Secure Network Administration Flashcards

1
Q

You need to set up a secure FTP server to allow your company’s clients to upload their files. Which of the following FTP protocols would you use?

SFTP

FTP

TFTP

A

SFTP

SFTP is used to encrypt FTP sessions with SSH (Secure Shell). The other methods (FTP, TFTP, and FTP over HTTP) are not secure and communicate in clear text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You want to secure one of your network switch segments to only allow access from specific clients on the development network. Which of the following should you implement?

Create a firewall rule to restrict access to the switch ports.

Create a VLAN for the entire development network.

Restrict the switch port access to the MAC addresses of the clients.

A

Restrict the switch port access to the MAC addresses of the clients.

You should enable MAC address security on your switch ports to only allow the hardware addresses of the specific clients on the development network to access those ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

It is discovered that your primary router has a serious software vulnerability that makes it susceptible to denial-of-service attacks. What should you do to resolve the issue?

Disable SNMP.

Enable flood protection.

Update the firmware.

A

Update the firmware.

If a documented vulnerability is found in a network device’s firmware or operating system, it should be updated or a patch applied to fix the bug to prevent the device from being compromised

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Your web server is being flooded by a denial-of-service attack. Using a network analyzer, you see that there are IP broadcast replies being sent back to the address of your server from multiple addresses. Which type of network attack is this?

Man-in-the-middle

Back door

Smurf

A

Smurf

A smurf attack uses a spoof attack combined with a DDoS attack to exploit the use of IP broadcast addressing and ICMP. By spoofing the address of the web server in an IP broadcast, the attacker causes all the replies from other systems on the network to the broadcast to be sent back to the web server, causing a denial of service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When you’re creating firewall rules, which of the following principles should be applied to maximize security by blocking all traffic and only allowing access as required?

Implicit deny

Explicit deny

Unauthenticated deny

A

Implicit deny

Implicit deny means that anything that is not explicitly defined in an access rule is denied. This denies all access by default, until you apply access rules for only the specific services required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

During a denial-of-service attack, a network administrator blocks the source IP with the firewall, but the attack continues. What is the most likely cause of the problem?

The denial-of-service worm has already infected the firewall locally.

The attack is coming from multiple distributed hosts.

A firewall can’t block denial-of-service attacks.

A

The attack is coming from multiple distributed hosts.

A distributed denial-of-service (DDoS) attack comes from multiple geographically distributed hosts, making it difficult for the network administrator to block it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You have just performed a security port scan on your e-mail server. Which of the following services and ports that appeared in the test as open and accepting connections should be disabled?

TCP port 21

TCP port 25

TCP port 110

A

TCP port 21

TCP port 21 (FTP) is not required on your e-mail server, and it should be disabled to prevent hackers from connecting to the e-mail server on this port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your network router can be remotely configured through a web browser. Which of the following would be the most secure method for remote access?

HTTP connection

Telnet

HTTPS connection

A

HTTPS connection

Of the options listed, the most secure would be the HTTPS connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A few systems have been infected with malware; log analysis indicates the users all visited the same legitimate website to order office supplies. What is the most likely attack the users have fallen victim to?

Replay

Watering hole

ARP poisoning

A

Watering hole

The users most likely fell victim to a watering hole attack. The third-party supplier could be hosting malware with your organization as the target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly