CYBR2.TestOut Chap 5 MC Style Review (601) (39)
Select the wireless networking security standard for the characteristics listed below: -Short initialization vector makes key vulnerable. A.)WEP B.)WPA2 C.)WPA
A
Which of the following denial of service (DoS) attacks uses ICMP packets and is only successful if the victim has less bandwidth than the attacker? A.)Ping flood B.)Ping of death C.)LAND D.)Fragmentation
A
Which of the best countermeasure for someone attempting to view your network traffic? A.)Firewall B.)VPN C.)Access lists D.)IPS E.)Antivirus software
B
Which type of activity changes or falsifies information in order to mislead or re-direct traffic? A.)Snooping B.)Spoofing C.)Spamming D.)Sniffing
B
Select the wireless networking security standard for the characteristics listed below: -Uses TKIP for encryption. A.)WEP B.)WPA2 C.)WPA
C
Which VPN protocol typically employs IPsec as its data encryption mechanism? A.)L2F B.)PPP C.)PPTP D.)L2TP
D
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped? A.)IPsec B.)PPP C.)VNC D.)ACL E.)RDP
D
You want to install a firewall that can reject packets that are part of an active session. Which type of firewall should you use? A.)Packet filtering B.)VPN concentrator C.)Application level D.)Circuit-level
D
Which encryption method is used by WPA for wireless networks? A.)802.1x B.)AES C.)IPsec D.)WEP E.)TKIP
E
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attacker? A.)Land attack B.)Teardrop attack C.)SYN flood D.)Ping of death
A
A group of salesman would like to access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should implement? A.)VPN concentrator B.)Radius C.)IDS D.)DMZ E.)IPS
A
Capturing packets as they travel from one host to another with the intent of altering the contents of the form of which attack type? A.)Man-in-the-middle attack B.)DDoS C.)Spamming D.)Passive logging
A
Choose the application-aware network device for the description listed below: -Improves application proxy A.)Application-aware proxy B.)Application-aware firewall C.)Application-aware IDS
A
Of the following security security zones, which one can serve as a buffer network a private secured network and the untrusted internet? A.)DMZ B.)Padded cell C.)Extranet D.)Intranet
A
PPTP (Point-to-Point Tunneling Protocol) is quickly becoming obsolete of which VPN protocol? A.)L2TP (Layer 2 Tunneling Protocol) B.)SLIP (Serial Line Interface Protocol) C.)TACACS (Terminal Access Controller Access Control System) D.)L2F (Layer 2 Forwarding Protocol)
A
Select the web threat protection for the following definition: -Prevents users from visiting malicious websites A.)Web threat filtering B.)Anti-phishing software C.)Virus blockers D.)Gateway email spam blockers E.)URL content filtering
A
Select the wireless networking security standard for the characteristics listed below: -Uses RC4 for encryption. A.)WEP B.)WPA2 C.)WPA
A
What is the primary use of tunneling? A.)Supporting private traffic through a public communication medium B.)Improving communication throughput C.)Deploying thin client on a network D.)Protecting passwords
A
Which of the following attacks tries to associate an incorrect MAC address with a known IP address? A.)ARP poisoning B.)Hijacking C.)Null session D.)MAC flooding
A
Which of the following describes a man-in-the-middle attack? A.)A false server intercepts communications from a client by impersonating the intended server. B.)An IP packet is constructed that is larger than the valid size. C.)Malicious code is planted on a system, where it waits for a triggering event before activating. D.)A person convinces an employee to reveal their login credentials over the phone.
A
Which of the following is a firewall functions? A.)Packet filtering B.)FTP hosting C.)Encryption D.)Protocol conversation E.)Frame filtering
A
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network? A.)Smurf B.)Session hijacking C.)Fingerprinting D.)Fraggle
A
Which of the following is likely to be located in a DMZ. A.)FTP server B.)User workstation C.)Backup server D.)Domain controller
A
Which of the following is not a protection against session hijacking? A.)DHCP reservations B.)Anti-IP spoofing C.)Time stamps D.)Packet sequencing
A
Which of the following is the best countermeasure against man-in-the-middle attacks? A.)IPsec B.)UDP C.)PPP D.)MIME email
A
Which of the following networking devices or services prevents the use of IPsec in most cases? A.)NAT B.)Switch C.)Router D.)Firewall
A
Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients? A.)WEP, WPA Personal, and WPA2 Personal B.)WPA Personal and WPA2 Enterprise C.)WPA Enterprise and WPA2 Enterprise D.)WEP, WPA Personal, WPA Enterprise, WPA2 Personal, and WPA2 Enterprise
A
Which steps is required to configure a NAP on a Remote Desktop (RD) gateway server? A.)Edit the properties for the server and select Request clients to send a statement of health B.)Configure the server to issue a valid statement of health certificate C.)On the 802.1x switch, define the Remote Desktop (RD) gateway server as a complaint network VLAN D.)Configure the enforcement point as a RADIUS client to the NAP server
A
While using the internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address if the web server, the correct site is displayed. Which type of attack has likely occurred? A.)DNS poisoning B.)Hijacking C.)Man-in-the-middle D.)Spoofing
A
You are implementing security at a local high school that is concerned with students accessing inappropriate material on the internet from the library's computers. The students will use the computers to search the internet for research paper content. The school budget is limited. Which content filtering option would you choose? A.)Restrict content based on content categories B.)Block all content except for content you have identified as permitted C.)Allow all content except for the content you have identified as restricted D.)Block specific DNS domain names
A
You are the network administrator for a small company that implements NAT to access the internet. How, you recently acquired five servers that must be accessible from outside your network. Your ISP has provided you with five additional registered IP addresses to support these new servers, but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these servers? A.)Static B.)Overloading C.)Dynamic D.)Restricted
A
You need to configure the wireless network card to connect to your network at work. The connection should use a user name password for authentication with AES encryption. What should you do? A.)Configure the connection to use WPA2-Enterprise. B.)Configure the connection to use WPA2-Personal. C.)Configure the connection to use WPA-Personal. D.)Configure the connection to use WPA-Enterprise.
A
You want to connect your small company network to the internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of network address translation (NAT) should you implement? A.)Dynamic B.)Restricted C.)Static D.)Shared
A
Your company has a connection to the internet that allows users to access the internet. You also have a web server and an email server that you want to make available to internet users. You want to create ti create a DMZ for these two servers. Which type of device should you use to create the DMZ? A.)Network-based firewall B.)IPS C.)VPN concentrator D.)Host-based firewall D.)IDS
A
An attacker uses an exploit to push a modified hosts to client systems. This hosts file redirects traffic form legitimate tax preparation site to gather personal and financial information. What kind of exploit has been used in this scenario? (Select two.) A.)DNS poisoning B.)Pharming C.)Domain name kitting D.)Man-in-the-middle E.)Reconnaissance
A and B
Which of the following are characteristics of a circuit-level gateway? (Select two.) A.)Stateful B.)Filters based on sessions C.)Filters based on URL D.)Filters IP address and port E.)Stateless
A and B
Which of the following are true of a circuit proxy filter firewall? (Select two.) A.)Operates at the Session layer. B.)Verifies sequencing of session packets. C.)Operates at ring ) of the operating system. D.)Operates at the Application layer. E.)Examines the entire message contents. F.)Operates at the Network and Transport layers.
A and B
Which of the following specifications identify security that can be added to wireless networks? (Select two.) A.)802.11i B.)802.1x C.)802.2 D.)802.3 E.)802.5 F.)802.11a
A and B
You have a company network with a single switch. All device connect to the network through the switch. You want to control which devices are able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.) A.)802.1x authentication B.)Remediation servers C.)Honeypot D.)Extranet E.)DMZ
A and B
A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial task, such as updating your organization's order database. Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.) A.)Configure the VPN connection to use IPsec B.)Configure the VPN connection to use MS-CHAPv2 C.)Configure the browser to send HTTPS requests through the VPN connection D.)Configure the browser to send HTTPS requests directly to the Wi-Fi network without going through the VPN connection E.)Configure the VPN connection to use PPTP
A and C
You are investigating the use of website and URL content filtering to prevent users from visiting certain websites. Which benefit are the result implementing this technology in your organization? (Choose two.) A.)An increase in bandwidth availability B.)Prevention of phishing attempts C.)Enforcement of the organization's internet usage policy D.)Prevention of emails containing threats E.)Identification and disposal of infected content
A and C
Which of the following are characteristics of a packet filtering firewall? (Select two.) A.)Stateless B.)Filters based on sessions C.)Stateful D.)Filters based on URL E.)Filters IP address and port
A and E
You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implement within each building. The buildings are 100 meters apart. What type of wireless antennae should you use on each side of the link? (Select two.) A.)Parabolic B.)Directional C.)Normal-gain D.)Omnidirectional E.)High-gain
A and E
Choose the application-aware network device for the description listed below: -Enforces security rules based on the application that is generating network traffic instead of the traditional port and protocol A.)Application-aware proxy B.)Application-aware firewall C.)Application-aware IDS
B
In which of the following denial of service (DoS) attacks does the victim's system rebuild invalid UDP packets, causing the system to crash or reboot? A.)Banana B.)Teardrop C.)Deauth D.)NACK
B
In which of the following situations would you most likely implement a demilitarized zone (DMZ)? A.)You want to detect and respond to attacks in a real time. B.)You want to protect a public web server from attack. C.)You want internet users to a see a single IP address when accessing your company network. D.)You want to encrypt data sent between two hosts using the internet.
B
Select the web threat protection for the following definition: -Prevents outside attempts to access confidential information A.)Web threat filtering B.)Anti-phishing software C.)Virus blockers D.)Gateway email spam blockers E.)URL content filtering
B
Select the wireless networking security standard for the characteristics listed below: -Uses AES for encryption. A.)WEP B.)WPA2 C.)WPA
B
When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what? A.)Fraggle attack B.)Land attack C.)Analytic attack D.)Impersonation
B
When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about? A.)Bandwidth consumption B.)An unauthorized user gaining access to sensitive resources C.)Denial of service D.)Spam
B
When designing a firewall, what is the recommended approach for opening and closing ports? A.)Close all ports; open ports 20, 21, 53, 80, and 443. B.)Close all ports; open only ports required by applications inside the DMZ. C.)Open all ports; close ports that expose common network attacks. D.)Close all ports. E.)Open all ports; close ports that show improper traffic or attacks in progress.
B
Which of the following best describes the ping of death? A.)Sending multiple spoofed ICMP packets to the victim B.)An ICMP packet that is larger than 65,536 bytes C.)Partial IP packets with overlapping sequencing numbers D.)Redirecting echo responses from an ICMP communication
B
Which of the following describes how access lists can be used to improve network security? A.)An access list identifies traffic that must use authentication or encryption. B.)An access list filters based on the IP header information such as a source or destination IP address, protocol, or socket numbers. C.)An access list filters traffic based on the frame header such as source or destination MAC address. D.)An access list looks for patterns of traffic between multiple packets and takes action to stop detected attacks.
B
Which of the following is a privately controlled portion of a network that is accessible to some specific external entities? A.)Internet B.)Extranet C.)Intranet D.)MAN
B
Which of the following is a valid security measure to protect email from viruses? A.)Use PGP to sign outbound email B.)Use blockers on email gateways C.)Limit attachment size to a maximum of 1MB D.)Use reverse DNS lookup
B
Which statement best describes IPsec when used in tunnel mode? A.)Packets are routed using the original headers, and only the payload is encrypted B.)The entire data packet, including headers, is encapsulated C.)IPsec in tunnel mode may not be used for WAN traffic D.)The identities of the communicating parties are not protected
B
Which type of active scan turns off all flags in a TCP header? A.)Christmas tree B.)Null C.)FIN D.)Stealth
B
You have been give a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use? A.)Proxy server B.)Host based firewall C.)VPN concentrator D.)Network based firewall
B
You would like to control Internet access based on users, time of day, and websites visited. How can you do this? A.)Enable Windows firewall on each system. Add or remove exceptions to control access. B.)Install a proxy server. Allow Internet access only through the proxy server. C.)Configure Internet zones using the Internet Options. D.)Configure the Local Security Policy of each system to add Internet restrictions. E.)Configure a packet-filtering firewall. Add rules to allow or deny Internet access.
B
You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.) A.)Put the database server inside the DMZ. B.)Put the database server on the private network. C.)Put the web server inside the DMZ. D.)Put the web server on the private network.
B and C
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of you design? (Select two.) A.)TKIP encryption B.)AES encryption C.)802.1x D.)Preshared keys E.)WEP encryption F.)Open authentication
B and C
You suspect that an Xmas tree attack is occurring on a system. Which of the following could result if you do not stop the attack? (Select two.) A.)The system will send packets directed with spoofed sources addresses. B.)The system will be unavailable to respond to legitimate requests. C.)The threat agent will obtain information about open ports on the system. D.)The system will become a zombie.
B and C
Which of the following are denial of service attacks? (Select two.) A.)Hijacking B.)Smurf C.)Salami D.)Fraggle
B and D
Which of the following are functions of gateway email spam blockers (Select Two.) A.)Blocks users from visiting websites with malicious content B.)Filters messages containing specific content C.)Helps enforce an organization's internet usage policy D.)Blocks email from specific senders E.)Blocks phishing attempts, which try to access confidential information
B and D
A SYN attack or SYN flood exploits or alters which element of the TCP three-way handshake? A.)SYN/ACK B.)SYN C.)ACK D.)FIN or RES
C
A VPN is primarily used for what purpose? A.)Support the distribution of public web documents B.)Allow the use of network-attached printers. C.)Support secured communications over an untrusted network D.)Allow remote systems to save on long-distance charges
C
As the victim of a Smurf attack, What protection measure is the most effective during the attack? A.)Block all attack vectors with firewall filters B.)Update your anti-virus software C.)Communicate with your upstream provider D.)Turn off the connections to the IPS
C
Choose the application-aware network device for the description listed below: -Analyzes network packets to detect malicious payloads targeted at application-layer services A.)Application-aware proxy B.)Application-aware firewall C.)Application-aware IDS
C
How does IPsec NAP enforcement differ from other NAP enforcement methods? A.)A connection request policy is created on the NAP server that uses PEAP and enables quarantine checks. B.)DHCP options are used to deliver IP configuration values to non-complaint computers. C.)Clients must be issued a valid certificate before a connection to the private network is allowed. D.)IP filters are defined in network access policies to limit resource access for non-complaint computers
C
Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches are installed. Which solution should you use? A.)DMZ B.)NAT C.)NAC D.)NIDS E.)VLAN
C
Select the web threat protection for the following definition: -Identifies and disposes of infected content A.)Web threat filtering B.)Anti-phishing software C.)Virus blockers D.)Gateway email spam blockers E.)URL content filtering
C
What is modified in the most common form of spoofing on a typical IP packet? A.)Hash total B.)Protocol type field value C.)Source address D.)Destination address
C
When the TCP/IP session stat is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack occurred? A.)Replay B.)Spamming C.)Hijacking D.)Masquerading
C
Which attack form wither exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring? A.)Man-in-the-middle attack B.)Privilege escalation C.)Denial of service attack D.)Brute force attack
C
Which of the following features are supplied by WPA2 on a wireless network? A.)Centralized access point for clients B.)Network identification C.)Encryption D.)Client connection refusal based on MAC address E.)Traffic filtering based on packet characteristics
C
Which of the following is not one of the IP address ranges defined in RFC 1918 that are commonly used behind a NAT server? A.)172.16.0.0-172.31.255.255 B.)10.0.0.0-10.255.255.255 C.)169.254.0.0-169.254.255.255 D.)192.168.0.0-192.168.255.255
C
Which of the following is the most effective protection against IP packet spoofing on a private network? A.)Host-based IDS B.)Antivirus scanners C.)Ingress and egress filters D.)Digital signtures
C
Which of the following offers the weakest form of encryption for an 802.11 wireless network? A.)WPA2 B.)WPA C.)WEP D.)WAP
C
You are the office manager of a small financial credit business. Your company handles personal financial information for clients seeking small loans over the internet. You are aware of your obligation to secure clients records. Budgets is an issue your company. Which items would provide the best security for this situation? A.)Proxy server with access controls B.)Network Access Control system C.)All-in-one security appliance D.)Firewall on your gateway servers to the Internet
C
You provide internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install? A.)Circuit-level B.)IPS C.)Application level D.)Packet filtering
C
Which of the following are features of an application-level gateway? (Select two.) A.)Uses access control lists. B.)Allow only valid packets within approved sessions. C.)The entire messages are reassembled. D.)Verifies that packets are properly sequenced. E.)Stops each packet at the firewall and inspects it.
C and E
A router on the border of your network detects a packet with a source address that is from an internal client, but the packet was received on the internet-facing interface. This is an example of what form of attack? A.)Snooping B.)Spamming C.)Sniffing D.)Spoofing
D
In a NAP system, what is the function of the System Health Validator? A.)Provide the resources necessary to help non-complaint clients become complaint B.)Prevent users from the disabling NAP on the client computer C.)Generate a statement of health (SoH) that reports the client configuration for health requirements D.)Compare the statement of health submitted by the client to the health requirements
D
In addition to Authentication Header (AH), IPsec is comprised of what other service? A.)Advanced Encryption Standard (AES) B.)Extended Authentication Protocol (EAP) C.)Encryption File System (EFS) D.)Encapsulating Security Payload (ESP)
D
Select the web threat protection for the following definition: -Prevents unwanted email from reaching your your network A.)Web threat filtering B.)Anti-phishing software C.)Virus blockers D.)Gateway email spam blockers E.)URL content filtering
D
What are the most common network network traffic packets captured and used in a replay attack? A.)DNS query B.)Session termination C.)File transfer D.)Authentication
D
What is the goal of a TCP/IP hijacking attack? A.)Preventing legitimate authorized access to a resource. B.)Destroying data. C.)Establishing an encryption tunnel between two remote systems over an otherwise secured network. D.)Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access.
D
Which IPsec subprotocol data encryption? A.)AES B.)SSL C.)AH D.)ESP
D
Which of the following is not a benefit of NAT? A.)Using fewer public IP addresses B.)Hiding the network infrastructure from external entities C.)Preventing traffic initiations from outside the private network D.)Improving the throughput rate of traffic
D
Which of the following is the best device to deploy to protect your private network from a public untrusted network? A.)Hub B.)Gateway C.)Router D.)Firewall
D
Which of the following is the main difference between a DoS attack and a DDoS attack? A.)The DDoS attack does not respond to SYN ACK packets in the three-way handshake process. B.)The DDoS attack spoofs the source IP address C.)The DDoS attack uses an amplification network. D.)The DDoS attack uses zombie computers.
D
Which of the following prevents access based on website ratings and classifications? A.)Packet-filtering B.)DMZ C.)NIDS D.)Content filter
D
Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks? A.)Multi-homed B.)Circuit proxy C.)Kernel proxy D.)Bastion or sacrificial host
D
You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to internet users. Which solution should you use? A.)Use a single firewall. Put the web server in front of the firewall and the private network behind the firewall. B.)Use a single firewall. Put the web server and the private network behind the firewall. C.)Use firewalls to create a DMZ. Place the web server and the private network inside the DMZ. D.)Use firewalls to create a DMZ. Place the web server inside the DMZ and the private network behind the DMZ.
D
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is that is shared by all hosts on your private network> You want to configure the server as a web server and allow internet hosts to contract the server to browse a personal website. What should you use to allow access? A.)DNS A record B.)Dynamic NAT C.)Multicast D.)Static NAT E.)DNS CNAME record
D
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part your security plan, you would like to implement scanning of e-mail for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use? A.)SMTP B.)DMZ C.)Host based firewall D.)Network based firewall
D
You need to enumerate the devices on your network and display the network's configuration details. Which of the following utilities should you use? A.)nslookup B.)samspade C.)neotrace D.)nmap
D
Your organization's security policy requires you to restrict network access to allow only clients that have their firewall enabled. Which of the following is a collection of components that would allow you to meet this requirement? A.)IPsec enforcement B.)System health validator C.)802.1x authentication D.)Network access protection
D
An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing? A.)Social engineering B.)War diving C.)War dialing D.)Scanning ports E.)Browsing the organization's website
E
Select the web threat protection for the following definition: -Prevents users from visiting restricted websites A.)Web threat filtering B.)Anti-phishing software C.)Virus blockers D.)Gateway email spam blockers E.)URL content filtering
E.)