1.2 Network Security Based
A company has several public conference room areas with exposed network outlets. In the past, unauthorized visitors and vendors have used the outlets for internet access. The help desk manager does not want the outlets to be disabled due to the number of training sessions in the conference room and the amount of time it takes to get the ports either patched in or enabled. Which of the following is the best option for meeting this goal?
802.1x
A company requires that all wireless communication be compliant with the Advanced encryption standard. The current wireless infrastructure implements WEP + TKIP. Which of the following wireless protocols should be implemented?
802.1x
While configuring a new access layer switch, the administrator, Joe, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens?
802.1x
Unified Threat Management
A Unified Threat Management device combines multiple security controls into a single device.
Which of the following would be used to allow a subset of traffic from a wireless network to an internal network?
A. Access control list B. 802.1X C. Port security D. Load balancers B
A system administrator is implementing a firewall ACL to block specific communication to and from a predefined list of IP addresses, while allowing all other communication. Which of the following rules is necessary to support this implementation?
A. Implicit allow as the last rule B. Implicit allow as the first rule C. Implicit deny as the first rule D. Implicit deny as the last rule C
Given the following set of firewall rules: From the inside to outside allow source any destination any port any From inside to dmz allow source any destination any port tcp-80 From inside to dmz allow source any destination any port tcp-443 Which of the following would prevent FTP traffic from reaching a server in the DMZ from the inside network?
A. Implicit deny B. Policy routing C. Port forwarding D. Forwarding proxy A
Network separation is used primarily to
A. Maximize performance B. Limit the required number of SPAN ports C. Separate networks for security reasons D. Facilitate logging of suspicious traffic C
A security administrator suspects that data on a server has been exhilarated as a result of un-authorized remote access. Which of the following would assist the administrator in confirming the suspicions? (Select TWO)
A. Networking access control B. DLP alerts C. Log analysis D. File integrity monitoring E. Host firewall rules B,C
A network was down for several hours due to a contractor entering the premises and plugging both ends of a network cable into adjacent network jacks. Which of the following would have prevented the network outage? (Select Two)
A. Port security B. Loop Protection C. Implicit deny D. Log analysis E. Mac Filtering F. Flood Guards A, F
A consultant has been tasked to assess a client's network. The client reports frequent network outages. Upon viewing the spanning tree configuration, the consultant notices that an old and law performing edge switch on the network has been elected to be the root bridge. Which of the following explains this scenario?
A. The switch also serves as the DHCP server B. The switch has the lowest MAC address C. The switch has spanning tree loop protection enabled D. The switch has the fastest uplink port C
An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to integrate the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal?
A. Unified Threat Management B. Virtual Private Network C. Single sign on D. Role-based management A
Which of the following firewall rules only denies DNS zone transfers?
A. deny udp any any port 53 B. deny ip any any C. deny tcp any any port 53 D. deny all dns packets Answer: C
XYZ Company has a database containing personally identifiable information for all its customers. Which of the following options would BEST ensure employees are only viewing information associated to the customers they support?
ACL
One of the programmers in your organization complains that he can no longer transfer files to the FTP server. You check the network firewall and see that the proper FTP ports are open. What should you check next?
Access Control List
Loop Protection
Consists of enabling STP (spanning tree protocol) on the network switches.
An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?
Create three VLANs on the switch connected to a route
A network technician at a company, Joe is working on a network device. He creates a rule to prevent users from connecting to a toy website during the holiday shopping season. This website is blacklisted and is known to have SQL injections and malware. Which of the following has been implemented?
Implicit Deny
Flood Guards
It is a protection feature built into many firewalls that allow the administrator to tweak the tolerance for unanswered login attacks. It tracks network traffic to identify scenarios that will overwhelm our network through conditions such as SYN, ping, port floods, etc
VLAN Management
It is the use of VLANs to control traffic for security or performance reasons. It is the process of managing VLANs in network switches. Switches (and therefore VLANs) work in Layer 2 of the OSI model.
While performing surveillance activities, an attacker determines that an organization is using 802.1X to secure LAN access. Which of the following attack mechanisms can the attacker utilize to bypass the identified network security?
MAC Spoofing
The Chief Information Security Officer (CISO) is concerned that users could bring their personal laptops to work and plug them directly into the network port under their desk. Which of the following should be configured on the network switch to prevent this from happening?
Port Security
A system administrator needs to implement 802.1x whereby when a user logs into the network, the authentication server communicates to the network switch and assigns the user to the proper VLAN. Which of the following protocols should be used?
RADIUS
Joe noticed that there is a larger than normal account of network on the printer VLAN of his organization, causing users to have to wait a long time for a print job. Upon investigation Joe discovers that printers were ordered and added to the network without his knowledge. Which of the following will reduce the risk of this occurring again in the future?
Rule Based Management
Joe a technician initiated scans if the company's 10 routers and discovered that half if the routers were not changed from their default configuration prior installed on the network. Which of the following would address this?
Secure router configuration
Rule Based Management
This type of security management uses rule sets to define the scope of what kind of activities should be allowed on a network. If the requested activity fails to match the pre-defined rules for the network it is implicitly denied. This entails that the last rule in the set should default to a deny action or decision.
Your organization wants to combine some of the security controls used on the network. What could your organization implement to meet this goal?
UTM
A review of the company's network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose?
UTM (Unified Threat Management)
An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used?
VLANs
Pete, a security administrator, is informed that people from the HR department should not have access to the accounting department's server, and the accounting department should not have access to the HR department's server. The network is separated by switches. Which of the following is designed to keep the HR department users from accessing the accounting department's server and vice-versa?
VLANs
802.1x
is a port based authentication protocol and it provides much stronger port security ensuring that only authorized clients can connect to a network.