Cloud, Virtualization, Wireless Security (Ch 10, 11)
Which of the following attacks is considered easy, allowing threat actors to access user data and read through passwords and PINs, and why is it considered so? A. A jamming attack, because this attack can be achieved using mobile phone networks. B. A disassociation attack, because the device gets disconnected from the network and can be hacked easily. Analysis C. A WLAN consumer attack, because many users fail to properly configure security on their home WLANs. D. A WDoS attack, because WLANs are less secure and can easily be hacked.
A WLAN consumer attack, because many users fail to properly configure security on their home WLANs.
Which of the following differentiates an access point probe and a dedicated probe? A. A dedicated probe only monitors RF transmissions, while an access point probe can serve as both a probe and an access point that can provide roaming to wireless users. B. A dedicated probe is a standard wireless device that can be configured to act as a wireless probe. In contrast, an access point probe is a wireless adapter plugged into a desktop computer to monitor the RF in the area for transmissions. C. A dedicated probe has the ability t to serve as both a probe and an access point that can provide roaming to wireless users. In contrast, an access point probe only monitors RF transmissions. D. A dedicated probe is a wireless adapter plugged into a desktop computer to monitor the RF in the area for transmissions. In contrast, an access probe is a standard wireless device that can be configured to act as a wireless probe.
A dedicated probe only monitors RF transmissions, while an access point probe can serve as both a probe and an access point that can provide roaming to wireless users.
David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed? A. Take a snapshot of the virtual machine before loading the configuration B. Take a screenshot of the virtual machine before testing the configuration C. Use sandboxing in the virtual machine before testing the configuration D. Enable "roll back" on the previous configuration before testing the new configuration
A. Take a snapshot of the virtual machine before loading the configuration
Suzanne is a cybersecurity expert. She was approached by Alex with a complaint that his payment information has leaked even though he has not made any online payments or shared information with anyone. Suzanne concluded that attackers most likely bumped a portable reader against Alex's smartphone to make an NFC connection and steal the payment information stored on the phone. What should Suzanne suggest to Alex to prevent this type of attack from happening in the future? A. Alex should remain aware of the people around him while making NFC payments. B. Alex should always turn the NFC off while he's in a crowded area. C. Alex should protect his smartphone with a unique password or strong PIN. D. Alex should configure his device pairing so one device can only send and the other only receive.
Alex should always turn the NFC off while he's in a crowded area.
Which type of attack can give an attacker access to a device and allow them to copy personal information using an unauthorized radio frequency connection? A. RFID attack B. Bluesnarfing C. NFC attack D. Bluejacking
Bluesnarfing
Shawn is approached by a medical staff team with a request to research and introduce a type of device that will help them record and transmit specific patient details.Which technology would help the team measure and monitor blood pressure and then send those patient details from the device to a phone as a message in case of emergencies? A. WLAN network B. Bluetooth C. RFID D. NFC
Bluetooth
Sherry needs to suggest a technology that can enable smartphones or laptops to control multiple devices like speakers, mice, etc., within a 100-meter distance. The device should also be connected without any wired connection. Which technology should Sherry suggest? A. Bluetooth technology can be used to connect devices without any wired connection B. NFC technology can be used to connect mobile devices to speakers C. RFID technology can be used to connect laptop mouse without any wired connection D. WLANs can be used to connect mobile devices to speakers
Bluetooth technology can be used to connect devices without any wired connection
Justin works for an automobile manufacturer. The company is designing a new car that enables the users to use the car as a mobile office. To achieve this, the car must have a hands-free system where drivers can use voice controls to browse their phone's contact list, make and receive hands-free phone calls, mirror a smartphone screen on the LED dash display, and use navigation and entertainment apps.Which technology should he use and why? A. NFC, because it is used to transmit information between devices by a small tag that can help provide hands-free features and an internet connection. B. Bluetooth, because it can be used to pair devices, allowing for hands-free and screen mirroring features. C. RFID devices, because they establish two-way communication between devices, which can be used to provide hands-free features with voice control. D. WLAN, because it can be connected to the car's internal computer system to provide internet and screen mirroring features.
Bluetooth, because it can be used to pair devices, allowing for hands-free and screen mirroring features.
Which of the following best describes the cloud access security broker? A. CASB allows secure access to the data stored in the cloud from any device. B. CASB is a virtual alternative to a physical firewall. C. CASB ensures the security policies of the enterprise extend to its data in the cloud. D. CASB secures the data stored in the cloud by restricting unauthorized access.
C. CASB ensures the security policies of the enterprise extend to its data in the cloud.
Which of the following best describes the cloud access security broker? A. CASB allows secure access to the data stored in the cloud from any device. B. CASB secures the data stored in the cloud by restricting unauthorized access. C. CASB is a virtual alternative to a physical firewall. D. CASB ensures the security policies of the enterprise extend to its data in the cloud.
CASB ensures the security policies of the enterprise extend to its data in the cloud.
Which of the following protects SNMP-managed devices from unauthorized access? A. Resource records B. Community string C. X.500 lite D. X.500
Community string
You are a security consultant. An enterprise client contacted you because their mail domain is blocked due to an unidentified entity using it to send spam. How should you advise them to prevent this from happening in the future? A. Configure the SMTP relay to limit relays to only local users B. Configure the IMAP to store emails on the email server C. Configure the POP3 so that it listens on port 25 D. Configure the POP to monitor incoming and outgoing emails
Configure the SMTP relay to limit relays to only local users
Which of the following is a virtualization instance that uses OS components for virtualization? A. Container B. VM escape protection C. Hypervisor D. Host OS
Container
In an interview, Tom was asked to give a brief on how containers perform virtualization. How should Tom reply? A. Containers use hardware hypervisors for virtualization B. Containers use Type I hypervisors for virtualization C. Containers use OS components for virtualization D. Containers use dedicated physical storage for virtualization
Containers use OS components for virtualization
What type of APs can be managed by wireless LAN controllers (WLCs)? A. Standalone APs B. Controller AP C. Captive portal APs D. Fat AP
Controller AP
Marnus is working as a cloud administrator, and he has been asked to perform segmentation on specific cloud networks. Which of the following should be done by Marnus? A. Create network rules for the services permitted between accessible zones to make sure endpoints belonging to other approved zones can reach them. B. Use automated inspection and integration services for authentication, authorization, encryption,availability, and policy compliance. C. Create a virtual network that connects services and resources such as virtual machines and database applications. D. Remove individual accounts on file servers, machines, or authentication servers to restrict access and free up disc space, ports, and certificates.
Create network rules for the services permitted between accessible zones to make sure endpoints belonging to other approved zones can reach them.
You are the security manager of an ISP, and you are asked to protect the name server from being hijacked. Which of the following protocols should you use? A. IMAP B. DNSSEC C. SFTP D. FTPS
DNSSEC
Under which vulnerability can an attacker steal information from a user's phone using a device to connect to the phone without physically touching it? A. Man-in-the-middle B. Device theft C. Data theft D. Eavesdropping
Data theft
Which probe is designed exclusively to monitor the RF for transmissions and can only monitor the airwaves? A. Access point probe B. Desktop probe C. Wireless device probe D. Dedicated probe
Dedicated probe
Which of the following is a feature of secrets management? A. Data redundancy B. Data availability C. Default encryption D. Decreased latency
Default encryption
Which of the following packets contains the field that indicates the function of the packet and an identifier field used to match requests and responses and the type of data being transported along with the data itself? A. EAP packet B. DHCP packet Analysis C. TKIP packet D. CCMP packet
EAP packet
In which type of RFID attack can unauthorized users listen to communications between RFID tags and readers? A. Eavesdropping B. Data theft C. Fake tags D. Unauthorized tag access
Eavesdropping
What is the difference between protecting against eavesdropping and protecting against a man-in-the-middle (MITM) attack when working with devices with NFC? A. Eavesdropping can be prevented by turning off NFC while in public, while MITM attack can be protected by using strong passwords and PINs. B. Eavesdropping can be prevented by strong passwords and PINs, while MITM attacks can be prevented by being aware of one's surroundings while using NFC technology. C. Eavesdropping can be prevented by configuring in a pairing method so only one side can send and the other can receive it at a time, while MITM can be prevented by using strong passwords and PINs. D. Eavesdropping can be prevented by being aware of one's surroundings while using NFC technology, while MITM attack can be prevented by configuring in a pairing method so only one side can send and the other can receive it at a time.
Eavesdropping can be prevented by being aware of one's surroundings while using NFC technology, while MITM attack can be prevented by configuring in a pairing method so only one side can send and the other can receive it at a time.
Which type of wireless attack is designed to capture wireless transmissions coming from legitimate users? A. Rogue access point B. Evil twin C. Jamming D. Wireless denial of service attacks
Evil twin
Kane was transferring files from a file transfer protocol (FTP) server to his local machine simultaneously. He sniffed the traffic to find that only the control port commands are encrypted, and the data port is not encrypted. What protocol did Kane use to transfer the files? A. TFTP B. SFTP C. FTPS D. FTP
FTPS
Melvin is moving his small business from his basement to an office building now that he has five full-time employees. What type of enterprise AP should he choose when setting up the new office's WLAN? A. Fat AP B. Captive portal AP C. Ad hoc AP D. Controller AP
Fat AP
Which of the following can be achieved using availability zones in cloud computing? A. More visibility B. Less redundancy C. Lower cost D. Fault tolerance
Fault tolerance
Which of the following tools can be used to secure multiple VMs? A. Firewall B. Firewall virtual appliance C. Intrusion detection system D. Antivirus
Firewall virtual appliance
Which of the following protocol can be used for secure routing and switching? A. HTTPS B. IPsec C. DNSSEC D. HTTP
IPsec
Which of the following protocols can make accessing data using man-in-the-middle attacks difficult while web browsing? A. SFTP B. IPv6 C. HTTP D. DNSSEC
IPv6
In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply? A. If the virtual machine's load increases, the virtual machines can balance the load by denying further access. B. If the virtual machine's load increases, the virtual machine can be migrated to another physical machine with more capabilities. C. If the load on a virtual machine increases, the RAM or disk space of the VM can be extended until the load is balanced. D. If the load on a virtual machine increases, the virtual machine can balance the load by rejecting low-priority requests.
If the virtual machine's load increases, the virtual machine can be migrated to another physical machine with more capabilities.
You are working as a cloud administrator, and are asked to migrate a virtual machine to a more capable physical machine, as the demand for the service hosted on the VM increased past its limit. As your enterprise still uses conventional switches, migration took time and resulted in customer dissatisfaction. How should you mitigate this issue in the future? A. Use virtual desktop infrastructure B. Implement a software-defined network C. Implement software-defined visibility D. Create containers in the virtual machine
Implement a software-defined network
Zara has been instructed to organize an event where top companies will come and give a webinar. Since the event is large and the number of people attending is substantial, Zara needs to ensure that there are no disturbances. She thinks preventing devices from communicating and calls from being made or received is the easiest solution. Which factor should Zara use to achieve this? A. Disassociation B. Rogue access point C. Jamming D. Evil twin
Jamming
Which of the following protocols allows John to prevent unwanted network access, provide security, and be configured to permit traffic only from specific addresses? A. WEP B. WPA C. WPS D. MAC
MAC
Which wireless technology will John use to provide wide-range cellular service that focuses on indoor coverage, low cost, long battery life, high connection density, and has a low-power wide-area network? A. Narrowband IoT B. Subscriber identity module C. Zigbee D. Cellular IoT baseband
Narrowband IoT
John is instructed by his CEO to introduce an employee attendance system that replaces the current manual-sign register. The organization doesn't allow personal electronic devices into the premises.What method should John use for this system? A. Bluetooth B. WLAN network C. RFID D. NFC
RFID
Sherlin is the owner of a cosmetics store. She wanted to introduce a wireless network in the store, but her IT department was against it. Sherlin ended up purchasing an inexpensive wireless router and secretly connected it to the wired network. Unfortunately, this unknowingly provided open access to the wireless signal. What type of attack has Sherlin made her store's network vulnerable to? A. Rogue access point B. Wireless denial of service attacks C. Evil twin D. Jamming
Rogue access point
Which of the following protocols can be used for secure video and voice calling? A. SNMP B. SRTP C. VPN D. S/MIME
SRTP
Zain, a telecom engineer, plans to relocate a particular AP antenna to a new location. Which of the following configuration options will he use to adjust frequency bands, optimum channels, and available spectrum for data transfer? A. Antenna placement B. Signal strength settings C. Wi-Fi analyzers Analysis D. Spectrum selection
Spectrum selection
Which technology under wireless communication is an integrated circuit that securely stores information used to identify and authenticate an IoT device? A. Subscriber identity module B. Zigbee C. Cellular IoT baseband D. Narrowband IoT
Subscriber identity module
Mike, an employee at your company, approached you seeking help with his virtual machine. He wants to save the current state of the machine to roll back to the saved state in case of a malfunction. Which of the following techniques can help Mike? A. Take snapshots to save the virtual machine state B. Use LDAP to save the virtual machine state C. Apply sandboxing to save the virtual machine state D. Use containers to save the virtual machine state
Take snapshots to save the virtual machine state
Why are jamming attacks generally rare? A. The transmitter is not very powerful and must be close to the target B. They can't identify WLAN RF signals from other device signals C. They can't get around new IEEE amendments that fully protect WLANs D. They require expensive, sophisticated equipment
They require expensive, sophisticated equipment
In an interview, the interviewer asks you to boot a PC. A hypervisor screen appears at the start of the boot process. The interviewer then asks you to identify the type of VM monitor program being used. What should your reply be? A. Container B. Type II hypervisor C. Type III hypervisor D. Type I hypervisor
Type I hypervisor
You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal? A. Use private subnets for backend servers B. Deploy the backend servers on premises C. Deploy backend servers in different availability zones D. Implement audit logging on backend servers
Use private subnets for backend servers
Pat is asked to automate critical security functions like responding to detected threat patterns in an enterprise network. Which of the following should be done by Pat? A. Use software-defined visibility B. Use a software-defined network C. Implement subnetting D. Use virtual desktop infrastructure
Use software-defined visibility
Your enterprise recently decided to hire new employees as work-from-home interns. For the new employees to work from home, you need to create a network that will allow them to securely access enterprise data from remote locations. Which technology should you use? A. SNMP B. S/MIME C. VPN D. FTPS
VPN
Which security protocol encrypts transmissions by using a shared secret key combined with an initialization vector (IV) that changes each time a packet is encrypted? A. MAC B. WPA C. WPS D. WEP
WEP
Sam is asked to help his company design a wireless network for their new location. Which of the following protocols has the strongest wireless security, supports a longer bit of encryption, and improved interaction capabilities with the internet of things (IoT) devices? A. WEP B. WPA3 C. WPA D. WPA2
WPA3
Which site survey tool is used to visually represent wireless network details such as channel bandwidth, channel coverage, data rate, and interference, among others? A. Channel overlays B. Wi-Fi analyzers C. Heat maps D. Channel selection
Wi-Fi analyzers
In which of the following attacks, exemplified by jamming and RTS duration field attacks, do attackers use intentional interference to flood the RF spectrum with enough interference to prevent a device from effectively communicating with the AP? A. Intercepting wireless data B. Wireless denial of service attacks C. Evil twin D. Disassociation attack
Wireless denial of service attacks
Bob has been asked to do research into increasing the accuracy in identifying rogue APs in his enterprise. Which rogue AP system detection probe will allow his company's IT department to monitor the airwaves for traffic, scan and record wireless signals within its range (even when the device is idle or not receiving any transmission), and then report this information to a centralized database? A. Dedicated probes B. Desktop probe C. Wireless device probe D. Access point probe
Wireless device probe
