Chapter 16 - check you understanding

What does the term vulnerability mean?

a weakness that makes a target susceptible to an attack

Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?

environmental

Which component is designed to protect against unauthorized communications to and from a computer?

firewall

For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?

firewall settings

What type of attack may involve the use of tools such as nslookup and fping?

reconnaissance attack

A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection?

remote access to a switch where data is encrypted during the session.

Which backup policy consideration is concerned with using strong passwords to protect the backups and for restoring data?

security

Which device is used by other network devices to authenticate and authorize management access?

AAA server

This zone is used to house servers that should be accessible to outside users.

DMZ

Which type of network threat is intended to prevent authorized users from accessing resources?

DoS attacks

Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?

RouterA(config)#login block-for 30 attempts 2 within 10

Which is appropriate for providing endpoint security?

antivirus software

Which three services are provided by the AAA framework? (Choose three.)

authentication, authorization, and accounting

What is the objective of a network reconnaissance attack?

discovering and mapping of systems

Which benefit does SSH offer over Telnet for remotely managing a router?

encryption

Which device controls traffic between two or more networks to help prevent unauthorized access?

firewall

What is one of the most effective security tools available for protecting users from external threats?

firewalls

What is the purpose of the network security accounting function?

to keep track of the actions of user

What three configuration steps must be performed to implement SSH access to a router? (Choose three.)

user account a unique hostname an Ip domain name

Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked?

worm