Practice Test 6

Question 1

Which of the answers listed below illustrates the difference between passive and active security breach response?

HIPS vs. NIPS
UTM vs. Firewall
CSMA/CD vs. CSMA/CA
IDS vs. IPS

Answer 1

IDS vs. IPS

Intrusion Detection System
vs
Intrusion Prevention Systems

Question 2

Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack?

NIPS
HIDS
NIDS
NIST

Answer 2

NIPS

Network-based Intrusion Prevention System

Question 3

Which of the actions listed below can be taken by an IDS? (Select 2 answers)

Firewall reconfiguration
Closing down connection
Logging
Terminating process
Sending an alert

Answer 3

Logging

Sending an alert

Question 4

A type of IDS that relies on predetermined attack patterns to detect intrusions is referred to as a signature-based IDS.

True
False

Answer 4

True

Question 5

An IDS that detects intrusions by comparing network traffic against the previously established baseline can be classified as: (Select all that apply)

Heuristic
Anomaly-based
Behavioral
Signature-based

Answer 5

Heuristic
Anomaly-based
Behavioral

Question 6

A security administrator configured an IDS to receive traffic from a network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the IDS? (Select 2 answers)

In-band
Passive
Inline
Out-of-band

Answer 6

Passive

Out-of-band

Question 7

An antivirus software identifying non-malicious file as a virus due to faulty virus signature file is an example of:

Fault tolerance
False positive error
Quarantine function
False negative error

Answer 7

False positive error

Question 8

Which of the following terms refers to a situation where no alarm is raised when an attack has taken place?

False negative
True positive
False positive
True negative

Answer 8

False negative

Question 9

A device designed to filter and transfer IP packets between dissimilar types of computer networks is called:

Hub
Switch
Load balancer
Router

Answer 9

Router

Question 10

Routers operate at: (Select 2 answers)

Physical layer of the OSI model
Application layer of the OSI model
Layer 3 of the OSI model
Network layer of the OSI model
Layer 5 of the OSI model

Answer 10

Layer 3 of the OSI model

Network layer of the OSI model

Question 11

Which of the acronyms listed below refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?

CRL
NAT
BCP
ACL

Answer 11

ACL

Question 12

Which of the following answers applies to a Rule-Based Access Control (RBAC) mechanism implemented on routers, switches, and firewalls?

ACL
CSR
DLP
AUP

Answer 12

ACL

Question 13

What type of network traffic filtering criteria can be set on a router?

Filtering by IP address
Filtering by network protocol
Filtering by subnet
Filtering by logical port number
All of the above

Answer 13

All of the above

Question 14

A properly configured antispoofing mechanism on a router should block Internet traffic from IP addresses in the range of:

10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
All of the above

Answer 14

All of the above

Question 15

Which of the answers listed below refers to a data link layer (layer 2) device designed to forward data packets between Local Area Network (LAN) segments?

Router
Hub
Switch
Repeater

Answer 15

Switch

Question 16

Which of the following answers applies to a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?

IEEE 802.1X
IEEE 802.11ac
IEEE 802.1D
IEEE 802.11x

Answer 16

IEEE 802.1X

Question 17

The process of securing networking devices should include the practice of disabling unused physical ports.

True
False

Answer 17

True

Question 18

A network switch equipped with the routing capability is sometimes referred to as a layer 3 switch.

True
False

Answer 18

True

Question 19

Which of the following protocols provide protection against switching loops? (Select 2 answers)
RTP
SRTP
RDP
STP
RSTP

Answer 19

STP

RSTP

Question 20

What is the name of a security mechanism that protects a network switch against populating its MAC table with invalid source addresses?

Honeypot
Firewall
Flood guard
Antivirus

Answer 20

Flood guard

Question 21

In computer networking, a computer system or an application that acts as an intermediary between another computer and the Internet is commonly referred to as:

Bridge
Active hub
Server
Proxy

Answer 21

Proxy

Question 22

Which of the following statements describe the function of a forward proxy? (Select 2 answers)

Acts on behalf of a client
Hides the identity of a client
Acts on behalf of a server
Hides the identity of a server

Answer 22

Acts on behalf of a client

Hides the identity of a client

Question 23

Which of the statements listed below describe the function of a reverse proxy? (Select 2 answers)

Acts on behalf of a client
Hides the identity of a server
Acts on behalf of a server
Hides the identity of a client

Answer 23

Hides the identity of a server

Acts on behalf of a server

Question 24

What are the characteristic features of a transparent proxy? (Select all that apply)

Doesn’t require client-side configuration
Modifies client’s requests and responses
Redirects client’s requests and responses without modifying them
Clients might be unaware of the proxy service
Requires client-side configuration

Answer 24

Doesn’t require client-side configuration

Redirects client’s requests and responses without modifying them

Clients might be unaware of the proxy service

Question 25

A nontransparent proxy: (Select 2 answers)

Modifies client’s requests and responses
Doesn’t require client-side configuration
Requires client-side configuration
Redirects client’s requests and responses without modifying them

Answer 25

Modifies client’s requests and responses

Requires client-side configuration