cyber 5, cyber 6, Chapter 7

¡Supera tus tareas y exámenes ahora con Quizwiz!

A salesperson in your organization spent most of her time traveling between customers sites. After a customer visit, she must complete various managerial tasks, such as updating your organizations order database. Which key step should you take when implementing this configurations? select two

Configure the VPN connection to us IPsec Configure the browser to sent HTTPS requests through the VPN connection

Which of the following is the best protection to prevent attacks on mobile phones through the Bluetooth protocol?

Disable Bluetooth on the phone

As a victim of a Smurf attack, what protection measure is the most effective during the attack?

Communicate with your upstream provider

In a NAP system, what is the function of the System Health Validator?

Compare the statement of health submitted by the clients to the health requirements

You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of NAT should you implement?

Dynamic

Which IPsec subprotocol provides data encryptions?

ESP

Which step is required to configure a NAP on a Remote Desktop gateway server?

Edit the properties for the server and select "Requests clients to send a statement of health"

In addition to Authentication Header (AH), IPsec is comprised of what other service?

Encapsulating Security Payload (ESP)

Which of the following features are supplied by a WPA2 on a wireless network?

Encryption

You are investigating the use of Web site and URL content filtering to prevent users from visiting certain Web sites. Which benefits are the result of implementing this technology in your organization?

Enforcement of the organization's Internet usage policy. An increase in bandwidth availability.

What is the goal of a TCP/IP hijacking attack?

Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access

Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?

Extranet

Which of the following is likely to be located in a DMZ?

FTP server

Which of the following are characteristics of a circuit-level gateway?

Filters based on sessions and Stateful

Which of the following is the best device to deploy to protect your private network from a public untrusted network?

Firewall

Which of the following is NOT a benefit of NAT?

Improving the throughput rate of traffic

Which of the following is the most effective protection against IP packet spoofing on a private network?

Ingress and egress filters

You would like to control Internet access based on users, time of day, and Web sites visited. How can you do this?

Install a proxy server. Allow Internet access only though the proxy server.

PPTP is quickly becoming obsolete because of what VPN protocol?

L2TP

Which VPN protocol typically employs IPSec as its data encryption mechanism?

L2TP

A SYN packet has been received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?

Land attack

When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what?

Land attack

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?

Man-in-the-middle attack

Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. What solution would you choose?

NAC

Which of the following network devices or services prevent the use of IPsec in most cases?

NAT

Your organization's security policy requires you to restrict access to allow only clients to have their firewall enabled. Which of the following is a collection of components that would allow you to meet this requirement?

Network access protection

You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration allowing you to centrally manage the scan settings. Which solution should you use?

Network based firewall

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?

Network based firewall.

Which type of active scan turns off all flags in a TCP header?

Null

Which of the following are true of a circuit proxy filter firewall?

Operates at the Session Layer AND Verifies sequencing of session packets

Which of the following is a firewall function?

Packet filtering

Which type of activity changes or falsifies information in order to mislead or re-direct traffic?

Spoofing

Which of the following are characteristics of a packet filtering firewall?

Stateless and Filters IP address and port

Which of the following is the main difference between a DoS attack and a DDoS attack?

The DDoS attack uses zombie computers

Which statement best describes IPsec when used in tunnel mode?

The entire data packet, including headers is encapsulated.

You have a company network with a single switch. All devices connect to the network through the switch. Which of the following components will be part of your solution?

802.1x authentication and Remedian servers

Which of the following is the best countermeasure against man-in-the-middle attacks?

IPSec

Which of the following are denial of service attacks?

Smurf and Fraggle

What is modified in the most common form of spoofing on a typical IP packet?

Source address

Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks?

Bastion or sacrificial host

Which of the following are functions of gateway email spam blockers?

Blocks email from specific senders AND filters messages containing specific content

Which of the following sends unsolicited business cards and messages to a Bluetooth device?

Bluejacking

An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing?

Browsing the organization's website

A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internetfacing interface. This is an example of what form of attack?

Spoofing

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?

Circuit-level

You are the office manager of a small financial credit business. Your company handles personal, financial information for clients seeking small loans over the Internet. You are aware of your obligation to secure clients records, but budget is an issue. Which item would provide the best security for this situation?

All-in-one security appliance

When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?

An unauthorized user gaining access to sensitive resources

How does the IPsec NAP enforcement differ from other NAP enforcement methods?

Clients must be issued a valid certificate before a connection to the private network is allowed

When designing a firewall, what is the recommended approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ

Which of the following in NOT one of the ranges of IP addresses define in RFC 1918 that are commonly used behind a NAT server?

169.254.0.0-169.254.255.255

Which of the following specifications identify security that can be added to wireless networks?

802.11i 802.11x

WiMAX is an implementation of which IEEE Committee?

802.16

Which of the following describes a man-in-the-middle attack?

A false server intercepts communications from a client by impersonating the intended server.

A SYN attack or SYN flood exploits or alters which element of the TCP three-way handshake?

ACK

Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?

ACL

Which of the following are typically used fro encrypting data on a wireless network?

AES TKIP

You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be a part of your design? (select two)

AES encryption 802.1x

Which of the following attacks tries to associate an incorrect MAC address with a known IP address?

ARP poisoning

Which of the following best describes the ping of death?

An ICMP packet that is larger than 65,536 bytes

Which of the following describes how access lists can be used to improve network security?

An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

Which of the following firewall types can be a proxy between servers and clients?

Application layer firewall AND Circuit proxy filtering firewall

You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application level

Application Aware Networking Devices

Application-aware proxy -Improves application performance Application-aware firewall -Enforces security rules based on the application that is generating network traffic instead of the traditional port and protocol Application-aware IDS -Analyzes network packets to detect malicious payloads targeted at application layer services

What are the most common network traffic packets captured and used in a replay attack

Authentication

You need to configure the wireless network card to connect to your network at work. The connection should use a user name and password for authentication with AES encryption. What should you do?

Configure the connection to use WPA2 Enterprise

You want to connect a laptop computer running Windows 7 to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do?

Configure the connection with a preshared key and AES encryption.

Which of the following prevents access based on website ratings and classifications?

Content filter

Which of the following is not a protection against session hijacking?

DHCP reservations

Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted internet?

DMZ

While using the Internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address of the Web server, the correct site is displayed. Which type of attack has likely occurred?

DNS poisoning

Which attack form either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?

Denial of service attack

When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack has occurred?

Hijacking

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. What solution should you use?

Host based firewall

An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario?

Pharming and DNS poisoning

Which of the following denial of service (DoS) attacks uses ICMP packets and is only successful if the victim has less bandwidth than the attacker?

Ping flood

You have used firewalls to create a demilitarized zone. How should you place devices on the network to best protect the servers?

Put the web server inside the DMZ and put the database server on the private network

You are implementing security at a local high school that is concerned with students accessing inappropriate material on the Internet from the library's computers. The students will use the computers to search the Internet for research paper content. The school budget is limited. Which content filtering option would you choose?

Restrict content based on content categories

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?

Rogue Access Point

Which of the following is used on a wireless network to identify the network name?

SSID

Which of the following is a form of DoS attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Smurf

You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers?

Static

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.138.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal website. What should you use to allow access?

Static NAT

A VPN is used primarily for what purpose?

Support secured communications over an untrusted network.

What is the primary use of tunneling?

Supporting private traffic through a public communication medium

What encryption method is used by WPA for wireless networks?

TKIP

You have a small wireless network that uses multiple access points. The network currently uses WPA. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop?

TKIP encryption Preshared key

In which of the following DoS attacks does the victim's system rebuild invalid UDP packets, causing the system to crash or reboot?

Teardrop

You suspect that an Xmas tree attack is occurring on a system. Which of the following could result if you do not stop the attack?

The system will unavailable to respond to legitimate requests and the threat agent will obtain information about open ports on the system

Which of the following is a valid security measure to protect email from viruses?

Use blockers on email gateways

You have a company that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to internet users. Which solution should you use?

Use firewalls to create a DMZ. Place a web server inside the DMZ and a private network behind the DMZ

Which is the best countermeasure for someone attempting to view your network traffic?

VPN

You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?

VPN concentrator

Which of the following best describes Bluesnarfing?

Viewing calendar, emails, and messages on a mobile device without authorization

Which of the following offers the weakest form of encryption for an 802.11 wireless network?

WEP

Match the wireless networking security standard with its associated characteristics

WEP = Short initialization vector makes key vulnerable WPA2 = Uses AES for encryption WEP = Uses RC4 for encryption WPA = Uses TKIP for encryption WPA2 = Uses CBC-MAC for data integrity WPA2 = Uses CCMP for key rotation

Which of the following wireless security methods uses common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, and WPA2 Personal

Which of the following are true about Wi-Fi Protected Access 2 (WPA2)? (Select two)

WPA2 uses AES for encryption and CBC-MAC for data integrity Upgrading from a network using WEP typically requires installing new hardware.

Web Protection Methods

Web threat filtering -Prevents users from visiting malicious websites Anti-phishing software -Prevents outside attempts to access confidential information Virus blockers -Identifies and disposes of infected content Gateway email spam blockers -Prevents unwanted email from reaching your network URL content filtering -Prevents users from visiting restricted websites

In which of the following situations would you most likely implement a DMZ?

You want to protect a public web server from attack.

You need to enumerate the devices on your network and display the network's configuration details. Which of the following utilities should you use?

nmap


Conjuntos de estudio relacionados

Testing & Measurement - Chapters 9, 10, 13

View Set

Module 25. Forgetting, Memory Construction, and Improving Memory

View Set

C.6 The Nitrogen and Phosphorus Cycles

View Set

iCEV Fundamental Animal Microgenetics

View Set

Exploring the Oracle Database Architecture

View Set

CH14: Principles of Disease and Epidemiology Practice Test

View Set

PrepU: Chapter 11: Maternal Adaptation During Pregnancy

View Set