partb
What type of diagram shows a graphical representation of a network's wired infrastructure?
Wiring diagram
Which off-boarding policy can protect proprietary corporate information if a smartphone is lost?
Remote wipe
You've just completed a survey of the wireless signals traversing the airspace in your company's vicinity, and you've found an unauthorized AP with a very strong signal near the middle of the 100-acre campus. Its SSID is broadcasting the name of a smartphone model. What kind of threat do you need to report to your boss?
Rogue AP
Which power device prevents a critical server from losing power, even for an instant?
UPS
Any traffic that is not explicitly permitted in the ACL is __, which is called the ____.
denied, implicit deny rule
What causes MOST firewall failures?
Misconfiguration
What command requests the next record in an SNMP log?
SNMP Get Next
Which of the following is considered a secure protocol?
SSH
Which data link layer flow control method offers the most efficient frame transmission when sending large volumes of data?
Selective repeat sliding window
What does a client present to a network server to access a resource on that server?
Ticket
Your roommate has been hogging the bandwidth on your router lately. What feature should you configure on the router to limit the amount of bandwidth his computer can utilize at any one time?
Traffic shaping
When a vulnerability is exploited before the software developer has the opportunity to provide a solution for it or before the user applies the published solution is known as a ___ attack.
zero-day
Which firewall type can protect a home network from adult content not suitable for the family's children?
Application layer firewall
You just settled in for some study time at the local coffee shop, and you pause long enough to connect your smartphone to the Wi-Fi so you can listen to some music while you study. As you're about to sign in, you realize that you clicked on an SSID called "Free Coffee and Internet." What kind of security trap did you almost fall for?
Evil twin
When shopping for a new router, what does the MTBF tell you?
How long devices like this one will last on average until the next failure
What software allows you to define VMs and manage resource allocation and sharing among VMs on a host computer?
Hypervisor
Which one of the following wireless transmission types requires a clear LOS to function?
IR
What is the first step in improving network security?
Identify risks.
Why might you want to install two power supplies in a critical server?
If one power supply fails, the other can take over
As you're troubleshooting a dead zone in your office, which measurement will help you determine the edges of the dead zone?
RSSI
Which of the following devices are you likely to find in the MDF? Choose all that apply.
Routers, KVM Switch, Switches
Which form of SHA was developed by private designers?
SHA-3
You need to securely store handheld radios for your network technicians to take with them when they're troubleshooting problems around your campus network. What's the best way to store these radios so all your techs can get to them and so you can track who has the radios?
Smart locker
Which of the following features of a network connection between a switch and server is not improved by link aggregation?
Speed
What are the two main categories of UPSs? (Select 2)
Standby Online
Which type of switch connects all devices in a rack to the rest of the network?
ToR switch
While troubleshooting a recurring problem on your network, you want to examine the TCP messages being exchanged between a server and a client. Which tool should you use on the server?
Wireshark
What type of diagram shows a graphical representation of a network's wired infrastructure?
password manager
Which principle ensures auditing processes are managed by someone other than the employees whose activities are being audited?
separation of duties
The ability to insert code into a database field labeled "Name" is an example of a(n) ___.
vulnerability
You're setting up a home network for your neighbor, who is a music teacher. She has students visiting her home regularly for lessons and wants to provide Internet access for their parents while they're waiting on the children. However, she's concerned about keeping her own data private. What wireless feature can you configure on her AP to meet her requests? (Select all that apply.)
Guest network Wireless client isolation
You sent a coworker a .exe file to install an app on their computer. What information should you send your coworker so they can ensure the file has not been tampered with in transit?
Hash of the file
Which policy ensures messages are discarded when they don't match a specific firewall rule?
Implicit deny
Which device will let you determine all frequencies within a scanned range that are present in a specific environment, not just Wi-Fi?
Spectrum analyzer
A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this?
insider threat
Which log type would most likely be used first to investigate the cause of high numbers of dropped packets?
traffic log
Which 802.11 standard functions in both the 2.4-GHz and 5-GHz bands?
802.11ax
What was the first 802.11 standard to implement channel bonding?
802.11n
Which of the following criteria can a packet-filtering firewall not use to determine whether to accept or deny traffic?
Application data
Which of the following would be assigned an OID?
A switch's interface
What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack?
ARP performs no authentication.
Which access control technique is responsible for detection of an intruder who succeeds in accessing a network?
Accounting
Which of the following is not one of the AAA services provided by RADIUS and TACACS+?
Administration
Which log type is used to prove who did what and when?
Audit log
Which physical security device works through wireless transmission?
Badge reader
Which protocol replaced TKIP for WPA2?
CCMP
Which Carrier Sense technology is used on wireless networks to reduce collisions?
CSMA/CA
Which type of disaster recovery site contains all the equipment you would need to get up and running again after a disaster, and yet would require several weeks to implement?
Cold site
Which device would allow an attacker to make network clients use an illegitimate default gateway?
DHCP server
Which type of DoS attack orchestrates an attack bounced off uninfected computers?
DRDoS attack
What type of attack relies on spoofing?
Deauth attack
What field in an IPv4 packet is altered to prioritize video streaming traffic over web surfing traffic?
DiffServ
When repairing a coworker's computer, you find some illegal files. What should you do next?
Disconnect the computer from the network and leave it running.
A technician from your ISP has arrived to help you troubleshoot a weak WAN connection. To what location do you take them?
EF - Entrance Facility
Which function of WPA/WPA2 security ensures data cannot be read in transit?
Encryption
Which bandwidth management technique limits traffic specifically between a single sender and a single receiver?
Flow control
To exchange information, two antennas must be tuned to the same ____. (Select all that apply.)
Frequency, Channel
What feature of a site survey maps the Wi-Fi signals in your location?
Heat map
Which flow control method resends a lost frame along with all frames sent with it?
Go-back-n sliding window
Active Directory and 389 Directory Server are both compatible with which directory access protocol?
LDAP
What is the lowest layer of the OSI model at which wired and wireless transmissions share the same protocols?
Layer 3
Which device can manage traffic to multiple servers in a cluster so all servers qually share the traffic?
Load balancer
Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this?
Logic bomb
A transceiver was recently damaged by a lightning strike during a storm. How might you decide whether the ISP is responsible for replacing this device, or whether your company must foot the bill?
Look at whether the device is located on the ISP's side of the demarc)
What information does the switchport port-security command use to restrict access to a switch's interface?
MAC address
What kind of software can be used to secure employee-owned devices?
MDM
Which of the following is not defined by syslog?
Message security
With which network connection type does the VM obtain IP addressing information from its host?
NAT mode
A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project's team members. What type of document should they use?
NDA
Which security device relies on a TAP or port mirroring?
NIDS
Which power backup method will continually provide power to a server if the power goes out during a thunderstorm?
Online UPS
Which cloud management technique executes a series of tasks in a workflow?
Orchestration
If you're shopping for a rack switch, what component on the switch tells you it can be mounted to a rack?
Rack Ears
What addresses does an 802.11 frame contain that an 802.3 frame does not? (Select all that apply.)
Receiver address, Transmitter Address
Which of the following attack simulations detect vulnerabilities and attempt to exploit them? Choose two.
Red team-blue team exercise Pen testing
Which cloud service model gives software developers access to multiple platforms for testing code?
PaaS
You need to connect a new network printer to a nearby wall jack. What kind of cable should you use?
Patch Cable
Which of the following is not a phase in the social engineering attack cycle?
Penetrate
A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers to collect information from people who make the same typo. What kind of attack is this?
Phishing
Which of the following social engineering attack types most likely requires that the attacker have existing knowledge about the victim?
Phishing
What port do SNMP agents listen on?
Port 161
Which term best describes the act of actively searching for a computer's ports through the use of specialized software?
Port scanning
Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct to develop your recommendations for the upgrade priorities?
Posture assessment
You've decided to run an Nmap scan on your network. Which apps could you open to perform this task? Choose all that apply.
Power Shell, Zenmap, Command Prompt
Which assessment type would most likely discover a security risk related to employee on-boarding?
Process assessment
Which device can be used to increase network performance by caching websites?
Proxy server
Which two features on a switch or router are integrated into CoPP? Choose two
QoS ACLs
Which of the following defenses addresses a weakness of IPv6?
RA Guard
Which authentication protocol is optimized for wireless clients?
RADIUS
Which authorization method will allow Nancy, a custodian, to access the company's email application but not its accounting system?
RBAC
What information in a transmitted message might an IDS use to identify network threats?
Signature
Which of the following is not an example of biometric detection?
Smart Card
When a wireless signal encounters a large obstacle with wide, smooth surfaces, what happens to the signal?
The signal reflects, or bounces back, toward its source.
Who is responsible for the security of hardware on which a public cloud runs?
The cloud provider
A neighbor hacks into your secured wireless network on a regular basis, but you didn't give her the password) What loophole was most likely left open?
The default password was not changed)
One of your coworkers downloaded several, very large video files for a special project she's working on for a new client. When you run your network monitor later this afternoon, what list will your coworker's computer likely show up on?
Top listeners
Which of the following would an environmental monitoring system not track?
User authentication
What virtual, logically defined device operates primarily at the data link layer to ss frames between nodes?
Virtual switch
Which device converts signals from a campus's analog phone equipment into IP data that can travel over the Internet?
Voice Gateway
What is the primary difference between how WPA2-Personal and WPA2-Enterprise are implemented on a network?
WPA2-Enterprise requires a RADIUS authentication server.
Which backup site includes a running server that does not have access to the latest backups?
Warm site
What is the first step of inventory management?
What is the first step of inventory management?
Which of the following statements is true? Choose two.
When sending an email, the transmission is sensitive to loss and tolerant of delays. When streaming a movie, the transmission is sensitive to delays and tolerant of loss.
Which ACL rule will prevent pings from a host at 192.168.2.100?
Which ACL rule will prevent pings from a host at 192.168.2.100?
Which Wi-Fi encryption standard was designed to use AES encryption?
Which Wi-Fi encryption standard was designed to use AES encryption?
Which type of identifier allows wireless clients to roam freely from AP to AP?
Which type of identifier allows wireless clients to roam freely from AP to AP?
Which of the following wireless technologies does not use the 2.4 GHz band?
Z-wave
Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address?
access-list acl_2 permit https any any
All of the following are congestion control techniques help to prevent network congestion except?
bandwidth governance policy
Although they might engage in illegal activity, the intent of a __ is to educate and assist.
gray hat hacker
At what layer of the OSI model do proxy servers operate?
layer 7
