CIT 184

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which security tool works by recognizing signs of a possible attack and sending notification to an administrator?

IDPS

Which of the following is the broadcast address for subnet 192.168.10.32 with subnet mask 255.255.255.240

192.168.10.47

Which of the following correctly represents the port used by FTP control traffic and FTP file transfer traffic respectively?

21, 20

If you are subnetting a class B network, what subnet mask will yield 64 subnets?

255.255.252.0

Which of the following is considered a flooded broadcast IP address?

255.255.255.255

Which of the following is the IPv6 loopback address?

::1

Which protocol is responsible for automatic assignment of IP addresses?

DHCP

What is the typical packet sequence for closing a TCP session?

FIN, ACK, FIN ACK, ACK

A packet monkey is an unskilled programmer who spreads viruses and other malicious scripts to exploit computer weaknesses.

False

A rollover cable is wired similarly to an Ethernet cable except that pins 7 and 8 are crossed.

False

All devices interpret attack signatures uniformly.

False

An atomic attack is a barrage of hundreds of packets directed at a host.

False

Current Microsoft OSs include IPv6, but to use it, you must enable it first.

False

Fragmentation of IP packets is normal and doesn't present any networking problems.

False

IPv4 and IPv6 headers are interoperable.

False

Newer Trojans listen at a predetermined port on the target computer so that detection is more difficult.

False

Reviewing log files is a time-consuming task and therefore should only be done when an attack on the network has occurred.

False

The IP address 172.20.1.5 is a private IP address.

False

The Transport layer of the OSI model includes the RIP protocol.

False

To determine best path, routers use metrics such as the value of the first octet of the destination IP address.

False

Which of the following is an element of the TCP header that can indicate that a connection has been established?

Flags

What is the packet called where a Web browser sends a request to the Web server for Web page data?

HTTP GET

What is contained in ARP tables?

IP address, MAC address

Which of the following is an accurate set of characteristics you would find in an attack signature?

IP address, TCP flags, port numbers

What feature does RIPng support that is not supported by RIP?

IPv6

Which of the following is a reason that UDP is faster than TCP?

It doesn't guarantee delivery

The TCP protocol uses a three-way handshake to create a connection.

True

The signature of a normal FTP connection includes a three-way handshake.

True

With discretionary access control, network users can share information with other users, making it more risky than MAC.

True

Which of the following is a command you would find in an antispoofing ACL for network 172.31.0.0/16?

deny ip 172.31.0.0 0.0.255.255 any log

What is a VPN typically used for?

secure remote access

What is the TCP portion of a packet called?

segment

What Cisco router command encrypts all passwords on the router?

service password-encryption

Which field in the IP header is an 8-bit value that identifies the maximum amount of time the packet can remain in the network before it is dropped?

TTL

What type of attack does a remote-access Trojan attempt to perpetrate?

back door

Which of the following makes routing tables more efficient?

route summarization

Which of the following is a valid IPv6 address?

1080::8:800:200C:417A

How large is the IPv6 address space?

128 bits

Which of the following addresses is a Class B IP address?

189.77.101.6

Which feature of a router provides traffic flow and enhances network security?

ACLs

Which of the following types of traffic does NOT travel through routers?

ARP requests

Which protocol that runs on Cisco routers shares information between Cisco devices?

CDP

What feature in ICMPv6 replaces ARP in IPv4?

Neighbor Discovery

In which OSI model layer will you find the OSPF protocol?

Network

Which of the following is an open standard used for authentication on Cisco routers?

RADIUS

Which type of attack causes the operating system to crash because it is unable to handle arbitrary data sent to a port?

RPC attacks

Which TCP flag can be the default response to a probe on a closed port?

RST

Which of the following is the first packet sent in the TCP three-way handshake?

SYN

What is the sequence of packets for a successful three-way handshake?

SYN, SYN ACK, ACK

Which IPv6 header field is known as the priority field?

Traffic Class

What is a program that appears to do something useful but is actually malware?

Trojan

A worm creates files that copy themselves repeatedly and consume disk space.

True

Cisco routers support both numbered and named ACLs, starting with IOS version 11.2.

True

Packet fragmentation is not normal, and can only occur if an attack has been initiated.

True

Physical security protects a system from theft, fire, or environmental disaster.

True

Some methods of attacking a Cisco router do not require knowledge of the IOS version, so software patching is recommended.

True

What tool do you use to secure remote access by users who utilize the Internet?

VPN

Which type of scan has the FIN, PSH, and URG flags set?

XMAS scan

Which of the following is true about standard IP ACLs?

a 0.0.0.0 inverse mask means all bits are significant

Defense in depth can best be described as which of the following?

a layered approach to security

Which of the following is NOT among the items of information that a CVE reference reports?

attack signature

Which security layer verifies the identity of a user, service, or computer?

authentication

Which of the following is NOT a type of entry found in a routing table?

backup routes

Malware that creates networks of infected computers that can be controlled from a central station is referred to as which of the following?

botnet

In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated?

challenge/response

What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?

checksum

Which of the following is NOT information that a packet filter uses to determine whether to block a packet?

checksum

To what type of port on a Cisco router do you connect a rollover cable?

console

What should you do when configuring DNS servers that are connected to the Internet in order to improve security?

disable zone transfer

What uses mathematical calculations to compare routes based on some measurement of distance?

distance-vector routing protocols

Which of the following types of password prevents a user from accessing privileged exec mode on a Cisco router?

enable

What is the term used when an IDPS doesn't recognize that an attack is underway?

false negative

Which of the following is NOT one of the three primary goals of information security?

impartiality

Which of the following is a metric routers can use to determine best path?

link state

Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus?

macro

Which of the following is NOT a reason for subnetting a network?

making larger groups of computers

Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications?

man-in-the-middle

What should you set up if you want to store router system log files on a server?

syslog

With which access control method do system administrators establish what information users can share?

mandatory access control

Of what category of attack is a DoS attack an example?

multiple-packet attack

What can an attacker use a port scanner to test for on a target computer?

open sockets

What does a sliding window do in a TCP packet?

provides flow control

What is the name of a storage area where viruses are placed by antivirus software so they cannot replicate or do harm to other files?

quarantine

Under which suspicious traffic signature category would a port scan fall?

reconnaissance

Which type of firewall policy calls for a firewall to deny all traffic by default?

restrictive policy

Why might you want your security system to provide non repudiation?

so a user can't deny sending or receiving a communication

Which term is best described as an attack that relies on the gullibility of people?

social engineering

Which of the following is the description of a land attack?

source and destination IP address/port are the same

What remote shell program should you use if security is a consideration?

ssh

In which type of scan does an attacker scan only ports that are commonly used by specific programs?

strobe scan

How are the two parts of an IP address determined?

subnet masks

Which of the following is NOT an advantage of IPv6 versus IPv4?

supports static configuration

Which of the following is NOT a category of suspicious TCP/IP packet?

suspicious CRC value

Under which attack category does a UNIX Sendmail exploitation fall?

suspicious data payload

Which of the following is true about ACLs on Cisco routers?

there is an implicit deny any statement at the end of the ACL

Which of the following is true about static routes?

they are used for stub networks

How does the CVE standard make network security devices and tools more effective?

they can share information about attack signatures

Which of the following is true about extended IP ACLs?

they should be applied to an interface close to the traffic source

Which element of an ICMP header would indicate that the packet is an ICMP echo request message.

type

A hactivist can best be described as which of the following?

use DoS attacks on Web sites with which they disagree


Kaugnay na mga set ng pag-aaral

Nur 102 Values, Ethics, and Legal Issues Chp 7

View Set

Science of Human Nutrition: Chapter 5, 6, 8, and 9 Post Assessments

View Set

AP Psych Module 76 Group Behavior

View Set

Stereotypes Prejudice Discrimination 

View Set

Precis 4: 1 text + OBS, Precis 4: 1 tema, Precis 4: 3 tema, Precis 4: 3 text + OBS, Precis 4: 2 text +OBS + Bra att veta, Precis 4: 2 tema, Precis 4: text 4, Precis 4: 4 tema, Precis 4: 5 text + OBS + Bra att veta, Precis 4: 5 tema

View Set

Basic Insurance Concepts & Principles

View Set