22
When using classful IPv4 addressing, a network ID always ends with an octet of ____.
0
Your workstation's IP address is 10.35.88.12, and your supervisor's workstation's IP address is 10.35.91.4. When you send data from your workstation to your supervisor's workstation, what is the most likely IP address of the first default gateway that will accept and interpret your transmission?
10.35.88.1
The result from ANDing 11001111 with 10010001 is ____.
10000001
You have been tasked with the creation and design of a network that must support a minimum of 5000 hosts. Which network accomplishes this goal?
1030.0.0/19
If you subdivide your Class B network into 256 subnets, what is the maximum number of hosts you can assign to any single subnet?
254
What subnet mask can be used to segment the 172.16.0.0 network to allow for a minimum of 6 subnets while maximizing the number of hosts per subnet?
255.255.224.0
Convert the following subnet mask into its dotted-decimal equivalent: 11111111 11111111 11111000 00000000.
255.255.248.0
You have decided to create 256 subnets on your Class B network. What subnet mask will you use to accomplish this?
255.255.255.0
A network with a CIDR notation of /26 would have what subnet mask?
255.255.255.192
A network with 6 bits remaining for the host portion will have how many usable host addresses?
62
How many subnets can a /48 site prefix support?
65,536 subnets
Which statement regarding denial-of-service (DoS) attacks is accurate?
A denial-of-service attack prevents legitimate users from accessing normal network resources
20. Which of the following statements describes a worm? a. A program that disguises itself as something useful but actually harms your system. b. A process that runs automatically, without requiring a person to start or stop it. c. A program that runs independently of other software and travels between computers and across networks. d. A program that locks a user's data or computer system until a ransom is paid.
A program that runs independently of other software and travels between computers and across networks.
Which of the following statements describes a worm?
A program that runs independently of other software and travels between computers and across networks.
13. How is a posture assessment performed on an organization? a. A thorough examination of each aspect of the organization's network is performed to determine how it might be compromised. b. A third party organization is tasked with attempting to break into the organization and compromise security in order to determine threat vectors. c. A report of data that is subject to special regulation is created, such that the organization is aware of what data needs protection. d. An assessment of how a network will perform under stress is performed to determine if the network throughput is adequate.
A thorough examination of each aspect of the organization's network is performed to determine how it might be compromised.
A single switch can manage traffic belonging to several VLANs on a single interface, by configuring which option on the interface?
A trunk port
Which of the following scenarios represents a phishing attempt?
An e-mail was sent to a manager at your company that appeared to be from the company's CTO, asking for access.
Utilized by China's so-called "Great Firewall", what type of attack can prevent user access to web pages, or even redirect them to illegitimate web pages?
DNS poisoning
Which type of DoS attack involves an attack that is bounced off uninfected computers before being directed at the target?
Distributed reflection denial-of-service (DRDoS)
How often should you require users to change their passwords?
Every 60 days
It is ideal to use the same password for multiple different applications, provided the password is complex enough.
False
The original version of the Secure Hash Algorithm was developed by MIT.
False
8. Which command can be used on a Windows system to create a hash of a file? a. md5 b. shasum c. Get-FileHash d. Compute-FileHash
Get-FileHash
Which command can be used on a Windows system to create a hash of a file?
Get-Filehash
19. What is the Nmap utility used for? a. It is used to identify unsecured sensitive data on the network, such as credit cards. b. It is an automated vulnerability and penetration testing framework. c. It is a software firewall that can be used to secure a vulnerable host. d. It is a port scanning utility that can identify open ports on a host.
It is a port scanning utility that can identify open ports on a host.
What is the Nmap utility used for?
It is a port scanning utility that can identify open ports on a host.
12. Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers? a. Nmap b. Nessus c. Metasploit d. L0phtcrack
Nessus
Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers?
Nessus
24. Which of the following statements correctly describes the malware characteristic of polymorphism? a. Polymorphic malware can change its characteristics every time it is transferred to a new system. b. Polymorphic malware is designed to activate on a particular date, remaining harmless until that time. c. Polymorphic malware is software that disguises itself as a legitimate program, or replaces a legitimate program's code with destructive code. d. Polymorphic malware utilizes encryption to prevent detection.
Polymorphic malware can change its characteristics every time it is transferred to a new system.
What statement regarding the different versions of the SHA hashing algorithm is accurate?
SHA-2 and SHA-3 both support the same hash lengths
1. What statement regarding the different versions of the SHA hashing algorithm is accurate? a. SHA-0 is the most secure version of SHA. b. SHA-1 supports a 128-bit hash function. c. SHA-2 only supports a 256-bit hash. d. SHA-2 and SHA-3 both support the same hash lengths.
SHA-2 and SHA-3 both support the same hash lengths.
In the typical social engineering attack cycle, what occurs at Phase 3?
The attacker exploits an action undertake by the victim in order to gain access
4. In the typical social engineering attack cycle, what occurs at Phase 3? a. The attacker researches the desired target for clues as to vulnerabilities. b. The attacker builds trust with the target and attempts to gain more information. c. The attacker exploits an action undertaken by the victim in order to gain access. d. The attacker executes an exit strategy in such a way that does not leave evidence or raise suspicion.
The attacker exploits an action undertaken by the victim in order to gain access.
5. In a red team-blue team exercise, what is the purpose of the blue team? a. The blue team is tasked with attacking the network. b. The blue team must observe the actions of the red team. c. The blue team is charged with the defense of the network. d. The blue team consists of regulators that ensure no illegal activity is undertaken.
The blue team is charged with the defense of the network.
2. A variant of BYOD, what does CYOD allow employees or students to do? a. They can supply their own software on a computer or mobile device. b. They can supply their choice of cloud application or storage. c. They can choose a device from a limited number of options. d. They can use whatever devices they wish to bring.
They can choose a device from a limited number of options.
A variant of BYOD, what does CYOD allow employees or students to do?
They can choose from a limited number of options
A drop ceiling could be used by an intruder to gain access to a secured room.
True
Current research indicates that a long, random string of words, such as correct horse battery staple is more secure than a random series of letters, numbers, and symbols that is short enough to be remembered.
True
Over a long-distance connection, using SSH keys is more secure than using passwords.
True
Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both potential symptoms of a viral infection.
True
Switches can create ____ by grouping a number of ports into a broadcast domain.
VLANs
23. Which of the following scenarios would necessitate the use of a non-disclosure agreement? a. Your company wishes to educate users on the proper use of the network. b. Your company needs to prevent a new contractor from sharing information with a potential competitor. c. Your company needs to impose password restrictions on new users in the network. d. Your company would like to allow employees to bring their own devices.
Your company needs to prevent a new contractor from sharing information with a potential competitor.
6. You have been tasked with the creation and design of a network that must support a minimum of 5000 hosts. Which network accomplishes this goal?
a. 10.3.0.0/19
17. Given a host IP address of 172.16.1.154 and a subnet mask of 255.255.254.0, what is the network ID for this host?
a. 172.16.0.0
18. How many /64 subnets can be created within a /56 prefix?
a. 256
7. How large is the 802.1Q tag that is added to an Ethernet frame when using VLANs?
a. 4 bytes
5. Which of the following terms is commonly used to describe a VLAN configuration in which one router connects to a switch that supports multiple VLANs?
a. router-on-a-stick
17. Where would restrictions regarding what users can and cannot do while accessing a network's resources be found? a. acceptable use policy document b. terms of service document c. license restrictions document d. non-disclosure agreement document
acceptable use policy document
Since each port on a switch is essentially its own collision domain, what results when switch ports from different switches are grouped together?
all of these are correct
11. An RFID label on a box is an example of what type of physical security detection method? a. motion detection technology b. video surveillance via CCTV c. tamper detection d. asset tracking tagging
asset tracking tagging
An RFID label on a box is an example of what type of physical security detection method?
asset tracking tagging
25. A network with 10 bits remaining for the host portion will have how many usable host addresses?
b. 1022
12. An IP address of 192.168.18.73/28 has what network ID?
b. 192.168.18.64
20. What IEEE standard specifies how VLAN information appears in frames and how switches interpret that information?
b. 802.1Q
4. Which of the following suggestions can help prevent VLAN hopping attacks on a network?
b. Disable auto trunking and move native VLANs to unused VLANs.
16. With VTP, where is the VLAN database stored?
b. On the switch that is known as the stack master.
22. If the EUI-64 standard is used, what part of an IPv6 address is affected?
b. The last four blocks of the address.
14. In an IPv6 address, what do the first four blocks or 64 bits of the address represent?
b. The site prefix or global routing prefix.
2. When dealing with a Cisco switch, what is NOT one of the pre-established VLANs?
b. VLAN 1001
9. You are working on a Cisco switch and need to learn what VLANs exist on the switch. Which command will list the current VLANs recognized by the switch?
b. show vlan
What is NOT one of the ways in which networks are commonly segmented?
by device manufacturer
24. A subnet of 255.255.248.0 can be represented by what CIDR notation?
c. /21
3. On a Cisco switch, what would the security association identifier be for VLAN 13?
c. 100013
15. By default, when using classful addressing, how many bits exist in the host portion of a Class A address?
c. 24
8. When an 802.1Q tag is added to an Ethernet frame, where is it placed?
c. It is inserted between the source address and the Ethernet type field.
11. Subtracting an interesting octet value from 256 yields what number?
c. magic number
16. What type of door access control is a physical or electronic lock that requires a code in order to open the door? a. key fob lock b. cipher lock c. biometric lock d. encrypted lock
cipher lock
What type of door access control is a physical or electronic lock that requires a code in order to open the door?
cipher lock
21. What is the maximum number of host IP addresses that can exist in a Class B network?
d. 65,534
10. When using IPv6, what would a /64 network likely be assigned to?
d. A smaller organization or business.
19. Which of the following statements regarding IPv6 subnetting is NOT accurate?
d. The largest IPv6 subnet capable of being created is a /64.
23. On certain Cisco products, what command can be used to create and send helper messages that support several types of UDP traffic, including DHCP, TFTP, DNS, and TACACS+?
d. ip helper-address
13. What command will set the native VLAN on a Juniper switch port?
d. set native-vlan-id
15. What type of an attack forces clients off a wireless network, creating a form of Wi-Fi DoS? a. deauthentication attack b. channel hopping attack c. man-in-the-middle attack d. ARP poisoning attack
deauthentication attack
What type of DoS attack forces client off of a wireless networking, creating a form of WiFi DoS?
deauthentication attack
3. Utilized by China's so-called "Great Firewall", what type of attack can prevent user access to web pages, or even redirect them to illegitimate web pages? a. MAC address spoofing b. denial-of-service attack c. DNS poisoning d. rogue DHCP server
denial-of-service attack
All that is needed to provide communication between two VLANs is a DHCP relay agent.
false
In classful addressing, the Class B IPv4 address network ID is located in the ____.
first 16 bits
If multiple honeypots are connected to form a larger network, what term is used to describe the network?
honeynet
10. A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what type of malware? a. encrypted virus b. logic bomb c. boot sector virus d. worm
logic bomb
A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what type of malware?
logic bomb
9. An attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack? a. buffer overflow b. session hijacking attack c. man-in-the-middle attack d. banner-grabbing attack
man-in-the-middle attack
An attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack?
man-in-the-middle attack
14. What penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes? a. Nessus b. metasploit c. nmap d. Sub7
metasploit
What penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes?
metasploit
7. VMware's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software? a. mobile device management software b. software defined network software c. virtual device management software d. cloud network management software
mobile device management software
VMWare's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software?
mobile device management software
The concept of giving employees and contractors only enough access and privileges to do their jobs is known by what term?
principal of least privilege
18. The concept of giving employees and contractors only enough access and privileges to do their jobs is known by what term? a. least-risk privilege profile b. principle of least privilege c. minimal access/minimal exposure d. limited liability access
principle of least privilege
6. What document addresses the specific concerns related to special access given to administrators and certain support staff? a. non-disclosure agreement b. acceptable use policy c. password policy d. privileged user agreement
privileged user agreement
22. If someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking place? a. phishing b. baiting c. quid pro quo d. tailgating
quid pro quo
If someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking place?
quid pro quo
In an IPv6 address, the first 64 bits of the address are known as what?
routing prefix
21. On a Linux based system, what command can you use to create a hash of a file using SHA-256? a. sha1sum b. md5sum c. sha256sum d. shasum -a 256
sha256sum
On a Linux based system, what command can you use to create a hash of a file using SHA-256?
sha256sum
25. A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this? a. phishing b. baiting c. quid pro quo d. tailgating
tailgating
A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this?
tailgating
Subnet masks are NOT used in IPv6 addressing.
true
1. An interface that manages traffic from multiple VLANs is known by what term?
trunk port
An interface that manages traffic from multiple VLANs is known by what term?
trunk port