Practice Questions 13-24 Flashcards
An administrator needs to grant users access to different servers based on their job functions? Which access control model is the BEST choice? A. Discretionary access control B. Mandatory access control C. Role-based access control D. Rule Based access control
Role based is the best choice for assigning access based job functions.
You configure access control for users in your organization Some departments have a high employee turnover, so you want to simplify account administrator. Which is the best choice? A. User-assigned privilege B. Group-based privileges C. Domain assigned privileges D. Network- assigned privilege s
Group based privileges are a form of role-based access control that simplifies administration.
The Mapple organization is creating a help-desk team to assist employees with account issues. Members of his team need to create and modify user accounts and occasionally reset users password. Which Iis the BEST way to accomplish this goal?
A.Give each help-desk employee appropriate privileges individually
B. Add members of the help desk team to a security group that has the appropriate privileges.
C. Add each member of the help desk team to the administrator group within the domain
D. Assign attributes to members of the group and give these attributes appropriate privileges .
The best solution is to add members of the help desk tea, tp a security group that has been the appropriate privileges.
Lisa wants to manage and monitor switches and router in her network. Which protocol would she use? A. NAT B. SRTP C. SNMPv3 D. DNSSEC
SNMPv3 monitors and manages network devices.
Your organization has several switches within the network. You need to implement a security control to prevent unauthorized access to these switches. Which is the BEST choice to meet this need? A. Disable unused ports. B.Implement an implicit deny rules C. Disable STP D. Enable SSH
Disabling unused physical. ports on the switches prevents the connection if someone plugs their computer into an unused disable port.
You are troubleshooting a network connectivity issue and find that when you try to ping a remote server, it fails. You suspect that an ACL within a router may be blocking some traffic. Which would give you this symptom? A. The router is blocking DNS traffic B. The router is blocking ICMP traffic C. The router is blocking SSH traffic D. The router is blocking SFTP traffic
The router is blocking ICMP traffic, which is used by ping.
Your network currently has dedicated firewall protecting access to a web server. It is currently configured with only the following two rules in the ACL: PERMITTCPANY ANY 443 PERMIT TCP ANY ANY 80. You have detected DNS requests and zone transfer requests coming through the firewall and you need to block. Which of the following would meet this goal? Select 2.
A. Add the following rule to firewall: DENYTCP all all 53
B. Add the following: DENYUDP all all 53
C. Add the following to firewall: DENYTCP all all 53
D. Add the following to firewall : DENYIP all all 53
E. Add an implicit deny rule at the end of the ACL.
Adding the following rule to the firewall : DENY IP ALL ALL 53 is the easiest way to to add implicit deny rule at the end of the access control list and all firewalls should have this to block all unwanted traffic.
You can deny all IP traffic using port DENY IP ALL ALL 53.
Your organization wants to combine some of the security controls used to control incoming and outgoing network traffic. At the minimum, the solution should include malware inspection, content inspection and DDoS mitigator. Which BEST meets this goal? A. VLAN B. NAT C. UTM D. DNSSEC
A UTM device combines multiple security controls into a single device.
Your email server is getting overloaded with spam and much of it is malicious. You need to implement a solution that can help reduce the amount of spam recaching the email server. Which is the BEST choice? A. Reverse proxy B. Media gateway C. Web application firewall D. Mail gateway
A mail gateway is placed between an email server and the Internet and it can filter out spam.
Your organization has dedicated classroom used for teaching computer classes. Students include internal employees and visiting guest. Security administrators recently discovered that students were unplugging the network cable from some classroom computers and plugging the network cable into their laptop computers, giving them access to network resources. Which is the BEST solution to prevent this activity? A. Flood guard B. VLAN C. Port Security D.Loop Protection
Using port security is the best solution because classroom computers should be configured to only the MAC addresses of the corresponding classroom computers.
A HIDS reported a vulnerability on a system based on a known attack. After researching the alert from the HIDS, you identify the recommended solution and begin applying it. What type of HIDS is in use? A. Network-based B. Signature-based C. Heuristic-based D. Anomaly-based
If HIDS identifies a known issues it is using Signature-based detection.
After recently adding additional network devices, administrators noticed an increased workload related to their IDs. Which can cause an increased workload from incorrect reporting? A. False negative B. False positive C. Signature-based IDS D. Behavior-based IDS
False positives from an IDS can cause an increased workload because they falsely indicate an alert has occurred.
