Telecommunications and Network Security Flashcards

2
Q
A VPN can be established over which of the following?
A) Wireless LAN connection
B) Remote access dial-up connection
C) WAN link
D) All of these are correct
A

All of these are correct

A VPN link can be established over any other network communication connection. This could be a typical LAN cable connection, a wireless LAN connection, a remote access dialup connection, a WAN link, or even an Internet connection used by a client for access to the office LAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
Which of the following IP addresses is not a private IP address as defined by RFC 1918?
A) 10.0.0.18
B) 169.254.1.119
C) 172.31.8.204
D) 192.168.6.43
A

169.254.1.119

The 169.254.x.x subnet is in the APIPA range, which is not part of RFC 1918. The addresses in RFC 1918 are 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, and 192.168.0.0-192.168.255.255.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
Which of the following is not an example of network segmentation?
A) Intranet
B) DMZ
C) Extranet
D) VPN
A

VPN

A VPN is a secure tunnel used to establish connections across a potentially insecure intermediary network. Intranet, extranet, and DMZ are examples of network segmentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
Which of the following is a type of connection that can be described as a logical circuit that always exists and is waiting for the customer to send data?
A) ISDN
B) PVC
C) VPN
D) SVC
A

PVC

A permanent virtual circuit (PVC) can be described as a logical circuit that always exists and is waiting for the customer to send data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
A significant benefit of a security control is when it goes unnoticed by users. What is this called?
A) Invisibility
B) Transparency
C) Diversion
D) Hiding in plain sight
A

Transparency

When transparency is a characteristic of a service, security control, or access mechanism it is unseen by users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
Which of the following is most likely to detect DoS attacks?
A) Host-based IDS
B) Network-based IDS
C) Vulnerability scanner
D) Penetration testing
A

Network-based IDS

Network-based IDSs are usually able to detect the initiation of an attack or the ongoing attempts to perpetrate an attack (including denial of service, or DoS). They are, however, unable to provide information about whether an attack was successful or which specific systems, user accounts, files, or applications were affected. Host based IDSs have some difficulty with detecting and tracking down DoS attacks. Vulnerability scanners don’t detect DoS attacks; they test for possible vulnerabilities. Penetration testing may cause a DoS or test for DoS vulnerabilities, but it is not a detection tool.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
\_\_\_\_\_\_\_\_\_ is a layer 2 connection mechanism that uses packet-switching technology to establish virtual circuits between the communication endpoints.
A) ISDN
B) Frame Relay
C) SMDS
D) ATM
A

Frame Relay

Frame Relay is a layer 2 connection mechanism that uses packet-switching technology to establish virtual circuits between the communication endpoints. The Frame Relay network is a shared medium across which virtual circuits are created to provide point-to-point communications. All virtual circuits are independent of and invisible to each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
Which of the following is not defined in RFC 1918 as one of the private IP address ranges that are not routed on the Internet?
A) 169.172.0.0-169.191.255.255
B) 192.168.0.0-192.168.255.255
C) 10.0.0.0-10.255.255.255
D) 172.16.0.0-172.31.255.255
A

169.172.0.0-169.191.255.255

The address range 169.172.0.0-169.191.255.255 is not listed in RFC 1918 as a private IP address range. It is in fact a public IP address range.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
Which type of firewall automatically adjusts its filtering rules based on the content of the traffic of existing sessions?
A) Static packet filtering
B) Application-level gateway
C) Stateful inspection
D) Dynamic packet filtering
A

Dynamic packet filtering

Dynamic packet-filtering firewalls enable the real-time modification of the filtering rules based on traffic content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
By examining the source and destination addresses, the application usage, the source of origin, and the relationship between current packets with the previous packets of the same session, firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities.
A) Static packet-filtering
B) Application-level gateway
C) Stateful inspection
D) Circuit-level gateway
A

Stateful inspection

Stateful inspection firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
Which of the following can be used to bypass even the best physical and logical security mechanisms to gain access to a system?
A) Brute-force attacks
B) Denial of service
C) Social engineering
D) Port scanning
A

Social engineering

Social engineering can often be used to bypass even the most effective physical and logical controls. Whatever activity the attacker convinces the victim to perform, it is usually directed toward opening a back door that the attacker can use to gain access to the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
\_\_\_\_\_\_\_\_ is a standards-based mechanism for providing encryption for point-to-point TCP/IP traffic.
A) UDP
B) IDEA
C) IPSec
D) SDLC
A

IPSec

IPSec, or IP Security, is a standards-based mechanism for providing encryption for point-to-point TCP/IP traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
What is both a benefit and a potentially harmful implication of multilayer protocols?
A) Throughput
B) Encapsulation
C) Hash integrity checking
D) Logical addressing
A

Encapsulation

Encapsulation is both a benefit and a potentially harmful implication of multilayer protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is not true regarding firewalls?
A) They are able to log traffic information.
B) They are able to block viruses.
C) They are able to issue alarms based on suspected attacks.
D) They are unable to prevent internal attacks.

A

They are able to block viruses.

Most firewalls offer extensive logging, auditing, and monitoring capabilities as well as alarms and even basic IDS functions. Firewalls are unable to block viruses or malicious code transmitted through otherwise authorized communication channels, prevent unauthorized but accidental or intended disclosure of information by users, prevent attacks by malicious users already behind the firewall, or protect data after it passed out of or into the private network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
What is needed to allow an external client to initiate a communication session with an internal system if the network uses a NAT proxy?
A) IPSec tunnel
B) Static mode NAT
C) Static private IP address
D) Reverse DNS
A

Static mode NAT

Static mode NAT is needed to allow an outside entity to initiate communications with an internal system behind a NAT proxy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following is not a benefit of NAT?
A) Hiding the internal IP addressing scheme
B) Sharing a few public Internet addresses with a large number of internal clients
C) Using the private IP addresses from RFC 1918 on an internal network
D) Filtering network traffic to prevent brute-force attacks

A

Filtering network traffic to prevent brute-force attacks

NAT does not protect against or prevent brute-force attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In addition to maintaining an updated system and controlling physical access, which of the following is the most effective countermeasure against PBX fraud and abuse?
A) Encrypting communications
B) Changing default passwords
C) Using transmission logs
D) Taping and archiving all conversations

A

Changing default passwords

Changing default passwords on PBX systems provides the most effective increase in security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
Which of the following is not a technology specifically associated with 802.11 wireless networking?
A) WAP
B) WPA
C) WEP
D) 802.11i
A

WAP

Wireless Application Protocol (WAP) is a technology associated with cell phones accessing the Internet rather than 802.11 wireless networking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q
What security concept encourages administrators to install firewalls, malware scanners, and an IDS on every host?
A) Endpoint security
B) Network access control (NAC)
C) VLAN
D) RADIUS
A

Endpoint security

Endpoint security is the security concept that encourages administrators to install firewalls, malware scanners, and an IDS on every host.

21
Q
Which networking technology is based on the IEEE 802.3 standard?
A) Ethernet
B) Token Ring
C) FDDI
D) HDLC
A

Ethernet

Ethernet is based on the IEEE 802.3 standard.

22
Q
Which OSI model layer manages communications in simplex, half-duplex, and full-duplex modes?
A) Application
B) Session
C) Transport
D) Physical
A

Session

Layer 5, Session, manages simplex (one-direction), half-duplex (two-way, but only one direction can send data at a time), and full-duplex (two-way, in which data can be sent in both directions simultaneously) communications.

23
Q
If you are the victim of a bluejacking attack, what was compromised?
A) Your car
B) Your switch
C) Your cell phone
D) Your web cookies
A

Your cell phone

A bluejacking attack is a wireless attack on Bluetooth, and the most common device compromised in a bluejacking attack is a cell phone.

24
Q
Which of the following is not a routing protocol?
A) OSPF
B) BGP
C) RPC
D) RIP
A

RPC

There are numerous dynamic routing protocols, including RIP, OSPF, and BGP, but RPC is not a routing protocol.

25
Q
At which layer of the OSI model does a router operate?
A) Network layer
B) Layer 1
C) Transport layer
D) Layer 5
A

Network layer

Network hardware devices, including routers, function at layer 3, the Network layer.

26
Q
Which wireless frequency access method offers the greatest throughput with the least interference?
A) FHSS
B) DSSS
C) OFDM
D) OSPF
A

OFDM

Orthogonal Frequency-Division Multiplexing (OFDM) offers high throughput with the least interference. OSPF is a routing protocol, not a wireless frequency access method.

27
Q

What is encapsulation?
A) Changing the source and destination addresses of a packet
B) Adding a header and footer to data as it moves down the OSI stack
C) Verifying a person’s identity
D) Protecting evidence until it has been properly collected

A

Adding a header and footer to data as it moves down the OSI stack

Encapsulation is adding a header and footer to data as it moves down the OSI stack.

28
Q
What authentication protocol offers no encryption or protection for logon credentials?
A) PAP
B) CHAP
C) SSL
D) RADIUS
A

PAP

Password Authentication Protocol (PAP) is a standardized authentication protocol for PPP. PAP transmits usernames and passwords in the clear. It offers no form of encryption. It simply provides a means to transport the logon credentials from the client to the authentication server.

29
Q

What function does the RARP protocol perform?
A) It is a routing protocol.
B) It converts IP addresses into MAC addresses.
C) It resolves physical addresses into logical addresses.
D) It manages multiplex streaming.

A

It resolves physical addresses into logical addresses.

Reverse Address Resolution Protocol (RARP) resolves physical addresses (MAC addresses) into logical addresses (IP addresses).

30
Q
Which of the following is not considered a non-IP protocol?
A) IPX
B) UDP
C) AppleTalk
D) NetBEUI
A

UDP

UDP is a transport layer protocol that operates as the payload of an IP packet. While it is not IP itself, it depends upon IP. IPX, AppleTalk, and NetBEUI are all alternatives to IP and thus are labeled as non-IP protocols.

31
Q
Email is the most common delivery vehicle for which of the following?
A) Viruses
B) Worms
C) Trojan horse
D) All of these are correct
A

All of these are correct

Email is the most common delivery mechanism for viruses, worms, Trojan horses, documents with destructive macros, and other malicious code.

32
Q
What is layer 4 of the OSI model?
A) Presentation
B) Network
C) Data Link
D) Transport
A

Transport

The Transport layer is layer 4. The Presentation layer is layer 6, the Data Link layer is layer 2, and the Network layer is layer 3.

33
Q
Which of the following VPN protocols do not offer native data encryption? (Choose all that apply.)
A) L2F
B) L2TP
C) IPSec
D) PPTP
A

L2F, L2TP, and PPTP

L2F, L2TP, and PPTP all lack native data encryption. Only IPSec includes native data encryption.

34
Q
At which OSI model layer does the IPSec protocol function?
A) Data Link
B) Transport
C) Session
D) Network
A

Network

IPSec operates at the Network layer (layer 3).

35
Q

Which of the following cannot be linked over a VPN?
A) Two distant Internet-connected LANs
B) Two systems on the same LAN
C) A system connected to the Internet and a LAN connected to the Internet
D) Two systems without an intermediary network connection

A

Two systems without an intermediary network connection

An intermediary network connection is required for a VPN link to be established.

36
Q

Which of the following is considered a denial of service attack?
A) Pretending to be a technical manager over the phone and asking a receptionist to change their password
B) While surfing the Web, sending to a web server a malformed URL that causes the system to consume 100 percent of the CPU
C) Intercepting network traffic by copying the packets as they pass through a specific subnet
D) Sending message packets to a recipient who did not request them simply to be annoying

A

While surfing the Web, sending to a web server a malformed URL that causes the system to consume 100 percent of the CPU

Not all instances of DoS are the result of a malicious attack. Errors in coding Oss, services, and applications have resulted in DoS conditions. Some examples of this include a process failing to release control of the CPU or a service consuming system resources out of proportion to the service requests it is handling. Social engineering and sniffing are typically not considered DoS attacks.

37
Q
When you're designing a security system for Internet-delivered email, which of the following is least important?
A) Nonrepudiation
B) Availability
C) Message integrity
D) Access restriction
A

Availability

Although availability is a key aspect of security in general, it is the least important aspect of security systems for Internet-delivered email.

38
Q
Tunnel connections can be established over all except for which of the following?
A) WAN links
B) LAN pathways
C) Dial-up connections
D) Stand-alone systems
A

Stand-alone systems

A stand-alone system has no need for tunneling because no communications between systems are occurring and no intermediary network is present.

39
Q

Why is spam so difficult to stop?
A) Filters are ineffective at blocking inbound messages.
B) The source address is usually spoofed.
C) It is an attack requiring little expertise.
D) Spam can cause denial-of-service attacks.

A

The source address is usually spoofed.

It is often difficult to stop spam because the source of the messages is usually spoofed.

40
Q
What form of infrastructure mode wireless networking deployment supports large physical environments through the use of a single SSID but numerous access points?
A) Stand-alone
B) Wired extension
C) Enterprise extension
D) Bridge
A

Enterprise extension

Enterprise extended infrastructure mode exists when a wireless network is designed to support a large physical environment through the use of a single SSID but numerous access points.

41
Q

Which of the following is not a denial-of-service attack?
A) Exploiting a flaw in a program to consume 100 percent of the CPU
B) Sending malformed packets to a system, causing it to freeze
C) Performing a brute-force attack against a known user account
D) Sending thousands of emails to a single address

A

Performing a brute-force attack against a known user account

A brute-force attack is not considered a DoS.

42
Q

What is a TCP wrapper?
A) An encapsulation protocol used by switches
B) An application that can serve as a basic firewall by restricting access based on user IDs or system IDs
C) A security protocol used to protect TCP/IP traffic over WAN links
D) A mechanism to tunnel TCP/IP through non-IP networks

A

An application that can serve as a basic firewall by restricting access based on user IDs or system IDs

A TCP wrapper is an application that can serve as a basic firewall by restricting access based on user IDs or system IDs.

43
Q
A \_\_\_\_\_\_\_\_\_ is an intelligent hub because it knows the addresses of the systems connected on each outbound port. Instead of repeating traffic on every outbound port, it repeats traffic only out of the port on which the destination is known to exist.
A) Repeater
B) Switch
C) Bridge
D) Router
A

Switch

A switch is an intelligent hub. It is considered to be intelligent because it knows the addresses of the systems connected on each outbound port.

44
Q
\_\_\_\_\_\_\_\_\_\_\_\_\_\_ firewalls are known as third-generation firewalls.
A) Application-level gateway
B) Stateful inspection
C) Circuit-level gateway
D) Static packet-filtering
A

Stateful inspection

Stateful inspection firewalls are known as third-generation firewalls.

45
Q
What is it called when email itself is used as an attack mechanism?
A) Masquerading
B) Mail-bombing
C) Spoofing
D) Smurf attack
A

Mail-bombing

Mail-bombing is the use of email as an attack mechanism. Flooding a system with messages causes a denial of service.

46
Q
Which of the following is the least resistant to EMI?
A) Thinnet
B) 10Base-T UTP
C) 10Base5
D) Coaxial cable
A

10Base-T UTP

10Base-T UTP is the least resistant to EMI because it is unshielded. Thinnet (10Base2) and thicknet (10Base5) are each a type of coaxial cable, which is shielded against EMI.

47
Q
Which of the following is typically not an element that must be discussed with end users in regard to email retention policies?
A) Privacy
B) Auditor review
C) Length of retainer
D) Backup method
A

Backup method

The backup method is not an important factor to discuss with end users regarding email retention.