Unit 5 Flashcards

Question 1

Q

___ ___ consists of AFI’s, Local OI’s, and other policies adopted to prevent and monitor unauthorized access, misuse, modification, or denial of service of a computer network or network device.

Answer

A

Network Security

Question 2

Q

____ is not simply ensuring multiple media paths in a network, but it also refers to the devices themselves and the power supplied to each device. Redundant power eliminates a single point of power failure within the network.

Answer

A

Redundancy

Question 3

Q

Redundancy uses ___ of critical components/devices, increasing the reliability of the system.

Answer

A

duplication

Question 4

Q

___ are inexpensive and convenient solutions that can be applied on a per device basis or support multiple devices with lower power requirements.

Answer

A

Uninterruptible Power Supplies (UPS)

Question 5

Q

In the event of a power failure, the ___ will provide power, similar to a large rechargeable battery, to all devices connected until the battery drains, at which point the connected devices will power down.

Question 6

Q

A ___ is commonly used to supply power to end devices to mitigate minor short-term outages.

Question 7

Q

___ ___ ___ is beneficial because, over time, power supplies fail. Having a backup power supply built-in ensures that there is readily available power for the device in the event the primary power source fails.

Answer

A

Redundant Power Supplies

Question 8

Q

The main drawback is that this solution provides no protection for large-scale power failures within the network.

Answer

A

Redundant Power Supplies

Question 9

Q

Generally, ___ ___ are reserved for vital or large-scale facilities that house core network components.

Answer

A

facility generators

Question 10

Q

___ ___ protect entire buildings for sustained periods to ensure mission- critical devices remain functional.

Answer

A

facility generators

Question 11

Q

The drawback is that these systems require continual maintenance and are generally very costly.

Answer

A

facility generators

Question 12

Q

This would be a solution used to minimize the effect of large-scale outages caused by natural phenomena (such as lightning strikes) or brownouts.

Answer

A

facility generators

Question 13

Q

___ ___ helps eliminate a single point of failure in the network.

Answer

A

Network redundancy

Question 14

Q

Sometimes the device itself just fails. In these instances, it is common to have devices, known as a ___ ___, ready for replacement. A ___ ___ device would be a mirror image of the failed device down to
specifications and configuration.

Answer

A

hot spare

Question 15

Q

This allows technicians to quickly replace the failed device with
the pre-configured spare device to restore network operation. Minimizing the downtime in a network should be a priority for all network technicians. It is important to understand you will not
have a ___ ___ ___ for all network devices; generally, only mission-critical devices require this option.

Answer

A

hot spare device

Question 16

Q

___ ___ provides a solution for network managers who require higher bandwidth between servers, routers, and switches than single-link Ethernet technology can provide.

Answer

A

Link aggregation

Question 17

Q

___ ___ provides incremental trunk speeds by combining multiple interfaces to act as one link.

Answer

A

Link aggregation

Question 18

Q

When it comes to link aggregation, the maximum number of links that can be combined is…?

Question 19

Q

____ is a technology used to allow grouping of several physical Ethernet links to create one logical Ethernet link. It is basically a port link aggregation technology used primarily on Cisco
switches.

Answer

A

EtherChannel

Question 20

Q

____ allows multiple physical Ethernet links to combine into one logical channel. This allows load sharing of traffic among the links in the channel as well as redundancy in the event that one or more links in the channel fail.

Answer

A

EtherChannel

Question 21

Q

____ is a Cisco proprietary version of Link-Aggregation described as having more than one link connected to a server, switch, or router and treating it like one logical link.

Answer

A

EtherChannel

Question 22

Q

The following is a list of benefits for what technology?

 Increased bandwidth
 Redundancy
 When a link fails, the traffic will go onto another link almost instantly
 When a link is restored, it will automatically rejoin the ____

Answer

A

EtherChannel

Question 23

Q

____ is an application layer protocol that is a part of the TCP/IP suite. It exchanges management information between network devices. Network administrators use ___ to monitor and map network availability, performance, and error rates.

Answer

A

Simple Network Management Protocol (SNMP)

Question 24

Q

Which version of SNMP is the following describing?

____ operates over protocols such as User Datagram Protocol (UDP), Internet Protocol (IP), OSI Connectionless Network Service (CLNS), AppleTalk Datagram-Delivery Protocol (DDP), and Novell Internet Packet Exchange (IPX). It is not used in today’s networks.

Answer

A

SNMP version 1 (SNMPv1)

Question 25

Q

Which version of SNMP is the following describing?

Revises version 1 and includes improvements in the areas of performance, security, confidentiality, and manager-to-manager communications. This version is still used, but SNMPv3 is preferred.

Answer

A

SNMP version 2 (SNMPv2)

Question 26

Q

Which version of SNMP is the following describing?

This version added security and remote configuration enhancements to SNMP. This is the preferred version of SNMP. It is also the SNMP version that is required on AF networks.

Answer

A

SNMP version 3 (SNMPv3)

Question 27

Q

___ is any program or code designed to do something on a system or network that you don’t want to have happen.

Question 28

Q

A ___ is a program that has two jobs: to replicate and to activate. Replication means it makes copies of itself, often as code stored in boot sectors or as extra code added to the end of executable
programs. Activation is when a ___ does something like erase the boot sector of a drive.

Question 29

Q

A ___ functions similar to a virus. It replicates exclusively through networks. A ___, unlike a virus, doesn’t have to wait for someone to use a removable drive to replicate, nor does it need a host file. If the infected computer is on a network, a ___ will immediately start sending copies of itself to any other computers on the network it can locate.

Question 30

Q

Macros help users automate repetitive tasks, so they can be useful. Many applications include tools that enable you to create macros, a group of commands that you can run at once. Malicious
programmers can take advantage of the macros available to attack a computer. ___ ___ can be embedded into a program file. When the file is opened, the ___ ___ runs automatically creating havoc on a system.

Answer

A

Macro Virus

Question 31

Q

A ___ ___ is a piece of malware that looks or pretends to do one thing while, at the same time, doing something bad. A ___ ___ may be a game, like poker, or a free screensaver. The more “popular” ___ ___ turn an infected computer into a server and then open TCP or UDP ports so a remote user can control the infected computer.

Answer

A

Trojan Horse

Question 32

Q

___ spyware is usually a Trojan Horse that takes advantage of very low-level operating system functions to hide from all but the most aggressive of antimalware tools. ____ can strike operating systems, hypervisors, and even firmware.

Question 33

Q

A program that monitors the types of websites you frequent and uses that information to generate targeted advertisements.

Question 34

Q

___ is a function of any program that sends information about your system or your actions over the Internet. The type of information sent depends on the program. A ___ program will include your browsing history.

Question 35

Q

___ ___ is the process of using or manipulating people inside the network environment to gain access to that network from the outside. A successful ___ ___ attack relies on the fault of humans rather than a fault in the network.

Answer

A

Social Engineering

Question 36

Q

This form of social engineering is when the attacker poses as some sort of trusted site, like an online version of your bank or credit card company, to trick you into updating your financial information.

Question 37

Q

___ ___ is a phishing method that targets specific individuals or groups within an organization. ___ ___ may use emails, social media, instant messaging, or other platforms to get users to give up personal information or cause network compromise, data loss, or financial loss.

Answer

A

Spear phishing

Question 38

Q

____ is a highly targeted phishing attack aimed at senior executives masquerading as a legitimate email. ____ e-mails are more sophisticated than generic phishing e-mails. Usually, e-mails will contain personalized information about the targeted organization or individual, convey a sense of urgency, and are crafted with a solid understanding of business language.

Question 39

Q

___ ___ is when a person goes through the trash in order to find personal information, typically on paper that is thrown away.

Answer

A

Dumpster Diving

Question 40

Q

A ___ ___ ___ ___ ___ is when a person inserts themselves into a conversation between two others, covertly intercepting traffic thought to be only between those other people. The ___ ___ ___ ___ might gather those conversations to gain access to passwords or other sensitive data or to get the shared keys in an encrypted conversation.

Answer

A

A Man-in-the-middle attack

Question 41

Q

___ ___ ___ attacks are the work of hackers whose only interest is in bringing a network to its knees. They accomplish this by flooding the network with so many requests that it becomes overwhelmed and stops functioning.

Answer

A

Denial of Service (DoS)

Question 42

Q

___ is using another person’s wireless network without permission.

Question 43

Q

The following describes a which threat to a wireless network?

Most Wi-Fi networks use some form of encryption to stop casual leeching, but that doesn’t necessarily stop the sophisticated thief. Wi-Fi networks use four types of encryption: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA version 2 (WPA2), and WPA
version 3 (WPA3). All methods have vulnerabilities, but WPA3 offers the best security. These encryption methods are discussed later in the objective.

Answer

A

Cracking Wireless Encryption

Question 44

Q

A ___ ___ ___ is an unauthorized Wireless Access Point (WAP) installed on the network. ___ ___ ___ are a huge problem today. Anyone can easily purchase an inexpensive WAP and just plug it into a network. To make the issue even worse, almost all WAPs are designed to
work using the preinstalled configuration, giving easy access to your network from a location physically outside your network.

Answer

A

Rogue Access Point

Question 45

Q

An ___ ___ is a rogue access point that looks like a legitimate access point. It can be used to fool people into logging into it. People who log into the ___ ___ will have their keystrokes recorded in the hopes of stealing passwords and other valuable information. An ___ ___ is basically a wireless phishing attack.

Answer

A

evil twin

Question 46

Q

___ ___ consists of hardware safeguards. Lock up your servers to prevent physical access by any unauthorized person. Locking up all of your client systems is difficult. All users must perform some physical security. Each user must lock their computer when they step away from their desk.

Answer

A

Physical Security

Question 47

Q

___ ___ consists of software safeguards. This consists of requiring user identification, password access, authenticating, access rights, and authority levels. These measures ensure that only authorized users are able to perform actions or access information in a network or a workstation.

Answer

A

Logical Security

Question 48

Q

What are the four ways to secure a user account?

Answer

A

Authentication - Occurs when a user identifies themselves to the system, and the identity is verified against an authentication database.

Authorization - Grants or denies resources and info of the network

Accounting - Tracking of resource usage on network

Acceptable Use Policies - What users are allowed and not allowed to do on the company’s network

Question 49

Q

____ protect networks from potential attacks from outside your network by filtering packets using a number of methods, such as hiding IP addresses using Network Address Translation (NAT), selectively blocking TCP and UDP ports, or even filtering traffic based on MAC addresses.

Question 50

Q

There are two main types of firewalls:

Answer

A

software and hardware firewalls

Question 51

Q

___ firewalls are network devices that can be installed into a network.

Answer

A

Hardware firewalls

Question 52

Q

___ ___ are firewalls built into operating systems or applications.

Answer

A

Software firewalls

Question 53

Q

___ ___ ___ permits or denies access to the network based on the MAC address of the client. Every network device has a unique 48-bit MAC address. It’s often one of the implemented security measures in wireless networks because setting it up is quick. You program a list of MAC addresses that you accept and block all others.

Answer

A

MAC address filtering

Question 54

Q

___ ___ ___/___ ___ is like MAC address filtering, except filtering is based on IP addresses instead of MAC addresses. Packet filters, also known as IP filters, will block any incoming or outgoing packet from a particular IP address or range of IP addresses. These addresses
are stored in an Access Control List (ACL).

Answer

A

IP address filtering/Packet filtering

Question 55

Q

___ ___ is the second most common firewall tool assuring port security through ___ ___, also called port blocking. It is a method that to prevents the passage of any TCP or UDP segments or datagrams through any port other than the ones prescribed by the system administrator. ___ ___ is effective, but it requires some serious configuration to work properly.

Answer

A

Port filtering

Question 56

Q

___ ___ ___ ___ ___ is the first and most common technique for protecting a network. It is a method used by firewalls to prevent a hacker from gaining access to your real IP address. If a hacker gets a real IP address, he or she can begin to probe that system, looking for vulnerabilities. If you can prevent a hacker from getting an IP address to probe, you’ve stopped most hacking techniques cold.

Answer

A

Hiding the real IP address

Question 57

Q

___ ___ are actions that are properly implemented into a network that prevent or deter attacks.

Answer

A

Security measures

Question 58

Q

The following describes which type of security measure?

___ ___ ___ is a software utility that detects, prevents, and removes viruses, worms, and other malware from a computer. Most ___ ____ ___ programs include an auto-update feature that permits the program to download profiles new viruses, enabling the system to check for new threats. ___ ___ ___ are essential utilities for any computer, but the choice of which one is very important.

Answer

A

Anti-virus software

Question 59

Q

The following describes which type of security measure?

___ ___ is software tools and programs designed to identify and prevent malicious software, or malware, from infecting computer systems or electronic devices.

Answer

A

Anti-malware

Question 60

Q

The following describes which type of security measure?

____ is an application (often running on a dedicated ___ box) that inspects incoming packets looking for active intrusions. It is designed to analyze data & identify attacks, and to report any suspicious activity to network administrators. An important aspect of an ____ to note is that an ___ does NOT take any actions to stop the attack, so an ___ is a passive device. A good ___ knows how to find attacks that no firewall can find, such as viruses, illegal login attempts, and other well-known attacks.

Answer

A

Intrusion Detection System (IDS)

Question 61

Q

The following describes which type of security measure?

___ is very similar to an IDS, but an ___ adds the capability to react to an attack. An ___ inspects incoming packets looking for intrusion and attacks, like an IDS does, but an ___ adds the ability to actively prevent intrusions.

Answer

A

Intrusion Prevention System (IPS)

Question 62

Q

The following describes which type of security measure?

___ ___ ___ involves using several different methods of security. The idea behind layered security is that using multiple strategies to protect systems from a broad range of attacks will be more effective than using one strategy or system.

Answer

A

Multi=layered security

Question 63

Q

The following describes which type of security measure?

___ ___ proactively identify security vulnerabilities of computing systems in a network to determine if and where a system can be exploited and/or threatened. They are used to check for weaknesses in a network. ___ ___ employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws, and generating a report of the findings that an individual or an enterprise can use to tighten
the network’s security.

Answer

A

Vulnerability scanners

Question 64

Q

___ is the name assigned to a Wi-Fi (wireless) network. The ___ is a
text string that is up 32 bytes long. All devices in the network must use this case-sensitive name to communicate over Wi-Fi. You can choose not to broadcast your ___, which would make it more difficult for a hacker to find.

Answer

A

Service Set Identifier (SSID)

Answer 52

A

MAC address filtering

Answer 53

A

blacklist
whitelist

Answer 54

A

Wired Equivalent Privacy (WEP)

Answer 55

A

Wi-Fi Protected Access (WPA)

Answer 56

A

Wi-Fi Protected Access 2 (WPA2)

Answer 57

A

Wi-Fi Protected Access 3 (WPA3)

Brainscape's Knowledge GenomeTM

Unit 5 Flashcards

Brainscape's Knowledge Genome^TM