Session 3 Flashcards

1
Q

A business need exists for a business to make sure they can be up and running at a moment’s notice in case of a disaster. What type of site needs to be set up?
Choices:

A - Hot
B - Cold
C - Warm
D - Urgent

A

A - Hot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the implementation of policies, controls, and procedures to recover from a disaster called?
Choices:

A - Hot site planning
B - Warm site planning
C - Business continuity planning
D - Disaster recovery planning

A

C - Business continuity planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the most important reason for keeping legacy systems on a separate network segment?
Choices:

A - Legacy systems are often not supported
B - Legacy systems can slow down the network
C - Legacy systems are often incompatible with the current network
D - Legacy systems are often incompatible with the current server operating system

A

A - Legacy systems are often not supported

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A business has five main applications. One is subject to HIPAA requirements. What is the best way to secure the overall network?
Choices:

A - Host the HIPAA application virtually
B - Host the HIPAA application on a different subnet
C - Make sure all five applications conform to HIPAA requirements
D - Train all users in HIPAA requirements, even if they do not use the HIPAA application

A

A - Host the HIPAA application virtually

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What type of update is most common to a router?
Choices:

A - OS
B - Driver
C - Feature
D - Firmware

A

D - Firmware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What type of update is most commonly associated with enhancing device functionality?
Choices:

A - OS
B - Driver
C - Feature
D - Firmware

A

B - Driver

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following updates would be considered a major update?
Choices:

A - 3.1.7
B - 3.0.0
C - 3.1.1
D - 3.1.1.1

A

B - 3.0.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Why should vulnerability patches be installed as soon as possible?
Choices:

A - They fix viruses
B - They offer new features
C - They fix functionality issues
D - They fix potential security threats

A

D - They fix potential security threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In which type of policy do users acknowledge that their network activity is being tracked?
Choices:

A - Network
B - Security
C - Acceptable use
D - Consent to monitoring

A

D - Consent to monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which policy addresses the use of personal USB drives on corporate machines?
Choices:

A - Network
B - Security
C - Acceptable use
D - Consent to monitoring

A

C - Acceptable use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which is the best first step in avoiding user risk in network security?
Choices:

A - Business continuity
B - Vulnerability scanning
C - End-user awareness and training
D - Adherence to standards and policies

A

C - End-user awareness and training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A network administrator is about to make a major update to a server. The administrator wants to take a snapshot of the current configuration so that the update can be rolled back if needed. What is this snapshot called?
Choices:

A - Baseline
B - Graphing
C - Log management
D - Asset management

A

A - Baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which is true about on-boarding and off-boarding a mobile device?
Choices:

A - On-boarding involves placing it on the network while off-boarding involves removing it from the
network
B - On-boarding involves placing it on the network while off-boarding involves removing company-
owned applications and resources
C - On-boarding is the process of getting a mobile device ready for network connectivity while off-
boarding involves removing it from the network
D - On-boarding is the process of getting a mobile device ready for network connectivity while off-
boarding involves removing company-owned applications and resources

A

D - On-boarding is the process of getting a mobile device ready for network connectivity while off-
boarding involves removing company-owned applications and resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the role of a first responder?
Choices:

A - To start chain of custody
B - To start forensics analysis
C - To be the first to collect evidence in an incident
D - To see if a potential security incident is indeed an incident

A

D - To see if a potential security incident is indeed an incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the release of secure information to an untrusted environment known as?
Choices:

A - Data breach
B - Data incident
C - Information breach
D - Information incident

A

A - Data breach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A network administrator wants to exploit weaknesses in network security. What should the administrator conduct?
Choices:

A - Session hijacking
B - Social engineering
C - Penetration testing
D - Vulnerability scanning

A

C - Penetration testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the main method for a denial of service (DoS) attack?
Choices:

A - Turn off all network services
B - Attack and turn off all of the routers in a network
C - Take over the administrator account and change its password
D - Overload a network with traffic so that there is no bandwidth left

A

D - Overload a network with traffic so that there is no bandwidth left

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which is a collection of computers that contain malicious software that can be controlled remotely?
Choices:

A - Botnet
B - Zombie
C - Keylogger
D - Trojan horse

A

A - Botnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A flood of ping requests have come into the network, causing the regular network functionality to slow down, and, in some cases, stop. What is this best described as?
Choices:

A - Botnet
B - Traffic spike
C - Smurf attack
D - Coordinated attack

A

B - Traffic spike

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A user calls the help desk and says that when accessing an internal website, the user is being redirected to a site that is asking for personal information. This is most likely what type of attack?
Choices:

A - DNS
B - Phishing
C - Spoofing
D - ARP cache poisoning

A

A - DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A network attack in which an attacker sends a UDP request to a server managing time and then gets a response containing multiple responses is what type of attack?
Choices:

A - NTP
B - DNS
C - Smurf
D - Kerberos

A

A - NTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A junior network administrator is learning about DoS attacks. The administrator stages an NTP attack. The only problem is the administrator thought he/she was on the testing network but this was done in production. What type of DoS attack is this?
Choices:

A - Inside
B - Physical
C - Distributed
D - Unintentional

A

D - Unintentional

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A DoS attack on a network has taken place. Upon examining the situation, it is determined that the only way to end the attack is to change the IP address of the router on the network. What type of DoS attack has taken place?
Choices:

A - Reflective
B - Distributed
C - Permanent
D - Unintentional

A

C - Permanent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What type of attack involves a TCP attack in which packets are never acknowledged?
Choices:

A - Reflective
B - SYN flood
C - ACK flood
D - Brute force

A

B - SYN flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which type of attack spoofs UDP packets to a network’s broadcast address?
Choices:

A - Fraggle
B - Smurfing
C - Brute force
D - Ping of Death

A

A - Fraggle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A wireless access point added to a network without permission is known as what type of access point?
Choices:

A - Evil twin
B - Smurfing
C - Session hijack
D - Rogue access point

A

D - Rogue access point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A junior network administrator asks a senior network administrator about wardriving. How would the senior network administrator respond?
Choices:

A - Wardriving is the act of driving around looking for evil twins
B - Wardriving is the act of driving around looking for rogue access points
C - Wardriving is the act of driving around looking for an open wireless access point
D - Wardriving is the act of driving around looking for a chalk mark indicating an open wireless

A

C - Wardriving is the act of driving around looking for an open wireless access point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which is the process of sending unsolicited messages over a Bluetooth connection?
Choices:

A - Bluejacking
B - Bluesnarfing
C - Bluehijacking
D - Bluemessaging

A

A - Bluejacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which is the process of gaining unauthorized access to a Bluetooth connection and then viewing, copying, or deleting data?
Choices:

A - Bluejacking
B - Bluesnarfing
C - Bluehijacking
D - Bluemessaging

A

B - Bluesnarfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A person attempting to hack a network is doing so through constantly trying to guess the Administrator account password. What type of attack is taking place?
Choices:

A - Dictionary
B - Brute force
C - Session hijacking
D - Man-in-the-middle

A

B - Brute force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Which is an attack that steals session information from a user and uses it to make the recipient think the original session with the original user is still open?
Choices:

A - Spoofing
B - Zero day attack
C - Session hijacking
D - Session engineering

A

C - Session hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Two users are having an instant message conversation. One user gets up and forgets to lock the machine. A disgruntled employee sits down and keeps the conversation going, obtaining confidential information during the conversation. What type of attack is this?
Choices:

A - Brute force
B - Session hijacking
C - Man-in-the-middle
D - Social engineering

A

C - Man-in-the-middle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which is an attack that uses a VLAN to gain access to resources on other VLANs?
Choices:

A - VLAN hopping
B - VLAN hijacking
C - VLAN smurfing
D - VLAN engineering

A

A - VLAN hopping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which are types of malware that will typically degrade network performance? Choose three.
Choices:

A - Virus
B - Worm
C - Trojan horse
D - Social engineering

A

A - Virus
B - Worm
C - Trojan horse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is often perceived as the biggest threat to network security?
Choices:

A - Open ports
B - Unsecure protocols
C - Disgruntled employees
D - Unnecessary running services

A

C - Disgruntled employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is the best way to reduce vulnerabilities in network services?
Choices:

A - Make sure all services are patched
B - Turn off services that are not needed
C - Make sure all services are encrypted
D - Use a domain account as the service account

A

B - Turn off services that are not needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A network administrator wants to find open ports on a system. What tool should the administrator use?
Choices:

A - Port mapper
B - Port scanner
C - Port replicator
D - Protocol analyzer

A

B - Port scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is a major vulnerability for transferring data through wireless networks?
Choices:

A - Using WEP encryption
B - Unencrypted channels
C - Broadcasting the SSID
D - Turning off MAC filtering

A

B - Unencrypted channels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Which protocol sends a username and password in clear text?
Choices:

A - PAP
B - RSA
C - CHAP
D - MS-CHAP

A

A - PAP

40
Q

Which protocol is not considered secure for logging into UNIX systems?
Choices:

A - SSH
B - SLIP
C - TFTP
D - Telnet

A

D - Telnet

41
Q

Why is it not a good idea to log into a website if the URL starts with HTTP?
Choices:

A - In HTTP, data is encrypted
B - In HTTP, data is not encrypted
C - HTTP does not support biometrics
D - In HTTP, passwords are not covered up when entered

A

B - In HTTP, data is not encrypted

42
Q

A user needs to transfer a file to a business partner, but the file is too large for email. What is a good alternative to email for transferring files?
Choices:

A - FTP
B - SLIP
C - HTTP
D - Telnet

A

A - FTP

43
Q

Which is a better alternative to Telnet given that it is more secure than Telnet?
Choices:

A - SSL
B - SSH
C - SFTP
D - HTTPS

A

B - SSH

44
Q

What does SNMPv3 support that SNMPv2 does not?
Choices:

A - Encryption
B - Automation
C - Accounting
D - Authorization

A

A - Encryption

45
Q

What should a URL start with if a website requires the user to log in?
Choices:

A - FTP
B - HTTP
C - SFTP
D - HTTPS

A

D - HTTPS

46
Q

Which is the switch security feature that limits connectivity to its network to a specific list of IP addresses?
Choices:

A - ARP inspection
B - DHCP snooping
C - IP address filtering
D - MAC address filtering

A

B - DHCP snooping

47
Q

Which switch port security feature, when set up, will drop data packets from invalid IP-to-MAC address bindings?
Choices:

A - ARP inspection
B - DHCP snooping
C - IP address filtering
D - MAC address filtering

A

A - ARP inspection

48
Q

Twenty users are in one building in a LAN; ten are in sales and the other 10 in administrative positions. Their job duties and permission needs to the network differ greatly between the two groups. What is the best way to set two networks up, one for each group?
Choices:

A - Separate the two groups into VLANs
B - Create two subnets, one for each group
C - Set different permissions for each group
D - Create two collision domains, one for each group

A

A - Separate the two groups into VLANs

49
Q

Which are parts of a strong password? Choose three.
Choices:

A - At least one number
B - At least eight characters
C - An expiration every 30 days
D - At least one uppercase letter

A

A - At least one number
B - At least eight characters
D - At least one uppercase letter

50
Q

An antivirus program that is installed on each workstation is known as what type of antimalware program?
Choices:

A - Host-based
B - Cloud-based
C - Server-based
D - Network-based

A

A - Host-based

51
Q

What is the biggest advantage of running antimalware software from the cloud versus running antimalware software from a local server?
Choices:

A - Lower CPU usage
B - Lower RAM usage
C - Lower bandwidth usage
D - Less time to run a virus scan

A

A - Lower CPU usage

52
Q

A new network policy states that guest accounts on the network cannot use the web to check personal e- mail. What should be installed to enforce this policy?
Choices:

A - Router
B - Firewall
C - Proxy server
D - Reverse proxy server

A

C - Proxy server

53
Q

Blocking all attempts to relay traffic through SMTP is an example of which type of filtering?
Choices:

A - IP
B - Port
C - Web
D - Content

A

B - Port

54
Q

When first setting up a network, users are granted access to one specific folder on one specific network drive. All other access has to be approved by management. This is an example of which concept?
Choices:

A - Explicit Deny
B - Explicit Allow
C - Implicit Deny
D - Implicit Allow

A

C - Implicit Deny

55
Q

Which authentication method does EAP not support?
Choices:

A - Tokens
B - Smart cards
C - Digital certificates
D - Fingerprint recognition

A

D - Fingerprint recognition

56
Q

What are advantages to using Kerberos for authentication? Choose three.
Choices:

A - It uses encryption on its messages
B - It is a cross-platform authentication piece
C - It uses multiple sign-ons for authentication
D - It provides secure authentication over insecure networks

A

A - It uses encryption on its messages
B - It is a cross-platform authentication piece
D - It provides secure authentication over insecure networks

57
Q

Which type of authentication is known for single-sign on?
Choices:

A - EAP
B - PAP
C - CHAP
D - Kerberos

A

D - Kerberos

58
Q

Which is a one-way hash that can be used with an encryption protocol?
Choices:

A - EAP
B - PAP
C - SHA
D - MD5

A

C - SHA

59
Q

To make sure all incoming ICMP data packets are blocked, which is the best tool to use?
Choices:

A - NIPS
B - HIDS
C - Firewall
D - Content filter

A

C - Firewall

60
Q

A firewall application running on a desktop is an example of which kind of firewall?
Choices:

A - Host-based
B - Network-based
C - Session-based
D - Application-based

A

A - Host-based

61
Q

What devices on home networks often contain firewall capabilities? Choose two.
Choices:

A - Hub
B - Switch
C - Router
D - Wireless access point

A

C - Router

D - Wireless access point

62
Q

What type of firewall detects applications, users, and devices?
Choices:

A - User-aware
B - Context-aware
C - Software-aware
D - Application-aware

A

B - Context-aware

63
Q

How is a virtual-wire firewall different from a routed firewall?
Choices:

A - Virtual-wire supports NAT
B - Virtual-wire supports layer 3
C - Virtual-wire supports switching
D - Virtual-wire does not need an IP address

A

D - Virtual-wire does not need an IP address

64
Q

What part of a network needs to be accessible to both inside and outside sources in the network?
Choices:

A - DMZ
B - Routed
C - Perimeter
D - Virtual-wire

A

A - DMZ

65
Q

Which type of device will warn an administrator about a possible intrusion on a workstation?
Choices:

A - HIDS
B - NIDS
C - Firewall
D - PacketShaper

A

A - HIDS

66
Q

Which type of device can temporarily shut off a port if it suspects a network attack?
Choices:

A - HIPS
B - NIPS
C - HIDS
D - NIDS

A

B - NIPS

67
Q

Which type of device/service can stop an employee from reaching a gaming website?
Choices:

A - Proxy server
B - Content filter
C - PacketShaper
D - Web redirector

A

B - Content filter

68
Q

Which type of server can cache content and also act as a content filter?
Choices:

A - NAT
B - DNS
C - Proxy
D - DHCP

A

C - Proxy

69
Q

When a firewall is referred to as one that performs UTM, what can it perform besides firewall duties? Choose three.
Choices:

A - Load balancing
B - Content filtering
C - User management
D - Intrusion prevention

A

A - Load balancing
B - Content filtering
D - Intrusion prevention

70
Q

A network diagram that shows all of the cabling, the cabling types, and distances is known as what diagram?
Choices:

A - Logical topology
B - Cabling diagram
C - Physical topology
D - Wiring schematic

A

D - Wiring schematic

71
Q

What will an IP address utilization document most likely contain?
Choices:

A - A list of DNS servers
B - A list of DHCP scopes
C - IP addresses of every device on the network
D - IP addresses of every device on the network with a static IP address

A

D - IP addresses of every device on the network with a static IP address

72
Q

System manuals, support manuals, and instructional books are examples of what type of documentation?
Choices:

A - Training manuals
B - Vendor documentation
C - Application documentation
D - Manufacturer documentation

A

B - Vendor documentation

73
Q

What type of network authentication provides for port-based authentication?
Choices:

A - 802.1q
B - 802.1w
C - 802.1X
D - 802.1ac

A

C - 802.1X

74
Q

What is evaluated during a posture assessment on a system? Choose two.
Choices:

A - Settings
B - Equipment
C - Applications
D - Vulnerabilities

A

A - Settings

C - Applications

75
Q

A user logs into a college campus computer. None of the information is saved when the user logs out. What type of agent is running on the computer?
Choices:

A - Guest
B - Persistent
C - Quarantine
D - Nonpersistent

A

D - Nonpersistent

76
Q

A user attempts to connect to the corporate network from a home machine. The remote access server discovers that the home machine’s antivirus software is not up to date. What type of network can the remote access server connect the home machine to until it updates its antivirus software?
Choices:

A - Edge network
B - Guest network
C - Update network
D - Quarantine network

A

D - Quarantine network

77
Q

Upon conducting a security review, the head of security notices that there is a lot of tailgating going on at the building’s main entrance. What should be set up in order to mitigate tailgating?
Choices:

A - Mantrap
B - Video monitor
C - Security guard
D - Door access control

A

A - Mantrap

78
Q

Which is the best type of authority figure to use an access list to control who is allowed in a building?
Choices:

A - Key fob
B - ID badges
C - Security guard
D - Door access control

A

C - Security guard

79
Q

Protection in a Building Besides the front door and data-confidential areas, what is considered the most important room to protect in a building?
Choices:

A - Mantrap
B - Security room
C - Network closet
D - Video monitoring room

A

C - Network closet

80
Q

The protection of computer centers and network closets, key fobs, keypads, cipher locks, and biometrics are all examples of what?
Choices:

A - Door locks
B - Multiple barriers
C - Proximity readers
D - Door access controls

A

D - Door access controls

81
Q

Which devices allows entrance to a building based on seeing an ID card or badge?
Choices:

A - Key fob
B - Cipher lock
C - Keypad lock
D - Proximity reader

A

D - Proximity reader

82
Q

What type of door access control involves entering a code on the lock in order to access a room?
Choices:

A - Key fob
B - Biometrics
C - Cipher lock
D - Proximity reader

A

C - Cipher lock

83
Q

An electrical outlet that is typically orange signifies a dedicated ground. What is the purpose of a dedicated ground?
Choices:

A - A sag on this ground does not affect any other device
B - A blackout on this ground does not affect any other device
C - A brownout on this ground does not affect any other device
D - A spike sent to this ground does not affect any other device

A

D - A spike sent to this ground does not affect any other device

84
Q

What should a technician wear in order to avoid ESD while working on hardware?
Choices:

A - Antistatic vest
B - Antistatic smock
C - Antistatic gloves
D - Antistatic wrist strap

A

D - Antistatic wrist strap

85
Q

Which is a best practice when installing racks?
Choices:

A - Avoid stacking racks too high
B - Follow the manufacturer’s manual
C - Make the rack fit in the space given
D - Use the tools that come with the rack

A

B - Follow the manufacturer’s manual

86
Q

What should be taken into consideration when placing servers in a server room? Choose three.
Choices:

A - Safety
B - Air flow
C - Electrical access
D - Grouping the servers

A

A - Safety
B - Air flow
C - Electrical access

87
Q

In case of an emergency, what should be posted and known so that people know where the emergency exits are?
Choices:

A - Fail open
B - Fail close
C - Server room
D - Building layout

A

D - Building layout

88
Q

Which part of a building layout shows ways to get out of a building should a fire start?
Choices:

A - Fire escape plan
B - Fail open/Fail close
C - Emergency alert system
D - Fire suppression system

A

A - Fire escape plan

89
Q

A UPS generating power in the case of an outage is what type of fail system?
Choices:

A - Fail safe
B - Fail open
C - Fail closed
D - Fail on demand

A

B - Fail open

90
Q

In emergency alert systems, which extinguisher system requires a sealed environment to operate?
Choices:

A - Gas-based
B - Foam-based
C - Water-based
D - Chemical-based

A

A - Gas-based

91
Q

What types of HVACs condition a server room for humidity levels?
Choices:

A - ARV
B - ERV
C - CRV
D - HRV

A

B - ERV

92
Q

Who is the person whose duty is to see if a security incident is indeed an incident?
Choices:

A - First responder
B - Forensics analyst
C - Evidence collector
D - Security administrator

A

A - First responder

93
Q

A network administrator has secured an area after a security incident. What should the network administrator immediately start doing?
Choices:

A - Collect evidence
B - Escalate the case
C - Transport the data
D - Document the scene

A

D - Document the scene

94
Q

What site helps with steps to recover after a computer has been compromised?
Choices:

A - www.fbi.gov
B - www.cert.org
C - www.iana.org
D - www.us-cert.gov

A

B - www.cert.org

95
Q

Which is the process of logging who has evidence, who has seen evidence, and where the evidence has been?
Choices:

A - Data transport
B - Data collection
C - Forensics report
D - Chain of custody

A

D - Chain of custody

96
Q

Besides physical security, what can be used to secure data during transport?
Choices:

A - Encryption
B - Legal hold
C - Backup copies
D - Documentation

A

A - Encryption

97
Q

What is the process in which data needs to be kept for evidence even long after an incident takes place known as?
Choices:

A - Legal hold
B - Data collection
C - Chain of custody
D - Forensics report

A

A - Legal hold