Technologies and Tools Flashcards
1
Q
Which of the following options is a vendor neutral standard for message logging? A. SIEM B. Event manager C. SNMP D. Syslog
A
D. Syslog
2
Q
Your employer allows BYOD because the companies software landscape is entirely based on SaaS applications on the internet. Recently an employee's various accounts were accessed by a hacker. The user tells you they had different passwords for all of the applications. No one else has reported similar issues. After helping the user conduct a malware scan on their personal device you find that they have malware that records input given to the PC by the user. What option best describes the type of malware found? A. Worm B. RAT C. Key logger D. Virus
A
C. Key logger
3
Q
You are a member of the security tam in the IT infrastructure department at a manufacture. You have received a ticket from the network architecture team who have requested your approval of a proposed network change. the change is to replace a network device that allows internal services to make request to the internet without external systems being able to determine what internal server made the original request. What type of system is being changed? A. Firewall B. Switch C. Router D. Proxy
A
D. Proxy
4
Q
which of the following options is a functionality of tool that disallows access to a wireless network based on the layer 2 address of the client device? A. WPA2 B. MAC address filtering C. Split tunnel VPN D. ACL
A
B. MAC address filtering
5
Q
Your employer's security policies state that all externally facing servers should only be accessible via ports that are absolutely required. Generally your company only has web servers that are accessible from outside the companies network. a recent security review showed that it was possible to ping several of these web servers. What protocol should be disabled using a firewall to ensure pings do not successfully contact the servers? A. SNMP B. ICMP C. TCP D. TLS
A
B. ICMP
6
Q
You are a network security technician at a mid-size company. Your employer is planning for significant growth and the CIO has tasked you with implementing a system to consolidate all critical network device logs to a central location. The system should support logs form all routers, firewalls, switches and business critical servers and should send alerts in the event of security issues. What type of solution would best meet these requirements? A. SIEM B. DLP C. Central log print D. Hardware Security module
A
A. SIEM
7
Q
What type of NIDS commonly uses artificial Intelligence and data mining to identify malicious network traffic? A. Rule-based NIDS B. Filter-based NIDS C. Anomaly-based NIDS D. Signature-based NIDS
A
C. Anomaly-based NIDS
8
Q
What option would create a new ACL entry that would deny any port 80 HTTP traffic? A. allow tcp any server tcp 80 B. Allow all but tcp 443 C. Deny all any server web D. Deny tcp any server tcp 80
A
D. Deny tcp any server tcp 80
9
Q
You need to record packet data being sent to and from a server running Linux operating system. After recording the network traffic you want to view the data in a visualization tool like Wireshark. What command line tool is best suited for this task? A. Tracert B. Tcpdump C. Nmap D. Netstat
A
B. Tcpdump
