Preassessment Flashcards

1
Q

Which type of ethernet cable can maintain 10 Gbps transmission speeds through the course of its maximum 100-meter length?

A

Cat 6a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which internet access technology uses ordinary telephone wires for data transmission?

A

DSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which device is used to organize network cables as they run between switches and other network devices??

A

Patch panel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which network device is used to connect two or more network segments by performing OSI layer 3 functions like packet forwarding?

A

Router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which network device is used to convert between digital information from my LAN and analog signals for transmission over a standard telephone wire?

A

Modem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which device could be used to send commands to the mainframe for remote execution in early mainframe installations?

A

Dumb terminals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which device is responsible for implementing network address translation?

A

Router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which OSI layer is related to the function of the IP protocol suite?

A

Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which OSI layer is responsible for organizing how bits are passed over the physical layer between devices within the same collision domain?

A

Data link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which OSI layer would define the scope of a protocol that makes sure packets of data are received correctly and resends them if they are not?

A

Transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which protocol suite performs functions of OSI layer 4?

A

TCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which command should be used to manually enter the default gateway for a computer?

A

route

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which network diagnostic tool displays the path packets take between two endpoints?

A

traceroute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which network type is used to wire multiple PCs to a home router?

A

LAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An office’s infrastructure connects network devices and printers through a central access point without the use of cabling. Which network type does this office use?

A

WLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What type of medium is commonly used within a 1,000 Mbps Ethernet network?

A

CAT5e

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which network topology is being implemented when each node connects to exactly two other nodes forming a single continuous pathway for signals through each node?

A

Ring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In which physical LAN topology are nodes connected to each other with a backbone cable that loops around and ends at the same point it started?

A

Ring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which cloud service provides hardware, operating systems and web servers but not end user applications?

A

IaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which cloud model provides an exclusive cloud computing service environment that is shared between two or more organizations?

A

Community

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which type of software is used to provide virtualization?

A

Hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which OSI layer ensures error-free packets?

A

Transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which topology uses a switch or hub to connect to all devices in the same network?

A

Star

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A user that does not want to be identified while communicating on a network uses an application to alter the computers identity. Which type of exploit is being perpetrated?

A

Spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

An attacker attempts to misdirect traffic on a network back to the attacker by corrupting the network computers cache of IP addresses to MAC address mappings that are cached. Which exploit is the attacker perpetrating?

A

ARP Poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which exploit actually breaches the physical medium or uses devices to monitor signals from outside the physical medium itself?

A

Wire tapping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which type of attack can overwhelm a web server by inserting more data into a web form then the system was configured to hold?

A

Buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which type of attack sends an email claiming to be from a reputable business in order to entice the recipient to provide sensitive information?

A

Phishing

29
Q

A user on a network is planning to launch an exploit against a co-worker in a neighboring department. The user needs to identify the IP address of a co-worker in the desired department. Which tool or utility will allow the user to watch network traffic in real time to identify a target?

A

Sniffer

30
Q

Which group of attackers is typically used for penetration testing?

A

Red team

31
Q

Which type of attack exploits an unpatched software vulnerability?

A

Zero day

32
Q

A company has the policy that all new user passwords are P@ssw0rd but does not require new users to change their password. An employee randomly tries a co-worker’s account with the new user password to see if they can log in as the co-worker. Which type of vulnerability does this create?

A

Default password

33
Q

An employee that does not want to miss emails from important clients sets up her cellular smartphone to allow her to check her email. Unfortunately, she does not install antivirus software on the cell phone. What type of vulnerability is represented?

A

BYOD/Mobile

34
Q

What is the definition of vulnerability in computer security?

A

It is a weakness which can be exploited by a threat such as an attacker to perform unauthorized actions within a computer system

35
Q

What is required to establish a secure connection to a remote network over an insecure link?

A

Virtual private network (VPN) service

36
Q

An organization is concerned about brute force attacks. How should the organization counter this risk?

A

Institute a login policy that locks users out of an account after three failed password attempts

37
Q

An organization suffers a social engineering attack that results in a cyber criminal gaining access to its networks and to its customers private information. How can the organization mitigate this risk in the future?

A

Provide regular cyber security training for employees

38
Q

An attacker plans to exploit flaws in an operating system to gain access to a user’s computer system. What is a prevention mechanism for this type of attack?

A

Patching

39
Q

An unauthorized third party has gained access to a company network. How can they be prevented from deleting data?

A

Access controls

40
Q

An attacker has gained access to the passwords of several employees of a company through a brute force attack, which authentication method would keep the attacker from accessing the employees devices

A

Multi-factor authentication (MFA)

41
Q

After downloading a CD burning program, a user notices that someone is remotely accessing the computer during night time hours. Which type of malware is likely found in the CD software?

A

Trojan horse

42
Q

A user is working on a home computer. When another user seems to open an application to view documents on the same computer, the user immediately suspects that a back door into the computer exists. Which action should be taken first to deal with the problem?

A

Unplug the PC’s network connection

43
Q

A user receives an email from an unknown bank saying that the user’s account with the bank has been compromised. The user suspects this is a phishing exploit. How should the user safely proceed?

A

Open a new browser page, navigate to the bank’s website and acquire legitimate contact information to report the email

44
Q

A malicious user was able to lock a user’s account after guessing the user’s password multiple times unsuccessfully. Which category of the CIA triad did the malicious user target in this attack?

A

Availability?

45
Q

Which category of the CIA triad is affected when an unauthorized user changes the data within a read-only file?

A

Integrity

46
Q

An analyst has identified an active denial of service attack. Which category of the CIA triad is affected?

A

Availability

47
Q

While investigating a security incident, a technician discovers an unauthorized packet capturing tool on the network. Which category of the CIA triad is being attacked?

A

Confidentiality

48
Q

Which type of firewall initiates a new connection on behalf of the client and presents its own IP to the server when a client initiates a connection to a server?

A

Circuit level

49
Q

Which feature of a firewall allows an organization to use private non-routable networks while enabling communication to the internet?

A

Port address translation (PAT)

50
Q

What is the meaning of “state” when referring to stateful inspection in firewalls?

A

It refers to the connection state of a conversation between two computers

51
Q

What can I use or install to detect malicious software?

A

Antivirus

52
Q

Which feature of a network intrusion prevention system uses a list of known bad IP addresses to protect the network?

A

Reputation-based prevention

53
Q

Which attack tricks a client into mapping an IP address to a spoofed MAC address?

A

ARP spoofing

54
Q

Which type of port has access to all VLANs by default in a traditional two layer switch?

A

Trunk

55
Q

A company provides access to employees, tax and personal information via a public facing web portal. What should the company implement to encrypt employees web access to this information?

A

Transport layer security (TLS)

56
Q

Which cloud feature is used to prevent data loss and provide for data retrieval in the event of a disaster?

A

Data backups and archives

57
Q

Which cloud hosting model provides exclusive cloud access for a single company?

A

Private

58
Q

What should a cloud provider use to secure data in flight?

A

Private key encryption

59
Q

Which type of wireless security protocol is the most secure?

A

WPA2 + AES

60
Q

Which statement is true when comparing AES encryption to Triple DES (3DES)

A

AES requires less CPU utilization and uses a larger block size than 3DES

61
Q

What is the best defense against fake access attacks?

A

Never use unsecured Wi-Fi hotspots

62
Q

Which network device is usually placed in line between the trusted network and an untrusted network?

A

Firewall

63
Q

Which type of firewall technology reads and analyzes the actual content of a message before forwarding to its destination?

A

Proxy servers

64
Q

An organization’s IT department is concerned that malicious insiders may be using elevated access rights. Which security control can be used to draw attacks away from critical systems?

A

Honey pots

65
Q

What is end to end encryption?

A

Data is encrypted on the sender system and only the recipient is able to decrypt it

66
Q

Which phrase describes unencrypted data?

A

In the clear

67
Q

An administrator fails to configure protection for usernames and passwords transmitted across the network. Which component of the AAA model is weakened?

A

Authentication

68
Q

A user is mistakenly granted access to customer accounts not required for his duties. Which component of the AAA model is violated?

A

Authorization