Chapter 11,12,13, 14

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

You maintain the network for an industrial manufacturing company. A short-circuit of a switch in the server room starts an electrical fire. Which of the following should you use to suppress the fire?

Halon or CO2

In business continuity planning, what is the primary focus of the scope?

Business processes

What is the definition of bandwidth?

The amount of data that can be transferred from one place to another in a specific amount of time.

Which of the following could be to blame if your computer is regularly crashing or restarting?

The processor is too hot.

What is the definition of latency?

The speed at which data packets travel from source to destination and back.

Why should you store backup media off site?

To prevent the same disaster from affecting both the network and the backup media

When an event occurs, the agent logs details regarding the event. What is this event called?

Trap

Which of the following remote protocols was originally designed for UNIX?

VNC

Which of the following is an example of an internal threat?

A user accidentally deletes the new product designs.

A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses Nmap to probe various network hosts to see which operating system they are running. Which process did the administrator use for the penetration test in this scenario?

Active fingerprinting

Where can you check your CPU's temperature?

BIOS

You want to make sure that the correct ports on a firewall are open or closed. Which document should you check?

Baseline configurations

Which deviation in power is the longest?

Blackout

Which of the following is the term for when a system is unable to keep up with the demands placed on it?

Bottleneck

You are using a protocol analyzer to capture network traffic. You want to only capture the frames coming from a specific IP address. Which of the following can you use to simplify this process?

Capture filters

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before you implement that device?

Change Management

What does SNMP use to identify a group of devices under the same administrative control?

Community strings

You suspect that cache poisoning or spoofing has occurred on your network. Users are complaining of strange web results and being redirected to undesirable sites. Which log would help you determine what's going on?

DNS logs

Which backup strategy backs up only files that have the archive bit set and does not mark them?

Differential

Which of the following conditions can low humidity result in?

Electrostatic discharge

Which of the following provides a layout of all electrical, plumbing, HVAC, and networking wiring and components?

Floor plan

Your network uses the following backup strategy. You create: Full backups every Sunday night. Incremental backups Monday night through Saturday night. On a Thursday morning, the storage system fails. How many restore operations would you need to perform to recover all of the data?

Four

Which backup strategy backs up all files from a computer's file system (regardless of whether the file's archive bit is set or not) and then marks them as backed up?

Full

Which of the following does an agent send to the manager to confirm the receipt of a transmission?

Inform

Which Syslog level indicates an emergency that could severely impact the system and cause it to become unusable?

Level 0

Which Syslog severity level indicates a debugging message?

Level 7

Which of the following devices accepts incoming client requests and distributes those requests to specific servers?

Load balancer

Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless antivirus software and the latest operating system patches have been installed. Which solution should you use?

NAC

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through UTP cable that will run across the floor of the data center. To protect equipmen

No, you should not run a cable across the data center floor.

Your network performs a full backup every night. Each Sunday, the previous night's backup tape is archived. On a Wednesday morning, the storage system fails. How many restore operations would you need to perform to recover all of the data?

One

Which of the following are backed up during an incremental backup?

Only files that have changed since the last full or incremental backup.

You want to know which protocols are being used on your network. You'd like to monitor network traffic and sort traffic by protocol. Which tool should you use?

Packet sniffer

What is the purpose of using Ethernet bonding? (Select two.)

Provides a failover solution for network adapters

When analyzing assets, which analysis method assigns financial values to assets?

Quantitative

You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer that's connected to a computer at home. Which protocol should you use?

RDP

In addition to performing regular backups, what must you do to protect your system from data loss?

Regularly test restoration procedures.

Which of the following is a tool that allows access to the graphical desktop environment of another Windows client system over a network connection?

Remote Desktop

Telnet is inherently unsecure because its communication is in plaintext and is easily intercepted. Which of the following is an acceptable alternative to Telnet?

SSH

Which of the following is a protocol used for terminal emulation?

SSH

Which of the following protocols can you use to securely manage a network device from a remote connection?

SSH

Which protocol does HTTPS use to offer greater security for web transactions?

SSL

You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations, including airports, hotels, and public access points (like coffee shops and libraries). As such, you won't be able to configure the firewalls that might be controlling access to the internet in these locations. Which of the following protocols is MOST likely to be allowed through the widest number of firewalls?

SSL

Over the past few days, a server has gone offline and rebooted automatically several times. You would like to see a record of when each of these restarts occurred. Which log type should you check?

System

Which of the following protocols are often added to other protocols to provide secure data transmission? (Select two.)

TLS SSL

You are concerned that an attacker can gain access to your web server, make modifications to the system, and alter the log files to hide his or her actions. Which of the following actions would BEST protect the log files?

Use Syslog to send log entries to another server.

You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card for access. You backed up the router configuration to a remote location with an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with the username admin and the password admin. You used the MD5 hashing algorithm to protect the password. What else should you do to

Use an SSH client to access the router configuration. Change the default administrative username and password.

Which log file type is one of the most tedious to parse but can tell you exactly when a user logged onto your site and what their location was?

Web server logs

Which of the following is true about a community string?

A community string identifies devices under the same administrative control.

Which of the following is true about processor performance?

A healthy system's CPU utilization should average around 40%.

Which of the following pieces of information are you MOST likely to find in a policy document?

A requirement for using encrypted communications for web transactions

Which of the following describe a system image backup?

A system image contains everything on the system volume, including the operating system, installed programs, drivers, and user data files.

Which of the following defines an Acceptable Use Agreement?

An agreement that identifies the employees' rights to use company property, such as internet access and computer equipment, for personal use.

Which of the following BEST describes an inside attacker?

An unintentional threat actor (the most common threat).

Some users report that frequent system crashes have started happening on their workstations. Upon further investigation, you notice that these users all have received a recent update to the same application. Where would you go to conduct a root cause analysis?

Application log

Which SIEM component is responsible for gathering all event logs from configured devices and securely sending them to the SIEM system?

Collectors

You manage your company's website, which uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage and a single connection to your ISP. You want to provide redundancy so that a failure on a single component doesn't cause the website to become unavailable. What should you add to your configuration to accomplish this?

Connect one server to the internet through a different ISP.

A security administrator logs on to a Windows server on her organization's network. Then she runs a vulnerability scan on that server. Which type of scan did she conduct in this scenario?

Credentialed scan

Which of the following information are you MOST likely to find in a procedure document?

Details on how to test and deploy patches

Which of the following is a best practice when establishing a baseline?

Determine baselines over time by analyzing network traffic.

You suspect that a bad video driver is causing a user's system to randomly crash and reboot. Where would you go to identify and confirm your suspicions?

Dump files

Which of the following is the term for a calculation of how often bits are damaged in transit due to electromagnetic interference?

Error rate

You are the desktop administrator for your company. You would like to manage the computers remotely using a tool with a graphical user interface (GUI). Which of the following actions can you take to accomplish this?

Establish a Remote Desktop connection to each computer.

A web server on your network hosts your company's public website. You want to make sure that a NIC failure on the server does not prevent the website from being accessible on the internet. Which solution should you implement?

Ethernet bonding

Which of the following intrusion detection and prevention systems uses fake resources to entice intruders by displaying a vulnerability, configuration flaw, or valuable data?

Honeypot

Most equipment is cooled by bringing cold air in the front and ducting the heat out the back. What is the term for where heat is sent?

Hot aisle

You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think that you've resolved the problem, but you'd like to be able to manage the server remotely just in case more issues occur. Which of the following protocols should you use for remote management? (Select two.)

ICA VNC

You have been using SNMP on your network for monitoring and management, but you're concerned about the security of this configuration. What should you do to increase security in this situation?

Implement version 3 of SNMP

You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. The solar panel array captures sunlight, converts it into direct current (DC), and stores it in large batteries. The power supplies on the servers, switches, and routers in your data center require alternating current (AC) to operate. Which electrical device should you implement to convert the DC power sto

Inverter

When packets arrive at their destination at different speeds, they sometimes arrive out of order. What does this cause?

Jitter

Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.

Known test The tester has detailed information about the target system prior to starting the test. Partially known test The tester has the same amount of information that would be available to a typical insider in the organization. Unknown test The tester has no prior knowledge of the target system. Single-blind test Either the attacker has prior knowledge about the target system or the administrator knows that the test is being performed. Double-blind test The tester does not have prior information about the system, and the administrator has no knowledge that the test is being performed.

What is the name of the computer that queries agents and gathers responses by sending messages?

Manager

Which of the following provides information on the subnets within your network, including the subnet addresses and the routers connecting each subnet?

Network diagram

Which of the following is a contract in which both parties agree not to share proprietary or confidential information gathered during the business relationship?

Non-Disclosure Agreement

Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environmental monitoring device within the rack. Currently, the device shows that the temperature within the rack is 70 degrees Fahrenheit (21 degrees Celsius). What should you do?

Nothing, the temperature within the rack is within acceptable limits.

Creating fake resources such as honeypots, honeynets, and tarpits fulfills which of the following main intrusion detection and prevention goals? (Select two.)

Offers attackers a target that occupies their time and attention while distracting them from valid resources.

Which of the following are backed up during a differential backup?

Only files that have changed since the last full backup.

Your disaster recovery plan (DRP) calls for backup media to be stored at a different location. The location is a safe deposit box at the local bank. Because of this, the disaster recovery plan specifies that you must choose a method that uses the least amount of backup media but also allows you to quickly back up and restore files. Which backup strategy would BEST meet the DRP's specifications?

Perform a full backup once per week and a differential backup the other days of the week.

Which of the following Security Orchestration, Automation, and Response (SOAR) system components helps to document the processes and procedures that are to be used by a human during a manual intervention?

Playbook

Which port does Remote Desktop use?

Port 3389

You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device that's connected to a hub with three other computers. The hub is connected to a switch that's connected to the router. When you run the software, you see frames addressed to the four workstations but not to the router. Which feature should you configure on the switch?

Port mirroring

You want to make sure that a set of servers only accepts traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers do not accept packets sent to those services. Which tool should you use?

Port scanner

A network utilizes a network access control (NAC) solution to defend against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?

Posture assessment

You want to identify the traffic that is generated and sent through a network by a specific application on a device. Which tool should you use?

Protocol analyzer

Which of the following is a role service that allows users with the Remote Desktop Connection client and an internet connection to connect on an internal network.

RD Gateway

Which of the following protocols or services would you associate with Windows Remote Desktop network traffic?

RDP

Of the following restoration processes, which would result in the fastest restoration of all data if a system failure occurred on Friday?

Restore the full backup from Sunday and the last differential backup.

Because of an unexplained slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze the data from a central network host. Which protocol will the software use to detect the problem?

SNMP

Which protocol uses traps to send notifications from network devices?

SNMP

Which of the following improvements to SNMP are included in version 3? (Select two.)

SNMP message encryption Agent and manager authentication

Which of the following is the least effective power loss protection for computer systems?

Surge protector

Which of the following is a standard for sending log messages to a central logging server?

Syslog

Your network uses the following backup strategy. You create: Full backups every Sunday night. Differential backups Monday night through Saturday night. On Thursday morning, the storage system fails. How many restore operations would you need to perform to recover all of the data?

Two

Which of the following ensures that power is supplied to a server or device during short power outages?

Uninterruptible power supply

Your computer seems to be running slowly. In particular, you notice that the hard drive activity light remains lit when you run multiple applications and switch between open windows. This happens even though you aren't saving large files. What should you do to troubleshoot the problem?

Use Resource Monitor to monitor memory utilization.

You are the network administrator for a growing business. When you were hired, the organization was small, and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. The organization has grown considerably in recent months. Now you manage eight individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in

Use Syslog to implement centralized logging.

You want to be able to identify the services running on a set of servers on your network. Which tool would BEST give you the information you need?

Vulnerability scanner

What is the main difference between vulnerability scanning and penetration testing?

Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.

Which SNMP component uses GETNEXT messages to navigate the MIB structure?

Walk

Which type of documentation would you consult to find the location of RJ45 wall jacks and their endpoints in the intermediate distribution closet?

Wiring schematic

You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for file storage and a database server. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a crossover UTP plenum cable that will run through the suspended tile ceiling i

You should implement a UPS between the wall outlet and the network devices.


Ensembles d'études connexes

Chapter 24: Male Genitourinary System

View Set

Business Finance - Chapter 17 - Common & Preferred Stock Financing

View Set

Texas life and health study questions

View Set