Сетевая безопасность и защита инф

¡Supera tus tareas y exámenes ahora con Quizwiz!

154. Which statement is true about Cisco IOS ping indicators?

'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.

22. Which statement is true about Cisco IOS ping indicators?

'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.

203.Refer to the exhibit. A corporate network is using NTP to synchronize the time across devices. What can be determined from the displayed output?

) Router03 is a stratum 2 device that can provide NTP service to other devices in the network.

196. Refer to the exhibit. A network administrator is configuring AAA implementation on an ASA device. What does the option link3 indicate?

) the interface name

151. The bit depth of 3DES is:

112 bits;

252. The bit depth of 3DES is:

112 bits;

227.What year and where was the SHA algorithm developed?

1993 in the USA

78. A network administrator is required to upgrade wireless access to end users in a building. To provide data rates up to 1.3 Gb/s and still be backward compatible with older devices, which wireless standard should be implemented?

802.11ac

105. Which access control component, implementation, or protocol is based on device roles of supplicant, authenticator, and authentication server?

802.1X

132. Which access control component, implementation, or protocol restricts LAN access through publicly accessible switch ports?

802.1X

265. Honeypot ...?

A resource that is bait for intruders

201.What is a characteristic of a role-based CLI view of router configuration?

A single CLI view can be shared within multiple superviews.

204.When describing malware, what is a difference between a virus and a worm?

A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.

198.What is needed to allow specific traffic that is sourced on the outside network of an ASA firewall to reach an internal network?

ACL

128. Which access control component, implementation, or protocol audits what users actions are performed on the network?

Accounting

197.What provides both secure segmentation and threat defense in a Secure Data Center solution?

Adaptive Security Appliance

80. On a Cisco 3504 WLC dashboard, which option provides access to the full menu of features?

Advanced

202.What is a limitation to using OOB management on a large enterprise network?

All devices appear to be attached to a single management network.

262. Acunetix is ...?

An American company has on the market since 2004

263. Forcepoint ...?

An American multinational software development corporation, headquartered in Austin, Texas USA

213.What is the main difference between the implementation of IDS and IPS devices?

An IDS can negatively impact the packet flow, whereas an IPS can not.

296.What is the main difference between the implementation of IDS and IPS devices?

An IDS can negatively impact the packet flow, whereas an IPS can not.

92. What is the function provided by CAPWAP protocol in a corporate wireless network?

CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller.

240.The type of anti-virus programs based on the calculation of checksums for the system sector files present on the disk:

CRC scanner

79. A technician is about to install and configure a wireless network at a small branch office. What is the first security measure the technician should apply immediately upon powering up the wireless router?

Change the default user-name and password of the wireless router

98. What is an advantage of SSID cloaking?

Clients will have to manually identify the SSID to connect to the network.

274. Specter is?

Commercial low-level honeypot for Windows OS. Emulates 13 different operating systems

81. Which step is required before creating a new WLAN on a Cisco 3500 series WLC?

Create a new VLAN interface.

165. Which network service automatically assigns IP addresses to devices on the network?

DHCP

170.Which network service automatically assigns IP addresses to devices on the network?

DHCP

34. Which network service automatically assigns IP addresses to devices on the network?

DHCP

94. Which network service automatically assigns IP addresses to devices on the network?

DHCP

62. Which Layer 2 attack will result in legitimate users not getting valid IP addresses?

DHCP starvation

226.The SHA encryption algorithm is intended to be used in conjunction with the digital signature algorithm?

DSA

66. What represents a best practice concerning discovery protocols such as CDP and LLDP on network devices?

Disable both protocols on all interfaces where they are not required.

211.What is the best way to prevent a VLAN hopping attack?

Disable trunk negotiation for trunk ports and statically set nontrunk ports as access ports.

294.What is the best way to prevent a VLAN hopping attack?

Disable trunk negotiation for trunk ports and statically set nontrunk ports as access ports.

169. What is considered the most effective way to mitigate a worm attack?

Download security updates from the operating system vendor and patch all vulnerable systems.

38. What is considered the most effective way to mitigate a worm attack?

Download security updates from the operating system vendor and patch all vulnerable systems.

269. HoneyWeb is ...?

Emulates types of web services

63. What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow?

Enable port security.

163. By following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?

Establish a theory of probable causes.

31. By following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?

Establish a theory of probable causes.

239.DES and GOST 28147-89 are based on an encryption scheme?

Feistel network

37. When configuring SSH on a router to implement secure network management, a network engineer has issued the login local and transport input ssh line vty commands. What additional configuration action have to be performed to complete the SSH configuration?

Generate the asymmetric RSA keys.

231.To "compress" an arbitrary message, used for...?

Hash functions

271. What is the BackOfficer Friendly system?

Honeypot for Windows OS, can be used as HIPS

287. HIDS defines:

Host-based intrusion detection systems

228.You receive an e-mail from your bank with a request to confirm your last purchases within a week by going to the corresponding page of the bank's website. Your actions?

I will be vigilant - I will clarify the authenticity of the letter in the bank, I will not click on any links in the letter and I will check my account by manually typing the desired address in the address bar of the browser

152. Which method is used to send a ping message specifying the source address for the ping?

Issue the ping command without specifying a destination IP address.

20. Which method is used to send a ping message specifying the source address for the ping?

Issue the ping command without specifying a destination IP address.

126. A network administrator is configuring DAI on a switch with the command iparp inspection validate src-mac . What is the purpose of this configuration command?

It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.

71. A network administrator is configuring DAI on a switch with the command iparp inspection validate src-mac. What is the purpose of this configuration command?

It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.

156. A network technician issues the C:\>tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?

It forces the trace to use IPv6.

24. A network technician issues the C:\>tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?

It forces the trace to use IPv6.

264. GFI LanGuard ...?

It is a cybersecurity tool for using the continuously monitor networks, search for vulnerabilities and apply patches where possible

260. OSSEC is ...?

It is an open source cybersecurity tool for detecting network intrusions

258. Argus is...?

It is an open source cybersecurity tool, one of the most widely system for network traffic analysis

176. An administrator decides to use "5$7*4#033!" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it contains 10 numbers and special characters.

43. An administrator decides to use "5$7*4#033!" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it contains 10 numbers and special characters.

175. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it uses a minimum of 10 numbers, letters and special characters.

177. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it uses a minimum of 10 numbers, letters and special characters.

42. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it uses a minimum of 10 numbers, letters and special characters.

44. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it uses a minimum of 10 numbers, letters and special characters.

174. An administrator decides to use "WhatAreyouwaiting4" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it uses a passphrase.

41. An administrator decides to use "WhatAreyouwaiting4" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it uses a passphrase.

83. A network administrator is configuring a RADIUS server connection on a Cisco 3500 series WLC. The configuration requires a shared secret password. What is the purpose for the shared secret password?

It is used to encrypt the messages between the WLC and the RADIUS server.

181. An administrator decides to use "password" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it is a commonly used password.

48. An administrator decides to use "password" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it is a commonly used password.

179. An administrator decides to use "admin" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it is often the default password on new devices.

46. An administrator decides to use "admin" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it is often the default password on new devices.

178. An administrator decides to use "12345678!" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it uses a series of numbers or letters.

45. An administrator decides to use "12345678!" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it uses a series of numbers or letters.

180. An administrator decides to use "Feb121978" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it uses easily found personal information.

183. An administrator decides to use "Elizabeth" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it uses easily found personal information.

47. An administrator decides to use "Feb121978" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it uses easily found personal information.

50. An administrator decides to use "Elizabeth" as the password on a newly installed router. Which statement applies to the password choice?

It is weak because it uses easily found personal information.

182. An administrator decides to use "RobErT" as the password on a newly installed router. Which statement applies to the password choice?

It is weak since it uses easily found personal information.

49. An administrator decides to use "RobErT" as the password on a newly installed router. Which statement applies to the password choice?

It is weak since it uses easily found personal information.

68. Which statement describes the behavior of a switch when the MAC address table is full?

It treats frames as unknown unicast and floods all incoming frames to all ports within the local VLAN.

199.Which statement describes a characteristic of the IKE protocol?

It uses UDP port 500 to exchange IKE information between the security gateways.

93. What is the result of a DHCP starvation attack?

Legitimate clients are unable to lease IP addresses.

223. How does a Caesar cipher work on a message?

Letters of the message are replaced by another letter that is a set number of places away in the alphabet.

278. The main risks of information security are:

Loss, distortion, leakage of information

272. Honeyd is?

Low-level honeypot for Linux, capable of emulating hundreds of OS

110. A network administrator is working to improve WLAN performance on a dual-band wireless router. What is a simple way to achieve a split-the-traffic result?

Make sure that different SSIDs are used for the 2.4 GHz and 5 GHz bands.

103. A network administrator deploys a wireless router in a small law firm. Employee laptops join the WLAN and receive IP addresses in the 10.0.10.0/24 network. Which service is used on the wireless router to allow the employee laptops to access the internet?

NAT

267. Honeynet is ...?

Network from honeypot

206.Consider the access list command applied outbound on a router serial interface.

No traffic will be allowed outbound on the serial interface.

289.Consider the access list command applied outbound on a router serial interface.

No traffic will be allowed outbound on the serial interface.

23. A user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?

Nothing can be determined for sure at this point

155. A user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?

Nothing can be determined for sure at this point.

208.What technology has a function of using trusted third-party protocols to issue credentials that are accepted as an authoritative identity?

PKI certificates

291.What technology has a function of using trusted third-party protocols to issue credentials that are accepted as an authoritative identity?

PKI certificates

259. Nagios is ...?

Provides security experts with the ability to monitor networks, connected hosts and systems in real time

104. Which service can be used on a wireless router to prioritize network traffic among different types of applications so that voice and video data are prioritized over email and web data?

QoS

87.A network administrator of a college is configuring the WLAN user authentication process. Wireless users are required to enter username and password credentials that will be verified by a server. Which server would provide such service?

RADIUS

215. What function is provided by the RADIUS protocol?

RADIUS provides separate ports for authorization and accounting.

298. What function is provided by the RADIUS protocol?

RADIUS provides separate ports for authorization and accounting.

135. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?

RouterA(config) # login block-for 30 attempts 2 within 10

2. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?

RouterA(config) # login block-for 30 attempts 2 within 10

72. Which command can be used to enable BPDU guard on a switch?

S1(config) # spanning-tree portfastbpduguard default

253.An algorithm for use in conjunction with the DSA digital signature algorithm:

SHA

221. What network security testing tool has the ability to provide details on the source of suspicious network activity?

SIEM

102. Which protocol can be used to monitor the network?

SNMP

173. A technician is to document the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would be best to use to securely access the network devices?

SSH

40. A technician is to document the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would be best to use to securely access the network devices?

SSH

67. Which protocol should be used to mitigate the vulnerability of using Telnet to remotely manage network devices?

SSH

85.Which protocol should be used to mitigate the vulnerability of using Telnet to remotely manage network devices?

SSH

13. What is the advantage of using SSH over Telnet?

SSH provides secure communications to access hosts.

133. What is the advantage of using SSH over Telnet?

SSH provides secure communications to access hosts.

146. What is the advantage of using SSH over Telnet?

SSH provides secure communications to access hosts.

101. A company has recently implemented an 802.11n wireless network. Some users are complaining that the wireless network is too slow. Which solution is the best method to enhance the performance of the wireless network?

Split the traffic between the 2.4 GHz and 5 GHz frequency bands.

90. A technician is troubleshooting a slow WLAN that consists of 802.11b and 802.11g devices . A new 802.11n/ac dual-band router has been deployed on the network to replace the old 802.11g router. What can the technician do to address the slow wireless speed?

Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.

82. A network engineer is troubleshooting a newly deployed wireless network that is using the latest 802.11 standards. When users access high bandwidth services such as streaming video, the wireless network performance is poor. To improve performance the network engineer decides to configure a 5 Ghz frequency band SSID and train users to use that SSID for streaming media services. Why might this solution improve the wireless network performance for that type of service?

The 5 GHz band has more channels and is less crowded than the 2.4 GHz band, which makes it more suited to streaming multimedia.

33. An employee complains that a Windows PC cannot connect to the Internet. A network technician issues the ipconfig command on the PC and is shown an IP address of 169.254.10.3. Which conclusion can be drawn?

The PC cannot contact a DHCP server.

261. Snort is ...?

The application is an open source network intrusion detection and prevention system tool

158. A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?

The network administrator wants to verify Layer 2 connectivity.

26. A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?

The network administrator wants to verify Layer 2 connectivity.

268. The main problems of the Honeypot funds are:

The possibility of disclosure of the Honeypot

217.How does a firewall handle traffic when it is originating from the private network and traveling to the DMZ network?

The traffic is selectively permitted and inspected.

300.How does a firewall handle traffic when it is originating from the private network and traveling to the DMZ network?

The traffic is selectively permitted and inspected.

270. Deception Toolkit is ...?

The very first open-source honeypot

266. Padded Cell ...?

This is a kind of "sandbox" type bait

195. Which statement describes a difference between the Cisco ASA IOS CLI feature and the router IOS CLI feature?

To use a show command in a general configuration mode, ASA can use the command directly whereas a router will need to enter the do command before issuing the show command.

172. Which statement describes the ping and tracert commands?

Tracert shows each hop, while ping shows a destination reply only.

39. Which statement describes the ping and tracert commands?

Tracert shows each hop, while ping shows a destination reply only.

219. What network testing tool would an administrator use to assess and validate system configurations against security policies and compliance standards?

Tripwire

194. What is a characteristic of UDP?

UDP reassembles the received datagrams in the order they were received.

61. What is a characteristic of UDP?

UDP reassembles the received datagrams in the order they were received.

222. How do modern cryptographers defend against brute-force attacks?

Use a keyspace large enough that it takes too much money and too much time to conduct a successful attack.

167. Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?

VLAN double-tagging

70. Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?

VLAN double-tagging

113. On a Cisco 3504 WLC Summary page ( Advanced> Summary ) , which tab allows a network administrator to access and configure a WLAN for a specific security option such as WPA2?

WLANs

64. Which Cisco product focus on endpoint security solutions?

Web Security Appliance

139. What is the difference between a virus and a worm?

Worms self-replicate but viruses do not.

6. What is the difference between a virus and a worm?

Worms self-replicate but viruses do not.

209.Which protocol is an IETF standard that defines the PKI digital certificate format?

X.509

292.Which protocol is an IETF standard that defines the PKI digital certificate format?

X.509

286. A sniffer is:

a program or device for intercepting and analyzing network traffic

243. A keylogger is

a program that uses the technique of injecting into the kernel of the operating system to hide the presence in the system and intercepts all keystrokes

283. DoS attack is:

a set of malicious actions aimed at blocking or slowing down the operation of individual services or an entire information system

91. The company handbook states that employees cannot have microwave ovens in their offices. Instead, all employees must use the microwave ovens located in the employee cafeteria. What wireless security risk is the company trying to avoid?

accidental interference

116. Which access control component, implementation, or protocol logs EXEC and configuration commands configured by a user?

accounting

127. Which access control component, implementation, or protocol collects and reports usage data?

accounting

96. Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources?

accounting

77. While attending a conference, participants are using laptops for network connectivity. When a guest speaker attempts to connect to the network, the laptop fails to display any available wireless networks. The access point must be operating in which mode?

active

279. The SSH key is:

an application-level network protocol that allows remote control of the operating system and tunneling of TCP connections

277. Password attacks are:

an attempt to select the password of a legal user to log in to the network

153. A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?

an increase in host-to-host ping response times

21. A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?

an increase in host-to-host ping response times

118. Which access control component, implementation, or protocol controls who is permitted to access a network?

authentication

131. Which access control component, implementation, or protocol is implemented either locally or as a server-based solution?

authentication

84. Which access control component, implementation, or protocol is based upon usernames and passwords?

authentication

254. Determination by an authorized recipient (receiver) of the fact that a received message was sent by an authorized sender (transmitter) is called:

authentication;

108. Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform?

authorization

111. Which access control component, implementation, or protocol controls what users can do on the network?

authorization

124. Which access control component, implementation, or protocol indicates success or failure of a client-requested service with a PASS or FAIL message?

authorization

99. Which access control component, implementation, or protocol controls what users can do on the network?

authorization

74. Which type of management frame may regularly be broadcast by an AP?

beacon

229.Select the type of anti-virus programs that intercept "virus-dangerous" situations and inform the user about it...?

blocker

276. Honeypot technologies provide analysts with some advantages. What are they?

collecting meaningful information

282. Honeypot technologies provide analysts with some advantages. What are they?

collecting meaningful information

275. Meaning of the wordHoneypot Manager?

commercial honeypot. Emulates a server with an Oracle DBMS installed.

36. On which interface or port can security be improved by configuring executive timeouts?

console ports

187. A student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the task?

copy running-config startup-config

54. A student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the task?

copy running-config startup-config

236.The science of mathematical methods of ensuring confidentiality and authenticity, integrity and authenticity of information authorship.

cryptography

250. The science of ensuring the secrecy and / or authenticity (authenticity) of transmitted messages:

cryptography;

149. What is an accurate description of redundancy?

designing a network to use multiple paths between switches to ensure there is no single point of failure

16. What is an accurate description of redundancy?

designing a network to use multiple paths between switches to ensure there is no single point of failure

14. What is the role of an IPS?

detecting and blocking of attacks in real time

147. What is the role of an IPS?

detecting and blocking of attacks in real time

281. Man-in-the-Middle is:

direct access to packets transmitted over the network

100. What is a wireless security mode that requires a RADIUS server to authenticate wireless users?

enterprise

244. The RSA algorithm is based on an intractable problem

factorization of numbers

1. Which component is designed to protect against unauthorized communications to and from a computer?

firewall

134. Which component is designed to protect against unauthorized communications to and from a computer?

firewall

88.Which component is designed to protect against unauthorized communications to and from a computer?

firewall

248. What is Kerberos used for?

for symmetric authentication;

247. Origin of the term "cryptography":

from the word "secret writing";

284. The main disadvantages of authentication using smart cards:

high price

285. The main advantages and disadvantages of biometric authentication:

high reliability

255.Establishing the authenticity of an object or subject by the identifier presented by him

identification

232.To protect the encrypted communication system from the imposition of false data?

imitoprotection

241.The kind of backup that takes less time?

incremental

121. Which wireless network topology would be used by network engineers to provide a wireless network for an entire college building?

infrastructure

220. What type of network security test can detect and report changes made to network systems?

integrity checking

210.A network administrator is configuring DAI on a switch. Which command should be used on the uplink interface that connects to a router?

iparp inspection trust

293.A network administrator is configuring DAI on a switch. Which command should be used on the uplink interface that connects to a router?

iparp inspection trust

186. A user wants to know the IP address of the PC. What is the best command to use to accomplish the task?

ipconfig

190. A teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?

ipconfig

53. A user wants to know the IP address of the PC. What is the best command to use to accomplish the task?

ipconfig

57. A teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?

ipconfig

188. A support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to use to accomplish the task?

ipconfiggetifaddr en0

55. A support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to use to accomplish the task?

ipconfiggetifaddr en0

207.Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so that the router filters traffic prior to accessing the routing table?

ipv6 traffic-filter ENG_ACL in

290.Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so that the router filters traffic prior to accessing the routing table?

ipv6 traffic-filter ENG_ACL in

230.Select the password that most closely matches the requirements of the standard from the list.

l # derk!

148. A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?

layered

15. A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?

layered

65. Which authentication method stores usernames and passwords in the router and is ideal for small networks?

local AAA

11. When applied to a router, which command would help mitigate brute-force password attacks against the router?

login block-for 60 attempts 5 within 60

144. When applied to a router, which command would help mitigate brute-force password attacks against the router?

login block-for 60 attempts 5 within 60

12. What feature of SSH makes it more secure than Telnet for a device management connection?

login information and data encryption

145. What feature of SSH makes it more secure than Telnet for a device management connection?

login information and data encryption

138. Which example of malicious code would be classified as a Trojan horse?

malware that was written to look like a video game

5. Which example of malicious code would be classified as a Trojan horse?

malware that was written to look like a video game

140. Which attack involves a compromise of data that occurs between two end points?

man-in-the-middle attack

7. Which attack involves a compromise of data that occurs between two end points?

man-in-the-middle attack

171. The imitation of the message is?

masking

235. The imitation of the message is?

masking

256.Security mechanisms for information processed in distributed computing systems and networks

network security services

164. Users are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?

nslookup

19. An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?

nslookup

192. An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?

nslookup

32. Users are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?

nslookup

59. An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?

nslookup

114. What type of wireless antenna is best suited for providing coverage in large open spaces, such as hallways or large conference rooms?

omnidirectional

273. Bubblegum Proxypot is?

open-source honeypot, used to combat spammers

246. Difficult to detect viruses that do not have signatures, do not contain a single constant piece of code - these are

polymorphic viruses

115. What security benefit is gained from enabling BPDU guard on PortFast enabled interfaces?

preventing rogue switches from being added to the network

120.Which command raises the privilege level of the ping command to 7?

privilege exec level 7 ping

200.Which command raises the privilege level of the ping command to 7?

privilege exec level 7 ping

109. A network administrator is configuring port security on a Cisco switch. The company security policy specifies that when a violation occurs, packets with unknown source addresses should be dropped and no notification should be sent. Which violation mode should be configured on the interfaces?

protect

75. What is the method that used by a wireless NIC to discover an AP?

receiving a broadcast beacon frame

141. Which type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?

reconnaissance

8. Which type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?

reconnaissance

137. What type of attack may involve the use of tools such as nslookup and fping?

reconnaissance attack

4. What type of attack may involve the use of tools such as nslookup and fping?

reconnaissance attack

251. Replacement of characters from plain text with corresponding characters of the cryptotext alphabet is called:

replacement cipher;

205. Which type of packet is unable to be filtered by an outbound ACL?

router-generated packet

288. Which type of packet is unable to be filtered by an outbound ACL?

router-generated packet

129. Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?

self zone

216.Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?

self zone

299.Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?

self zone

159. A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?

show cdp neighbors detail

185. Students who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to use to accomplish the task?

show interfaces

52. Students who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to use to accomplish the task?

show interfaces

168. Which command can an administrator execute to determine what interface a router will use to reach remote networks?

show ip route

189. A network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to accomplish the task?

show ipv6 interface

56. A network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to accomplish the task?

show ipv6 interface

191. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?

show running-config

193. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?

show running-config

58. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?

show running-config

60. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?

show running-config

27. A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?

showcdp neighbors detail

184. A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?

showip interface brief

51. A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?

showip interface brief

35. Which command can an administrator execute to determine what interface a router will use to reach remote networks?

showip route

89. Which command can an administrator execute to determine what interface a router will use to reach remote networks?

showip route

97. An IT security specialist enables port security on a switch port of a Cisco switch. What is the default violation mode in use until the switch port is configured to use a different violation mode?

shutdown

212.What would be the primary reason an attacker would launch a MAC address overflow attack?

so that the switch stops forwarding traffic

295.What would be the primary reason an attacker would launch a MAC address overflow attack?

so that the switch stops forwarding traffic

245. The main types of viruses

software, boot, macro viruses

10. Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?

stateful packet inspection

143. Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?

stateful packet inspection

218.Which type of firewall is supported by most routers and is the easiest to implement?

stateless firewall

73. As part of the new security policy, all switches on the network are configured to automatically learn MAC addresses for each port. All running configurations are saved at the start and close of every business day. A severe thunderstorm causes an extended power outage several hours after the close of business. When the switches are brought back online, the dynamically learned MAC addresses are retained. Which port security configuration enabled this?

sticky secure MAC addresses

161. Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?

terminal monitor

162. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?

terminal monitor

166. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?

terminal monitor

29. Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?

terminal monitor

30. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?

terminal monitor

107. Which feature on a switch makes it vulnerable to VLAN hopping attacks?

the automatic trunking port feature enabled for all ports by default

69. What device is considered a supplicant during the 802.1X authentication process?

the client that is requesting authentication

95. Which feature or configuration on a switch makes it vulnerable to VLAN double-tagging attacks?

the native VLAN of the trunking port being

257.Digital certificate contains:

the private key of the certification authority

280. Security is:

the state of protection from external and internal threats

160. What information about a Cisco router can be verified using the show version command?

the value of the configuration register

28. What information about a Cisco router can be verified using the show version command?

the value of the configuration register

249. What is MDC Data Manipulation Detection Code?

there is the result of the action of the hash function;

76. A technician is configuring the channel on a wireless router to either 1, 6, or 11. What is the purpose of adjusting the channel?

to avoid interference from nearby wireless devices

150. What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?

to document and analyze network traffic requirements on each network segment

18. What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?

to document and analyze network traffic requirements on each network segment

225.Security updates are required -?

to eliminate detected defects in operating systems

157. Why would a network administrator use the tracert utility?

to identify where a packet was lost or delayed on a network

25. Why would a network administrator use the tracert utility?

to identify where a packet was lost or delayed on a network

136. What is the purpose of the network security accounting function?

to keep track of the actions of a user

3. What is the purpose of the network security accounting function?

to keep track of the actions of a user

233.What is the Diffie-Hellman algorithm used for?

to obtain a shared secret key when communicating via an unsecured communication channel

142. What is the purpose of the network security authentication function?

to require users to prove who they are

9. What is the purpose of the network security authentication function?

to require users to prove who they are

234 Identification and Authentication Applied?

to restrict access of random and illegal subjects to the information system

224.Virus masks are used for ...?

to search for known viruses

238.The electronic signature is encrypted?

using a special program, two keys are created: private and public

17. A network administrator is upgrading a small business network to give high priority to real-time applications traffic. What two type of network service is the network administrator trying to accommodate?

voice

123. Which type of wireless network is suitable for use in a home or office?

wireless local-area network

86. Which type of wireless network is based on the 802.11 standard and a 2.4-GHz or 5-GHz radio frequency?

wireless local-area network

112. Which type of wireless network is suitable for providing wireless access to a city or district?

wireless metropolitan-area network

122. Which type of wireless network uses transmitters to provide wireless service over a large urban region?

wireless metropolitan-area network

125. Which type of wireless network often makes use of devices mounted on buildings?

wireless metropolitan-area network

119.Which type of wireless network uses low powered transmitters for a short-range network, usually 20 to 30 ft. (6 to 9 meters) ?

wireless personal-area network

130. Which type of wireless network commonly uses Bluetooth or ZigBee devices?

wireless personal-area network

106. Which type of wireless network is suitable for national and global communications?

wireless wide-area network

117. Which type of wireless network uses transmitters to provide coverage over an extensive geographic area?

wireless wide-area network

237.To reduce your computers exposure to malicious the code?

work under an account with limited rights

242. The best variant describing the possible consequences of a botnet infection:

your PC will act as a server, obeying the hacker's remote commands;

214.Which attack is defined as an attempt to exploit software vulnerabilities that are unknown or undisclosed by the vendor?

zero-day

297.Which attack is defined as an attempt to exploit software vulnerabilities that are unknown or undisclosed by the vendor?

zero-day


Conjuntos de estudio relacionados

Assignment 12: Property Claims Quizzes

View Set

Software Engineering: A Practitioner's Approach (Pressman) - Ch. 2

View Set

Chapter 14:keeping with the republic

View Set