Session 3 Flashcards
A business need exists for a business to make sure they can be up and running at a moment’s notice in case of a disaster. What type of site needs to be set up?
Choices:
A - Hot
B - Cold
C - Warm
D - Urgent
A - Hot
What is the implementation of policies, controls, and procedures to recover from a disaster called?
Choices:
A - Hot site planning
B - Warm site planning
C - Business continuity planning
D - Disaster recovery planning
C - Business continuity planning
What is the most important reason for keeping legacy systems on a separate network segment?
Choices:
A - Legacy systems are often not supported
B - Legacy systems can slow down the network
C - Legacy systems are often incompatible with the current network
D - Legacy systems are often incompatible with the current server operating system
A - Legacy systems are often not supported
A business has five main applications. One is subject to HIPAA requirements. What is the best way to secure the overall network?
Choices:
A - Host the HIPAA application virtually
B - Host the HIPAA application on a different subnet
C - Make sure all five applications conform to HIPAA requirements
D - Train all users in HIPAA requirements, even if they do not use the HIPAA application
A - Host the HIPAA application virtually
What type of update is most common to a router?
Choices:
A - OS
B - Driver
C - Feature
D - Firmware
D - Firmware
What type of update is most commonly associated with enhancing device functionality?
Choices:
A - OS
B - Driver
C - Feature
D - Firmware
B - Driver
Which of the following updates would be considered a major update?
Choices:
A - 3.1.7
B - 3.0.0
C - 3.1.1
D - 3.1.1.1
B - 3.0.0
Why should vulnerability patches be installed as soon as possible?
Choices:
A - They fix viruses
B - They offer new features
C - They fix functionality issues
D - They fix potential security threats
D - They fix potential security threats
In which type of policy do users acknowledge that their network activity is being tracked?
Choices:
A - Network
B - Security
C - Acceptable use
D - Consent to monitoring
D - Consent to monitoring
Which policy addresses the use of personal USB drives on corporate machines?
Choices:
A - Network
B - Security
C - Acceptable use
D - Consent to monitoring
C - Acceptable use
Which is the best first step in avoiding user risk in network security?
Choices:
A - Business continuity
B - Vulnerability scanning
C - End-user awareness and training
D - Adherence to standards and policies
C - End-user awareness and training
A network administrator is about to make a major update to a server. The administrator wants to take a snapshot of the current configuration so that the update can be rolled back if needed. What is this snapshot called?
Choices:
A - Baseline
B - Graphing
C - Log management
D - Asset management
A - Baseline
Which is true about on-boarding and off-boarding a mobile device?
Choices:
A - On-boarding involves placing it on the network while off-boarding involves removing it from the
network
B - On-boarding involves placing it on the network while off-boarding involves removing company-
owned applications and resources
C - On-boarding is the process of getting a mobile device ready for network connectivity while off-
boarding involves removing it from the network
D - On-boarding is the process of getting a mobile device ready for network connectivity while off-
boarding involves removing company-owned applications and resources
D - On-boarding is the process of getting a mobile device ready for network connectivity while off-
boarding involves removing company-owned applications and resources
What is the role of a first responder?
Choices:
A - To start chain of custody
B - To start forensics analysis
C - To be the first to collect evidence in an incident
D - To see if a potential security incident is indeed an incident
D - To see if a potential security incident is indeed an incident
What is the release of secure information to an untrusted environment known as?
Choices:
A - Data breach
B - Data incident
C - Information breach
D - Information incident
A - Data breach
A network administrator wants to exploit weaknesses in network security. What should the administrator conduct?
Choices:
A - Session hijacking
B - Social engineering
C - Penetration testing
D - Vulnerability scanning
C - Penetration testing
What is the main method for a denial of service (DoS) attack?
Choices:
A - Turn off all network services
B - Attack and turn off all of the routers in a network
C - Take over the administrator account and change its password
D - Overload a network with traffic so that there is no bandwidth left
D - Overload a network with traffic so that there is no bandwidth left
Which is a collection of computers that contain malicious software that can be controlled remotely?
Choices:
A - Botnet
B - Zombie
C - Keylogger
D - Trojan horse
A - Botnet
A flood of ping requests have come into the network, causing the regular network functionality to slow down, and, in some cases, stop. What is this best described as?
Choices:
A - Botnet
B - Traffic spike
C - Smurf attack
D - Coordinated attack
B - Traffic spike
A user calls the help desk and says that when accessing an internal website, the user is being redirected to a site that is asking for personal information. This is most likely what type of attack?
Choices:
A - DNS
B - Phishing
C - Spoofing
D - ARP cache poisoning
A - DNS
A network attack in which an attacker sends a UDP request to a server managing time and then gets a response containing multiple responses is what type of attack?
Choices:
A - NTP
B - DNS
C - Smurf
D - Kerberos
A - NTP
A junior network administrator is learning about DoS attacks. The administrator stages an NTP attack. The only problem is the administrator thought he/she was on the testing network but this was done in production. What type of DoS attack is this?
Choices:
A - Inside
B - Physical
C - Distributed
D - Unintentional
D - Unintentional
A DoS attack on a network has taken place. Upon examining the situation, it is determined that the only way to end the attack is to change the IP address of the router on the network. What type of DoS attack has taken place?
Choices:
A - Reflective
B - Distributed
C - Permanent
D - Unintentional
C - Permanent
What type of attack involves a TCP attack in which packets are never acknowledged?
Choices:
A - Reflective
B - SYN flood
C - ACK flood
D - Brute force
B - SYN flood
Which type of attack spoofs UDP packets to a network’s broadcast address?
Choices:
A - Fraggle
B - Smurfing
C - Brute force
D - Ping of Death
A - Fraggle
A wireless access point added to a network without permission is known as what type of access point?
Choices:
A - Evil twin
B - Smurfing
C - Session hijack
D - Rogue access point
D - Rogue access point
A junior network administrator asks a senior network administrator about wardriving. How would the senior network administrator respond?
Choices:
A - Wardriving is the act of driving around looking for evil twins
B - Wardriving is the act of driving around looking for rogue access points
C - Wardriving is the act of driving around looking for an open wireless access point
D - Wardriving is the act of driving around looking for a chalk mark indicating an open wireless
C - Wardriving is the act of driving around looking for an open wireless access point
Which is the process of sending unsolicited messages over a Bluetooth connection?
Choices:
A - Bluejacking
B - Bluesnarfing
C - Bluehijacking
D - Bluemessaging
A - Bluejacking
Which is the process of gaining unauthorized access to a Bluetooth connection and then viewing, copying, or deleting data?
Choices:
A - Bluejacking
B - Bluesnarfing
C - Bluehijacking
D - Bluemessaging
B - Bluesnarfing
A person attempting to hack a network is doing so through constantly trying to guess the Administrator account password. What type of attack is taking place?
Choices:
A - Dictionary
B - Brute force
C - Session hijacking
D - Man-in-the-middle
B - Brute force
Which is an attack that steals session information from a user and uses it to make the recipient think the original session with the original user is still open?
Choices:
A - Spoofing
B - Zero day attack
C - Session hijacking
D - Session engineering
C - Session hijacking
Two users are having an instant message conversation. One user gets up and forgets to lock the machine. A disgruntled employee sits down and keeps the conversation going, obtaining confidential information during the conversation. What type of attack is this?
Choices:
A - Brute force
B - Session hijacking
C - Man-in-the-middle
D - Social engineering
C - Man-in-the-middle
Which is an attack that uses a VLAN to gain access to resources on other VLANs?
Choices:
A - VLAN hopping
B - VLAN hijacking
C - VLAN smurfing
D - VLAN engineering
A - VLAN hopping
Which are types of malware that will typically degrade network performance? Choose three.
Choices:
A - Virus
B - Worm
C - Trojan horse
D - Social engineering
A - Virus
B - Worm
C - Trojan horse
What is often perceived as the biggest threat to network security?
Choices:
A - Open ports
B - Unsecure protocols
C - Disgruntled employees
D - Unnecessary running services
C - Disgruntled employees
What is the best way to reduce vulnerabilities in network services?
Choices:
A - Make sure all services are patched
B - Turn off services that are not needed
C - Make sure all services are encrypted
D - Use a domain account as the service account
B - Turn off services that are not needed
A network administrator wants to find open ports on a system. What tool should the administrator use?
Choices:
A - Port mapper
B - Port scanner
C - Port replicator
D - Protocol analyzer
B - Port scanner
What is a major vulnerability for transferring data through wireless networks?
Choices:
A - Using WEP encryption
B - Unencrypted channels
C - Broadcasting the SSID
D - Turning off MAC filtering
B - Unencrypted channels