Network Pro Part 2 +++++++++++++++++++++
Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver?
-1.2 dB
Which of the following is included in an operations penetration test? (select three)
1. Looking through discarded papers or media for sensitive information 2.Eavesdropping or obtaining sensitive information from items that are not properly stored 3.Acting as an imposter with the intent to gain access or information
Match each decimal value on the left with the corresponding hexadecimal value on the right. Not all decimal values have a corresponding hexadecimal value.
11 >> 17 B >> 11 D >> 13 F >> 15 C >> 12 10 >> 16 Hexadecimal is a Base 16 numbering system, which means there are 16 different characters possible for each number place. These characters go from 0 to 9, as decimal does; however, hexadecimal uses the letter A to represent the decimal number 10, B represents 11, and so on up to F, which represents 15.
You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5?
3
Which IEEE standard describes wireless communication?
802.11b
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?
802.11n
You connect your computer to a wireless network available at the local library. You find that you can access all web sites you want on the Internet except two. What might be causing the problem?
A proxy server is blocking access to the web sites
Which of the following information are you likely to find in a policy document?
A requirement for using encrypted communication for Web transactions.
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL
Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer.
ARP Poisoning
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to a wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?
Active fingerprinting
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the Internet. The ISP's cable modem has only one RJ45 port. You need to set up the network with the following in mind: • Spend as little money as possible. • Do not purchase unnecessary equipment. • Computers need to have a gigabit connection to the network. • New devices should not require management or configuration. You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs. What should you purchase?
An unmanaged switch and CAT5e cabling.
Which of the following firewall types can be a proxy between servers and clients?(Select two)
Application layer firewall AND Circuit proxy filtering firewall
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application level
Which of the following activities are typically associated with penetration testing? (select two)
Attempting social engineering Running a port scanner
Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all.
BPO >> Creates an agreement with a vendor to provide services on an ongoing basis BPO >> Specifies a preset discounted pricing structure SLA >> Specifies exactly which services will be performed by each party SLA >> Defines how disputes will be managed MOU >> Provides a summary of which party is responsible for performing specific tasks ISA >> Documents how the networks will be connected
You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?
Baseline.
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?
Baseline.
Which of the following functions are performed by proxies?(Select two)
Block employees from accessing certain Web sites AND Cache web pages
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?
Chain of custody
You are troubleshooting a workstation to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?
Change documentation.
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
Change management
You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from accessing the access point (AP) configuration utility?
Change the administrative password on the AP.
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?
Clustering
Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present?
Cold Site
When you run the show interfaces command on switch1, you observe a significant number of runts on the Gi0/1 interface. What does this statistic indicate?
Collisions are occurring.
You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?
Configuration documentation.
You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. To do this, you need to configure a RADIUS Server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is part of the complete solution)
Configure the RADIUS server with a server certificate and Configure all wireless access points with client certificates.
You manage a website for your company. The Web site uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
Connect one server through a different ISP to the Internet
What is the basic purpose of the OSI Physical layer?
Coordinates rules for transmitting bits.
You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?
Decrease the beacon interval.
Which of the following information are you likely to find in a procedure document?
Details on how to test and deploy patches.
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?
Disable SSID broadcast
You manage the website for your company. The WEB1 server hosts the website. This server has the following configuration...Which component is a single point of failure for the website?
Disk controller
You manage the website for your company. The Web1 server hosts the website. This server has the following configuration: • Dual core processor • Dual power supplies • RAID 5 volume • One RAID controller • Two 1000 Mbps network adapters Which component is a single point of failure for the website?
Disk controller Single point of failure means the failure in one component will cause the entire website to be unavailable.
You have just started a new job as a network team leader for a small company. You are responsible for overseeing the work of Help Desk technicians, as well as doing your own share of the administrative work. To improve the safety of your organization, you decide to assemble Material Safety Data Sheets (MSDS) for all chemicals used in your organization. How should you get them?
Download them from the chemical manufacturers' websites.
Which remote access authentication protocol allows for the use of smart cards for authentication?
EAP
Which implementation is most secure?
EAP-TLS
You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. You notice a significant number of CRC errors displayed. What are the most likely causes? (Select two. Either response is a complete solution.)
EMI or cross-talk on the cable connected to the interface Collisions
Which of the following are characteristics of a circuit-level gateway?(Select two)
Filters based on sessions AND Stateful
Which of the following identifies an operating system or network service based upon it response to ICMP messages?
Fingerprinting
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
Firewall
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run through the suspended tile ceiling of the data center. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit. There are problems with this plan. What should you do?
Hire an electrician to install a wall outlet near the new rack.
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-bases attacks. What solution should you use?
Host based firewall
You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose?
Hot site
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP address
Arrange the steps in the Change and Configuration Management process on the left in the correct order in which they should be completed on the right.
Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.
Match each network enumeration technique on the left with its corresponding description on the fish.
Identifying phone number with modems War dialing Scanning for wireless access points Wardriving Identifying operating system type and version number Banner grabbing Identifying services that can pass through a firewall Firewalking
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for guests. The owner has asked that you implement security controls such that only paying guests are allowed to use the wireless network. She wants guests to be presesnted with a loging page when they initially connect to the WLAN. After entering a code provided at check in, guests should then be allowed full access to the Internet. If a user does not provide the correct code, they should not be allowed access to the internet. What should you do?
Implement a captive portal
You need to place a wireless access point in your two story building. While trying to avoid interference, which of the following is the best location for the access point?
In the top floor
You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem. Which of the following is the most likely cause of the problem?
Incorrect VLAN assignment
You have decided to perform a double blind penetration test. Which of the following actions would you perform first?
Inform senior management
When should a hardware device be replaced in order to minimize downtime?
Just before it's MTBF is reached
The Data Link Layer of the OSI model is comprised of two sublayers. What are they? (Select two.)
LLC MAC • Logical Link Control (LLC) Sublayer: Provides the operating system link to the device driver. • Media Access Control (MAC) Sublayer: Translates generic network requests into device-specific terms.
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that the Web site will continue to be available if a NIC, hard drive, or other problem prevents the server from responding. Which solution should you implement?
Load balancing
You are designing a wireless network implementation for a small business. the business deals with sensitive customer information, so data emanation must be reduces as much as possible. The floor plan of the office is shown below. Match each type of access point antenna with the appropriate location on the floorplan.
Location = type A= Directional B= Directional C=Omnidirectional D= Directional E= Directional F= Directional G= Directional
Which of the following do switches and wireless access points use to control access through the device?
MAC Filtering
Which of the following features on a wireless network allows or rejects client connections based on the hardware address?
MAC address filtering
What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell?
Near a window
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
Network diagram.
You are adding a new rack to your data center, which will house five new blade servers. The new servers will be installed in a cluster that will host a customer tracking database. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to connect each new server to the switch in the existing rack using straight-through UTP cables that will be run along the floor around the perimeter of the data center. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
No, you should run the cable around the perimeter of the room in a cable tray.
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
On a RADIUS Server
Which of the following are true of a circuit proxy filter firewall?(Select two)
Operates at the Session Layer AND Verifies sequencing of session packets
Which of the following is a firewall function?
Packet filtering
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?
Passive fingerprinting
Which of the following uses hacking techniques to proactively discover internal vulnerabilities?
Penetration testing
A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with the law. Which document type would you update first in response to this new law?
Policy.
Which of the following drive configurations is fault tolerant?
RAID 5
What is the advantage of RAID 5 over RAID 1?
RAID 5 improves performance over RAID 1
Which form of alternate site is the cheapest but may not allow an organization to recover before reaching their maximum tolerable downtime?
Reciprocal agreement
Which phase or step of security assessment is a passive activity
Reconnaissance
Which of the following terms describes the actual time required to successfully recover operations in the event of an incident?
Recovery Time Objective (RTO)
What is the primary security feature that can be designed into a network's infrastructure to protect and support availability?
Redundancy
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
Regulation
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
Regulation.
You have a Windows Server 2012 system that you want to use as a DHCP Relay Agent. Which Windows Server 2012 service would you sue to do this?
Routing and Remote Access
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.
Source address of a packet, Destination address of a packet, AND Port Number
Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?
Spam
You are configuring the DHCP Relay Agent role service on a Windows server. Which of the following is a required step for the configuration?
Specify which server network interface the agent listens on for DHCP messages.
Which of the following are characteristics of a packet filtering firewall?(Select two)
Stateless AND Filters IP address and port
What is the primary purpose of penetration testing?
Test the effectiveness of your security perimeter
You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. You've decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the neccessary Cisco client software on each RADIUS client. Which of the following is true concerning this implementation?
The system is vulnerable because LEAP is susceptible to dictionary attacks.
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?
There is an IP address misconfiguration issue between the WAN interfaces on both ends of the link.
What purpose does a wireless site survey serve? (Choose two)
To identify existing or potential sources of interference. To identify the coverage area and preferred placement of access points.
Match each Wi-Fi jamming attack on the left with its corresponding description on the right.
Transmits radio signals at random amplitudes and frequencies ===> Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies ===> Random pulse jamming Repeatedly transmits high-intensity, short-duration RF bursts at a rapid pace ===> Spark jamming
What is the main difference between vulnerability scanning and penetration testing?
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing?
WPA2 and AES
Daily backups are done at the ABD company location and only a weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using?
Warm Site
You manage a website for your company. The Web site uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?
Website storage
How do switches and bridges learn where devices are located on a network?
When a frame enters a port, the source MAC address is copied from the frame header.
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.
White box test The tester has detailed information about the target system prior to starting the test. Grey Box test The tester has the same about of information that would be available to a typical insider in the organization. Black box test The tester has no prior knowledge of the target system. Single blind test Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
Wiring schematic.
Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?
Wiring schematic.
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
Wiring schematic.
You are troubleshooting the connection of a computer in an office to punchdown block in the distribution closet. Which document would you consult to identify the termination of the cable on the punchdown block based on the wall jack location in the office?
Wiring schematic.
Which of the following benefits apply only to creating VLANs with switches and not to segmenting the network with regular switches?
You can create multiple broadcast domains.
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?
Zero knowledge team
Consider the following output. ;; res options: init recurs defnam dnsrch ;;got answer: ;;->>HEADER<<-opcode:QUERY, status; NOERROR,id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER: default -- 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd: 103 Which of the following utilities produced this output?
dig