ENSA study guide 3-5
Refer to the exhibit. A network administrator needs to add an ACE to the TRAFFIC-CONTROL ACL that will deny IP traffic from the subnet 172.23.16.0/20. Which ACE will meet this requirement?
5 deny 172.23.16.0 0.0.15.255
Refer to the exhibit. A network administrator is configuring a standard IPv4 ACL. What is the effect after the command no access-list 10 is entered?
ACL 10 is removed from the running configuration
What is the term used to describe a mechanism that takes advantage of a vulnerability?
Exploit
What commonly motivates cybercriminals to attack networks as compared to hacktivists or state-sponsored hackers?
Finacial gain
What is the term used to describe gray hat hackers who publicly protest organizations or governments by posting articles, videos, leaking sensitive information, and performing network attacks?
Hacktivists
Which type of hacker is motivated to protest against political and social issues?
Hacktivists
Which statement accurately characterizes the evolution of threats to network security?
Internal threats can cause even greater damage than external threats
A technician is tasked with using ACLs to secure a router. When would the technician use the deny configuration option or command?
To restrict specific traffic access through an interface
A technician is tasked with using ACLs to secure a router. When would the technician use the access-class 20 in configuration option or command?
To secure remote administrative access to the router
What effect would the Router1(config-ext-nacl)# permit tcp 172.16.4.0 0.0.0.255 any eq www command have when implemented inbound on the f0/0 interface?
Traffic originating from 172.16.4.0/24 is permitted to all TCP port 80 destinations
Refer to the exhibit. Which command would be used in a standard ACL to allow only devices on the network attached to R2 G0/0 interface to access the networks attached to R1?
access-list 1 permit 192.168.10.96 0.0.0.31
Which ACE will permit a packet that originates from any network and is destined for a web server at 192.168.1.1?
access-list 101 permit tcp any host 192.168.1.1 eq 80
Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?
access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80 access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23
Consider the following access list. access-list 100 permit ip host 192.168.10.1 any access-list 100 deny icmp 192.168.10.0 0.0.0.255 any echo access-list 100 permit ip any any Which two actions are taken if the access list is placed inbound on a router Gigabit Ethernet port that has the IP address 192.168.10.254 assigned?
devices on the 192.168.10.0/24 network are not allowed to ping other devices on the 192.168.11.0 network. A Telnet or SSH session is allowed from any device on the 192.168.10.0 into the router with this access list assigned.
Which attack involves threat actors positioning themselves between a source and destination with the intent of transparently monitoring, capturing, and controlling the communication?
Man-In-The-Middle (MITM)
If an asymmetric algorithm uses a public key to encrypt data, what is used to decrypt it?
A private key
Refer to the exhibit. An ACL was configured on R1 with the intention of denying traffic from subnet 172.16.4.0/24 into subnet 172.16.3.0/24. All other traffic into subnet 172.16.3.0/24 should be permitted. This standard ACL was then applied outbound on interface Fa0/0. Which conclusion can be drawn from this configuration?
All traffic will be blocked, not just traffic from the 172.16.4.0/24 subnet.
Refer to the exhibit. A network administrator configures an ACL on the router. Which statement describes the result of the configuration?
An SSH connection is allowed from a workstation with IP 192.168.25.18 to a device with IP 172.16.45.16
What is the term used to describe unethical criminals who compromise computer and network security for personal gain, or for malicious reasons?
Black hat hackers
Which protocol is attacked when a cybercriminal provides an invalid gateway in order to create a man-in-the-middle attack?
DHCP
In which type of attack is falsified information used to redirect users to malicious Internet sites?
DNS cache poisoning
In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services?
Dos or DDos
What is the best description of Trojan horse malware?
It appears as useful software but hides malicious code
What is a feature of an IPS?
It can stop malicious packets
What is the term used to describe a guarantee that the message is not a forgery and does actually come from whom it states?
Origin authentication
Refer to the exhibit. An administrator first configured an extended ACL as shown by the output of the show access-lists command. The administrator then edited this access-list by issuing the commands below. Router(config)# ip access-list extended 101 Router(config-ext-nacl)# no 20 Router(config-ext-nacl)# 5 permit tcp any any eq 22 Router(config-ext-nacl)# 20 deny udp any any Which two conclusions can be drawn from this new configuration?
Ping packets will be permitted, ssh packets will be permitted
What is considered a best practice when configuring ACLs on vty lines?
Place identical restrictions on all VTY lines
Refer to the exhibit. A network administrator wants to permit only host 192.168.1.1 /24 to be able to access the server 192.168.2.1 /24. Which three commands will achieve this using best ACL placement practices?
R2(config-if)# ip access-group 101 in* R2(config)# interface fastethernet 0/0* R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168.2.1*
A network administrator is writing a standard ACL that will deny any traffic from the 172.16.0.0/16 network, but permit all other traffic. Which two commands should be used?
Router(config)# access-list 95 permit any Router(config)# access-list 95 deny 172.16.0.0 0.0.255.255
What does the CLI prompt change to after entering the command ip access-list standard aaa from global configuration mode?
Router(config-std-nacl)#
A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 192.168.15.23 can access the virtual terminal of the main router. Which two configuration commands can achieve the task?
Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0 Router1(config)# access-list 10 permit host 192.168.15.23
In which TCP attack is the cybercriminal attempting to overwhelm a target host with half-open TCP connections?
SYN flood attack
A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?
Social engineering
What is the term used to describe the same pre-shared key or secret key, known by both the sender and receiver to encrypt and decrypt data?
Symmetric encryption algorithm
Refer to the exhibit. A new network policy requires an ACL denying FTP and Telnet access to a Corp file server from all interns. The address of the file server is 172.16.1.15 and all interns are assigned addresses in the 172.18.200.0/24 network. After implementing the ACL, no one in the Corp network can access any of the servers. What is the problem?
The ACL is implicitly denying access to all the servers.
Refer to the exhibit. The named ACL "Managers" already exists on the router. What will happen when the network administrator issues the commands that are shown in the exhibit?
The commands are added at the end of the existing Managers ACL.
Refer to the exhibit. A network administrator has configured ACL 9 as shown. Users on the 172.31.1.0 /24 network cannot forward traffic through router CiscoVille. What is the most likely cause of the traffic failure?
The sequence of the ACEs is incorrect
In what way are zombies used in security attacks?
They are infected machines that carry out a DDos attack
What is the term used to describe a potential danger to a company's assets, data, or network functionality?
Threat
A technician is tasked with using ACLs to secure a router. When would the technician use the established configuration option or command?
To allow returning reply traffic to enter the internal network
A technician is tasked with using ACLs to secure a router. When would the technician use the ip access-group 101 in configuration option or command?
To apply an extended ACL to an interface
A technician is tasked with using ACLs to secure a router. When would the technician use the 40 deny host 192.168.23.8 configuration option or command?
To create an entry in a numbered ACL
A technician is tasked with using ACLs to secure a router. When would the technician use the any configuration option or command?
To identify an IP address
A technician is tasked with using ACLs to secure a router. When would the technician use the host configuration option or command?
To identify one specific IP address
What is a ping sweep?
an information-gathering technique used to identify live hosts by pinging them.
Which requirement of secure communications is ensured by the implementation of MD5 or SHA hash generating algorithms?
integrity