Study CND Flashcards
What is the bit size of the Next Header field in the IPv6 header format?
8 Bits
Which of the following is a presentation layer protocol? A. TCP B. RPC C. BGP D. LWAPP
Answer: D
LWAPP
What IEEE standard is Fast Basic Service Set Transition? And what does it do?
802.11r is the standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one base station to another, managed in a seamless manner.
__________ is a congestion control mechanism that is designed for unicast flows operating in an Internet environment and competing with TCP traffic?
TCP Friendly Rate Control
What is the IEEE-SA for wireless personal area networks?
802.15
Which layer performs routing of IP datagrams?
Internet Layer
Which of the following layers performs routing of IP datagrams? A. Transport layer B. Link layer C. Application layer D. Internet layer
Internet layer
Answer: D
Which of the following standards defines Logical Link Control (LLC)? A. 802.2 B. 802.3 C. 802.5 D. 802.4
802.2
Answer: A
Which of the following protocols supports source-specific multicast (SSM)? A. DHCP B. ARP C. DNS D. BGMP
BGMP
Answer: D
Token Ring is standardized by which of the following IEEE standards? A. 802.2 B. 802.4 C. 802.3 D. 802.1
802.4 is the standard for Token Ring
Answer: B
Which of the following is an example of a network providing DQDB access methods? A. IEEE 802.3 B. IEEE 802.2 C. IEEE 802.4 D. IEEE 802.6
802.6 - Local and Metropolitan Area Networks: Distributed Queue Dual Bus (DQDB) Subnetwork of a Metropolitan Area Network (MAN)
Answer: D
Which of the following IEEE standards defines the demand priority access method? A. 802.15 B. 802.3 C. 802.12 D. 802.11
802.12
Answer: C
has to do with 100 Mbit Wifi on demand access. Probably not on the test. MAN
Which of the following IEEE standards adds QoS features and multimedia support? A. 802.11b B. 802.11e C. 802.5 D. 802.11a
802.11e
Answer: B
Which of the following OSI layers is sometimes called the syntax layer?
Presentation layer
Which of the following IEEE standards defines the token passing ring topology? A. 802.4 B. 802.5 C. 802.3 D. 802.7
802.5
Answer: B
Which of the following IEEE standards defines a physical bus topology? A. 802.4 B. 802.5 C. 802.6 D. 802.3
802.4
Answer: A
Which of the following fields in the IPv6 header replaces the TTL field in the IPv4 header? A. Next header B. Traffic class C. Hop limit D. Version
Hop Limit
Answer: C
What is the response of an Xmas scan if a port is either open or filtered? A. RST B. No response C. FIN D. PUSH
NO Response
Answer: B
CSMA/CD is specified in which IEEE standard?
802.3
Which of the following protocols sends a jam signal when a collision is detected?
CSMA/CD
Which of the following protocols is used in wireless networks? A. CSMA B. CSMA/CD C. ALOHA D. CSMA/CA
CSMA/CA
Answer: D
TCP SYN scanning is also known as
half-open scanning
You are a professional Computer Hacking forensic investigator. You have been called to collect
evidences of buffer overflow and cookie snooping attacks. Which of the following logs will you
review to accomplish the task?
A. Program logs
B. Web server logs
C. Event logs
D. System logs
A. Program logs
C. Event logs
D. System logs
Answer: D, C, and A
Jason diagnoses the internals of his computer and observes that some changes have
been made in Sam’s computer registry. To rectify the issue, Jason has to restore the registry. Which of
the following utilities can Jason use to accomplish the task? Each correct answer represents a
complete solution. Choose all that apply.
A. Reg.exe
B. EventCombMT
C. Regedit.exe
D. Resplendent registrar
A. Reg.exe
C. Regedit.exe
D. Resplendent registrar
The Distance Vector Multicast Routing Protocol (DVMRP) is used to …
share information between routers to transport IP Multicast packets among networks.
______________ is an enumeration technique used to glean information about computer systems
on a network and the services running its open ports.
Banner Grabbing
The Data Link Switching Client Access Protocol (DCAP) is an application layer
protocol that is used between workstations and routers for
transporting SNA/NetBIOS traffic over
TCP sessions.
Honeynet is a prime example of
a high-interaction honeypot.
Two or more honeypots on a network
form a
honeynet.
Which of the following steps of the OPSEC process examines each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then compare those indicators with the adversary’s intelligence collection capabilities identified in the previous action?
A. Analysis of Threats
B. Application of Appropriate OPSEC Measures
C. Identification of Critical Information
D. Analysis of Vulnerabilities
E. Assessment of Risk
D. Analysis of Vulnerabilities
Analysis of Vulnerabilities: It includes examining each aspect of the planned operation to identify
OPSEC indicators that could reveal critical information and then comparing those indicators with the
adversary’s intelligence collection capabilities identified in the previous action
Which of the following protocols is used for inter-domain multicast routing and natively supports "source-specific multicast" (SSM)? A. BGMP B. DVMRP C. OSPF D. EIGRP
BGMP
BGMP stands for border gateway multicast protocol. It is used for inter-domain multicast routing and
natively supports “source-specific multicast” (SSM). In order to support “any-source multicast”
(ASM), BGMP builds shared trees for active multicast groups. This allows domains to build sourcespecific,
inter-domain, distribution branches where needed. BGMP uses TCP as its transport protocol,
which helps in eliminating the need to implement message fragmentation, retransmission,
acknowledgement, and sequencing.
What did the 802.11e enhancement to 802.a and 802.b provide?
QOS prioritization of voice data video transmissions
Which of the OSI Seven Layers establishes, manages terminates connections between local and remote applications.
Session
Which of the following are used as a cost estimating technique during the project planning
stage? Each correct answer represents a complete solution. Choose three.
A. Function point analysis
B. Program Evaluation Review Technique (PERT)
C. Expert judgment
D. Delphi technique
D. Delphi technique
C. Expert judgment
A. Function point analysis
Which of the following IP class addresses are not allotted to hosts
Class D 224 - 239 reserved for multicasting
Class E 240 -255 experimental
Which of the following IEEE standards provides specifications for wireless ATM systems?
802.11a
Which of the following is the type of documented business rule for protecting information and the
systems, which store and process the information
A. Information protection policy
B. Information protection document
C. Information storage policy
D. Information security policy
Information security policy
Which of the following UTP cables supports transmission up to 20MHz? A. Category 2 B. Category 5e C. Category 4 D. Category 1
Category 4
Which of the following is also known as slag code? A. Trojan B. Logic bomb C. Worm D. IRC bot
Logic Bomb
Which of the following is susceptible to a birthday attack? A. Authentication B. Integrity C. Authorization D. Digital signature
Digital Signature
Which of the following wireless networks provides connectivity over distance up to 20 feet? A. WMAN B. WPAN C. WLAN D. WWAN
WPAN
Which of the following networks interconnects devices centered on an individual person's workspace? A. WLAN B. WPAN C. WWAN D. WMAN
WPAN
Which of the following is a symmetric 64-bit block cipher that can support key lengths up to 448 bits? A. HAVAL B. BLOWFISH C. IDEA D. XOR
Blowfish
Which of the following protocols is used to exchange encrypted EDI messages via email? A. S/MIME B. MIME C. HTTP D. HTTPS
S/MIME
Which of the following are provided by digital signatures? A. Identification and validation B. Authentication and identification C. Integrity and validation D. Security and integrity
Authentication and Validation
Which of the following is a passive attack? A. Unauthorized access B. Traffic analysis C. Replay attack D. Session hijacking Answer: B
Traffic Analysis
Which of the following is a malicious program that looks like a normal program? A. Impersonation B. Worm C. Virus D. Trojan horse
Trojan Horse
Which of the following is an IPSec protocol that can be used alone in combination with Authentication Header (AH)? A. L2TP B. PPTP C. ESP D. PPP
ESP
Encapsulating Security Payload protocol
Which of the following attacks combines dictionary and brute force attacks? A. Replay attack B. Man-in-the-middle attack C. Hybrid attack D. Phishing attack
Hybrid Attack
Which of the following attacks comes under the category of an active attack? A. Replay attack B. Wireless footprinting C. Passive Eavesdropping D. Traffic analysis
Replay Attack
Which of the following encryption techniques do digital signatures use? A. MD5 B. RSA C. Blowfish D. IDEA
MD5
Which of the following header fields in TCP/IP protocols involves Ping of Death attack? A. SMTP header field B. TCP header field C. IP header field D. UDP header field
TCP Header Field
Which of the following modems offers wireless communication under water? A. Controllerless modem B. Short haul modem C. Acoustic modem D. Optical modem
Acoustic modem
Which of the following protocols is used by the Remote Authentication Dial In User Service (RADIUS)
client/server protocol for data transmission?
A. DCCP
B. FTP
C. FCP
D. UDP
UDP
Which of the following applications is used for the statistical analysis and reporting of the log files? A. Sawmill B. Sniffer C. Snort D. jplag
Sawmill
Which of the following is a Cisco product that performs VPN and firewall functions? A. Circuit-Level Gateway B. PIX Firewall C. IP Packet Filtering Firewall D. Application Level Firewall
PIX Firewall
Which of the following is also known as stateful firewall? A. PIX firewall B. Stateless firewall C. DMZ D. Dynamic packet-filtering firewall
Dynamic packet-filtering firewall
Which of the following is a centralized collection of honeypots and analysis tools? A. Production honeypot B. Honeynet C. Research honeypot D. Honeyfarm
Honeyfarm
Which of the following routing metrics is the sum of the costs associated with each link traversed? A. Routing delay B. Communication cost C. Bandwidth D. Path length
Path Length
Which of the following honeypots is a useful little burglar alarm? A. Backofficer friendly B. Specter C. Honeynet D. Honeyd
Backofficer friendly
What is the location of honeypot on a network? A. Honeyfarm B. Honeynet C. Hub D. DMZ
DMZ
Which of the following is an open source implementation of the syslog protocol for Unix? A. syslog-os B. syslog Unix C. syslog-ng D. Unix-syslog
syslog-ng
Which of the following protocols is a more secure version of the Point-to-Point Tunneling Protocol (PPTP) and provides tunneling, address assignment, and authentication? A. IP B. L2TP C. PPP D. DHCP
L2TP
Which of the following sets of incident response practices is recommended by the CERT/CC? A. Prepare, notify, and follow up B. Notify, handle, and follow up C. Prepare, handle, and notify D. Prepare, handle, and follow up
Prepare, handle, and follow up
Which of the following tools scans the network systems for well-known and often exploited vulnerabilities? A. Nessus B. SAINT C. SATAN D. HPing
SATAN