Networking + 10

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

In which type of attack are the cache records manipulated for malicious purposes? [Choose all that apply] DNS Poisoning Ransomware attack Denial of Service attack ARP Spoofing Shoulder Surfing

DNS Poisoning ARP Spoofing

Which type of DoS attack orchestrates an attack bounced off uninfected computers? a. Ransomware b. FTP bounce c. DRDoS attack d. PDoS attack

c. DRDoS attack

How many digits are used in a security PIN? Choose all that apply] 2 4 6 8

4 6

In which of the following forms of attack can security flaws allow unauthorized users to gain access to the system? Deauth attack Back doors On-path attack DNS poisoning

Back doors

Where in a network segment will the DMZ be located? Between the internal and external network On a different segment of the internal network On an external network On the internal network

Between the internal and external network

You are working as a guest lecturer in one of the most prestigious universities of your state. In one of your classes, you want to focus solely on a category of malware that runs automatically without requiring a person to start or stop it. Which of the following categories of malware would be best suited to demonstrate such an example? Bot Virus Worm Trojan horse

Bot

The annual audit is being conducted in the organization where you are working as a network administrator. The internal auditor has requested you to provide him with the details of the assets that have been disposed of in this quarter. Which of the following documents will you provide him? AUP CEED NDA PUA

CEED

Motion detection sensors can perform all tasks except: Send an SMS to someone Call a user Record video Light up the area Raise an alarm Send notification to security control room systems

Call a user

What does the acronym CIA stand for in relation to network security? [Choose all that apply] Clarification Confidentiality Integrity Integration Authorization Availability

Confidentiality Integrity Availability

Which of the following terms identifies the unauthorized access or use of sensitive data? Data breach Vulnerability Exploit Hacking

Data breach

Which type of attack can be conducted to render a network device inaccessible? [Choose all that apply] VLAN Hopping Ransomware attack Shoulder Surfing Denial of Service attack Man-in-the-middle attack

Denial of Service attack Ransomware attack

Which threat actor will have prior knowledge of the network layout to perform a malicious attack? Penetration tester A family member of an employee Sales executive Disgruntled network administrator Receptionist

Disgruntled network administrator

Which type of attack misleads a user to connect to a malicious wireless access point? MAC Spoofing IP Spoofing ARP Spoofing Phishing Evil Twin

Evil Twin

Which type of camera records the entry and exit of each individual through the door? Fixed CCTV IP-based Pan-Tilt-Zoom (PTZ)

Fixed

You have been working as a network security expert for Grem Associates. Grem allows its clients to view their securities investments online. You have recently received an anonymous email that points out a possible data breach and the necessary steps that are required to fix this issue. Who among the following do you think is behind this? CVE White hat hacker Gray hat hacker Black hat hacker

Gray hat hacker

You, as a network analyst, are running scans on a few of your organization's computers. You suspect that few of these computers might be affected by a certain virus because there has been an unexplainable increase in some of the file sizes. You have decided to implement anti-malware software on these devices. Where will you install the software to ensure that there is no compromise on the network's performance? Cloud-based Host-based Network-based Server-based

Host-based

In order to ensure better security measures for the computers used in your organization, you, as a network administrator, have decided to configure the software to remove corporate data from all devices while leaving personal data untouched. Which of the following software will you use in this scenario? Wireshark Meraki Systems Manager LastPass CEED

Meraki Systems Manager

Which of the following is NOT considered a prevention method? Locking racks Employee training Motion detection Mantrap

Motion detection (detection)

Jasmine has been working as the chief accountant for Basil Ltd., which sells basil leaves in Datona. Henry, who is the network administrator, has recently discovered that Jasmine is actually the same person who creates as well as authorizes the vendor account payments. Analyze if any of the following agreements has been violated in this scenario. AUP Anti-malware policy NDA PUA

PUA

In a _________ attack, the user is misled by a caller that he is a network technician gathering personal information from the user. ARP Spoofing Malware Social Engineering Denial of Service attack DNS Poisoning

Social Engineering

In __________________ a malicious user gains physical access to restricted area of the network. Tailgaiting Phishing On-path attack Shoulder surfing

Tailgaiting

Which of the following identifies physical penetration, temperature extremes, input voltage variations, input frequency variations, or certain kinds of radiation? Tamper detection CCTV Asset tags Motion detectors

Tamper detection

Which employee training method uses a Learning Management System (LMS)? Awareness Events Training Videos Demonstrations Classroom Training

Training Videos

Which of the following can be used for multi-factor authentication? [Choose all that apply] Manager's contact details Server room key Username and Password Employee contract Smart Card

Username and Password Smart Card

What is the purpose of Role-based Access Control (RABC)? Users can only access specific devices Users can only access their local device Users can access resources only at a specific time Users only have access to specific resources according to their job role

Users only have access to specific resources according to their job role

An attacker guesses an executive's password ("M@nd@lori@n") to a sensitive database after chatting for a while at a club. What kind of password attack did the hacker use? a. Brute-force attack b. Dictionary attack c. Zero-day attack d. Rainbow table attack

a. Brute-force attack

What type of attack relies on spoofing? a. Deauth attack b. Pen testing c. Tailgating d. Friendly DoS attack

a. Deauth attack

What is the first step in improving network security? a. Identify risks. b. Determine which resources might be harmed. c. Develop plans for responding to threats. d. Document next steps.

a. Identify risks.

What kind of software can be used to secure employee-owned devices? a. MDM b. NDA c. BYOD d. PUA

a. MDM

Which of the following attack simulations detect vulnerabilities and attempt to exploit them? Choose two. a. Pen testing b. Red team-blue team exercise c. Security audit d. Vulnerability assessment

a. Pen testing b. Red team-blue team exercise

A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers to collect information from people who make the same typo. What kind of attack is this? a. Phishing b. Quid pro quo c. Baiting d. Tailgating

a. Phishing

Which of the following social engineering attack types most likely requires that the attacker have existing knowledge about the victim? a. Phishing b. Piggybacking c. Tailgating d. Shoulder surfing

a. Phishing

Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct to develop your recommendations for the upgrade priorities? a. Posture assessment b. Data breach c. Exploit d. Security audit

a. Posture assessment

Which team might ask a user for a password? a. Red team b. Blue team

a. Red team

Which physical security device works through wireless transmission? a. Cipher lock b. Badge reader c. Biometrics d. Access control vestibule

b. Badge reader

You're playing a game on your Xbox when you suddenly get bumped off your Wi-Fi network. You reconnect and start playing, then get bumped off again. What type of attack is most likely the cause? a. On-path attack b. FTP bounce c. Deauth attack d. DDoS

c. Deauth attack

You sent a coworker a .exe file to install an app on their computer. What information should you send your coworker so they can ensure the file has not been tampered with in transit? a. Hash of the encryption key b. Private encryption key c. Hash of the file d. Public encryption key

c. Hash of the file

A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this? a. Vulnerability b. Principle of least privilege c. Insider threat d. Denial of service

c. Insider threat

Which of the following is considered a secure protocol? a. Telnet b. FTP c. SSH d. HTTP

c. SSH

Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this? a. Virus b. Worm c. Ransomware d. Logic bomb

d. Logic bomb

The ability to insert code into a database field labeled "Name" is an example of a(n) _________. a. breach b. exploit c. attack d. vulnerability

d. vulnerability

Which of the following is the most secure password? a. 09181973 b. p@$$w0rd c. $t@rw@r$ d. yellowMonthMagneficant

d. yellowMonthMagneficant

Which assessment type would most likely discover a security risk related to employee onboarding? a. Vendor risk assessment b. Posture assessment c. Process assessment d. Threat assessment

c. Process assessment

John is working as a network administrator for PW Group. One of his primary duties requires him to change the password for the managing director's PC so that there is minimal option of a data breach. Analyze and suggest which of the following passwords would you recommend John to use this time. monoLithGamous592 password1111 qwertyyyyyy party

monoLithGamous592

A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project's team members. What type of document should they use? a. AUP b. MDM c. BYOD d. NDA

d. NDA

You need to securely store handheld radios for your network technicians to take with them when they're troubleshooting problems around your campus network. What's the best way to store these radios so all your techs can get to them and so you can track who has the radios? a. Locking cabinet b. Smart locker c. Access control vestibule d. Locking rack

b. Smart locker

The following ports were listed as open during a recent port scan. Which one is no longer used except by legacy software and should be closed? a. 53 b. 22 c. 443 d. 139

d. 139 netbios


Kaugnay na mga set ng pag-aaral

Quiz 1 Assessment and Care of Patients with Pain med/surg

View Set

Ch. #8 Memory and Information Processing

View Set

EMT Chapter 6 JBL Vocab/Quiz Questions

View Set

Do I Know This Already Chapter 3

View Set