Which feature of a network intrusion prevention system (NIPS) uses a lists of known bad IP addresses to protect the network?

Answer 5

Reputation-based prevention

Question 6

A company provides access to employees’ tax and personal information via a public-facing web portal.

What should the company implement to encrypt employees’ web access to this information?

Answer 6

Transport layer security (TLS)

Question 7

Which attack tricks a client into mapping an IP address to a spoofed MAC address?

Answer 7

ARP spoofing

Question 8

Which type of port has access to all VLANs by default in a traditional layer 2 switch?

Answer 8

Trunk

Question 9

Which cloud feature is used to prevent data loss and provide for data retrieval in the event of a disaster?

Answer 9

Data backups and archives

Question 10

Which cloud-hosting model provides exclusive cloud access for a single company?

Answer 10

Private

Question 11

What should a cloud provider use to secure data in flight?

Answer 11

Private key encryption

Question 12

Which type of wireless security protocol is the most secure?

Answer 12

WPA2 + AES

Question 13

Which statement is true when comparing AES encryption to Triple DES (3DES)?

Answer 13

AES requires less CPU utilization and uses a larger block size than 3DES.

Question 14

What is the best defense against fake access attacks?

Answer 14

Never use unsecured Wi-Fi hotspots.

Question 15

Which type of firewall technology reads and analyzes the actual content of a message before forwarding to its destination?

Answer 15

Proxy servers

Question 16

An organization’s IT department is concerned that malicious insiders may be using elevated access rights.

Which security control can be used to draw attacks away from critical systems?

Answer 16

Honeypots

Question 17

Which network device is usually placed in-line between a trusted network and an untrusted network?

Answer 17

Firewall

Question 18

What is end-to-end encryption?

Answer 18

Data is encrypted on the sender’s system and only the recipient is able to decrypt it.

Question 19

Which phrase describes unencrypted data?

Answer 19

In the clear

Question 20

An adminstrator fails to configure protection for usernames and passwords transmitted across the network.

Which component of the AAA model is weakened?

Answer 20

Authentication

Question 21

A user is mistakenly granted access to customer accounts not required for his duties.

Which component of the AAA model is violated?

Answer 21

Authorization

Question 22

What device creates an array of MAC addresses and functions on the Data Link layer?

Answer 22

Switch

Question 23

What device connects 2 or more networks, but does not analyze the information? On Layer 2.

Answer 23

Bridge

Question 24

What device takes packets from the router and sends it to devices on network?

Answer 24

Hub

Question 25

What layer of the OSI model does the router function on?

Answer 25

Layer 3/ Network

Question 26

What layer of the OSI model does the modem function on?

Answer 26

Physical/Layer 1

Question 27

Describe the speed and distance of Cat5 cables.

Answer 27

100 mpbs/ 100 meters

Question 28

Describe the speed and distance of Cat5e cables.

Answer 28

Double twisted pairs. 1 gps over 100 meters. Used for switch/hub/router

Question 29

What are Cat6 cables used for?

Answer 29

Ethernet LANs and Data centers

Question 30

How many tightly woven pairs are in Cat6 cables?

Answer 30

4

Question 31

What is the speed and distance of Cat6 cables?

Answer 31

1 gps/100 meters.

Question 32

what does the traceroute or tracert command do?

Answer 32

traces the route an IP packet takes to the destination.

Question 33

What command is tracepath similar to?

Answer 33

tracert

Question 34

What command provides user w/ the IP, subnet mask and default gateway?

Answer 34

ipconfig