Network Authentic Security
In the video that describes the anatomy of an attack, a threat actor was able to gain access through a network device, download data, and destroy it. Which flaw allowed the threat actor to do this? Lack of a strong password policy. Open ports on the firewall. Improper physical security. A flat network with no subnets or VLANs. A round network with a lot of VLANs.
A flat network with no subnets or VLANs.
What is an example of a local exploit? A threat actor performs a brute force attack on an enterprise edge router to gain illegal access. A buffer overflow attack is launched against an online shopping website and causes a server crash. Port scanning is used to determine if the Telnet service is running. The threat actor is within a 5 kilometer radius of the target. A threat actor tries to gain the user password of a remote host by using a keyboard capture installed by a Trojan.
A threat actor tries to gain the user password of a remote host by using a keyboard capture installed by a Trojan.
What is the primary means for mitigating virus and Trojan horse attacks? Antivirus Software. Encryption. Blocking ICMP echo and echo replies. Antisniffer Software.
Antivirus Software.
With the evolution of borderless networks, which vegetable is now used to describe a defense-in-depth approach? Security Onion. Cabbage. Artichoke. Carrots. Mushrooms.
Artichoke
How does BYOD change the way in which businesses implement networks? BYOD users are responsible for their own network security, thus reducing the need for organizational security policies. BYOD devices are more expensive than devices purchased by the organizations. BYOD devices changed nohting. BYOD devices provide flexibility in where and how users can access network resources. BYOD users are better at securing their devices than the IT Department.
BYOD provides flexibility in where and how users can access network resources.
Which two statements describe access attacks? (Choose two.) Port rediretction attacks use a network adapter card in promiscuous mode to capture all network packets that are being sent across a LAN. To detect listening services, port scanning attacks scan a range of TCP or UDP port numbers on a host. Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or to exploit systems to execute malicious code. Password attacks can be implemented by the use of brute-force attack methods, Trojan horses, or packet sniffers. Trust exploitation attacks often involve the use of a laptop to act as a rogue access point to capture and copy all network traffic in a public location, such as a wireless hotspot.
Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or to exploit systems to execute malicious code. Password attacks can be implemented by the use of brute-force attack methods, Trojan horses, or packet sniffers.
A security intern is reviewing the corporate network topology diagrams before participating in a security review. Which network topology would commonly have a large number of wired desktop computers? CAN LAN SOHO Cloud Virtualization
CAN
Refer to the exhibit. An IT security manager is planning security updates on this particular network. Which type of network is displayed in the exhibit and is being considered for updates? WAN. CAN. SOHO. VPN. Data Center.
CAN.
Which security measure is typically found both inside and outside a data center facility? Continuous video surveillance Security Traps Biometric access Exit sensors Gate
Continuous video surveillance
Which type of network commonly makes use of redundant air conditioning and a security trap? Data center. CAN. WAN. Cloud. SOHO.
Data center.
When considering network security, what is the most valuable asset of an organization? Personnell. Customers. Data. Financial Resources. You must be 21 years or older to answer this question
Data.
In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services? MITM DoS Address Spoofing Session Hijacking Hyperjacking
DoS
Which statement accurately characterizes the evolution of threats to network security? Threats have become less sophisticated while technical knowledge needed by an attacker has grown. Internet architects planned for network security from the beginning. Internal threats can cause even greater damage than external threats. Early internet users users often engaged in activities that would harm others.
Internal threats can cause even greater damage than external threats.
Which statement describes the term attack surface? It is the total sum of vulnerabilities in a system that is accessible to an attacker It is the total number of attacks toward an organization within a day. it is the group of hosts that expereiences the same attack. It is the interface where the attacks originate. The interface on the gateway router upon which the attack enters.
It is the total sum of vulnerabilities in a system that is accessible to an attacker
What security tool allows a threat actor to hack into a wireless network and detect security vulnerabilities? SuperScan. KisMac. Click fuzzers. Nmap. Open VAS. Wire Shark.
KisMac
Which technology is used to secure, monitor, and manage mobile devices? PC Anywhere. Rootkit. ASA Firewall. VPN. MDM.
MDM.
What functional area of the Cisco Network Foundation Protection framework uses protocols such as Telnet and SSH to manage network devices? Management plane. Control plane. Data plane. Fowarding plane.
Management plane
What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source? Vishing Trojan Backdooring Phreaking Cat Phishing Phishing
Phishing
Which evasion method describes the situation that after gaining access to the administrator password on a compromised host, a threat actor is attempting to login to another host using the same credentials? Spinning Pivoting Traffic Substitution Protocol-level misinterpretation Duck and cover
Pivoting
Which risk management plan involves discontinuing an activity that creates a risk? Risk Mitigation Risk Avoidance Risk Reduction Risk Sharing Risk Retention
Risk Avoidance
What name is given to an amateur hacker? Scriptie Red Hat Blue Team Script Kiddie Kid Script
Script Kiddie
A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent? Social Engineering DDoS SAAS Anonymous key logging SPAM
Social Engineering
What threat intelligence group provides blogs and podcasts to help network security professionals remain effective and up-to-date? Mitre FireEye CybOX Talos
Talos
In what way are zombies used in security attacks? They probe a group of machine for open ports to learn which services are running. They are malicioulsy formed code segments used to replace legitimate applications. They are infected machines that carry out a DDoS attack. They target specific individuals to gain corporate information. They target specific individuals to gain personal information.
They are infected machines that carry out a DDoS attack.
What worm mitigation phase involves actively disinfecting infected systems? Innoculation. Containment. Treatment. Quarantine. De-worming.
Treatment
Which security technology is commonly used by a teleworker when accessing resources on the main corporate office network? IPS VPN SecureX Biometric
VPN
What method can be used to mitigate ping sweeps? Blocking ICMP echo and echo-replies at the network edge. Installing antivirus software on hosts. Deploying antisniffer software on hosts. It uses the enable password for authentication. Blocking ICMP echo and echo-replies in the middle of the network.
blocking ICMP echo and echo-replies at the network edge
Which resource is affected due to weak security settings for a device owned by the company, but housed in another location? Removable media. Hard copy. Social networking. SSD Drive. Cloud Storage Device.
cloud storage device
Which section of a security policy is used to specify that only authorized individuals should have access to enterprise data? Statement of Authority. Acceptable use policy. Identification and authentication policy. Statement of Scope. Internet access policy.
identification and authentication policy
What three items are components of the CIA triad? (Choose three.) NSA, DHS and FBI. Confidentiality. Availability. Integrity. Scalbility. Intevention. Access.
integrity availability confidentiality
Which security implementation will provide control plane protection for a network device? There is no ability to secure the control plane. Routing Protocol Authentication. Encryption for remote access connection. NTP for consistent timestamps on logging messages. AAA for authenticating management access. AAA provides free road-side assitance.
routing protocol authentication
What is hyperjacking? taking over a virtual machine hypervisor as part of a data center attack overclocking the mesh network which connects the data center servers adding outdated security software to a virtual machine to gain access to a data center server using processors from multiple computers to increase data processing power
taking over a virtual machine hypervisor as part of a data center attack
Why would a rootkit be used by a hacker? to do reconnaissance to try to guess a password to gain access to a device without being detected to reverse engineer binary files to root an Android device
to gain access to a device without being detected
What is the primary function of SANS? To maintain the Internet Storm Center. To maintain the Weather Channel To foster cooperation and coordinationin information sharing, incident prevention and rapid reaction. To provide vendor neutral education products and career services. To maintain the list of common vulnerabilities.
to maintain the Internet Storm Center
Which two characteristics describe a worm? (Choose two.) executes when software is run on a computer infects computers by attaching software code travels to new computers without any intervention or knowledge of the user hides in a dormant state until needed by an attacker is self-replicating despite being hermaphroditic, it needs a partner to reproduce
travels to new computers without any intervention or knowledge of the user is self-replicating