Chapter 3-5 Multiple Choice

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What wild card mask will match networks 172.16.0.0 through 172.19.0.0?

0.3.255.255

Consider the following access list. access-list 100 permit ip host 192.168.10.1 anyaccess-list 100 deny icmp 192.168.10.0 0.0.0.255 any echoaccess-list 100 permit ip any any Which two actions are taken if the access list is placed inbound on a router Gigabit Ethernet port that has the IP address 192.168.10.254 assigned? (Choose two.)

A Telnet or SSH session is allowed from any device on the 192.168.10.0 into the router with this access list assigned. Devices on the 192.168.10.0/24 network are allowed to reply to any ping requests.

The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?

DDoS

Which protocol is attacked when a cybercriminal provides an invalid gateway in order to create a man-in-the-middle attack?

DHCP

In which type of attack is falsified information used to redirect users to malicious Internet sites?

DNS cache poisoning

In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services?

DoS

Which statement describes a difference between the operation of inbound and outbound ACLs?

Inbound ACLs are processed before the packets are routed while outbound ACLs are processed after the routing is completed.

Which statement accurately characterizes the evolution of threats to network security?

Internal threats can cause even greater damage than external threats

What is the best description of Trojan horse malware?

It appears as useful software but hides malicious code.

What is a feature of an IPS?

It can stop malicious packets.

Which two conclusions can be drawn from this new configuration?​ (Choose two.)

Ping packets will be permitted.; SSH packets will be permitted.

What is considered a best practice when configuring ACLs on vty lines?

Place identical restrictions on all vty lines

A network administrator is writing a standard ACL that will deny any traffic from the 172.16.0.0/16 network, but permit all other traffic. Which two commands should be used? (Choose two.)

Router(config)# access-list 95 permit any; Router(config)# access-list 95 deny 172.16.0.0 0.0.255.255

What does the CLI prompt change to after entering the command ip access-list standard aaa from global configuration mode?

Router(config-std-nacl)#

A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 192.168.15.23 can access the virtual terminal of the main router. Which two configuration commands can achieve the task? (Choose two.)

Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0; Router1(config)# access-list 10 permit host 192.168.15.23

In which TCP attack is the cybercriminal attempting to overwhelm a target host with half-open TCP connections?

SYN flood attack

In what way are zombies used in security attacks?

They are infected machines that carry out a DDoS attack.

Which statement describes a characteristic of standard IPv4 ACLs?

They filter traffic based on source IP addresses only.

What effect would the Router1(config-ext-nacl)# permit tcp 172.16.4.0 0.0.0.255 any eq www command have when implemented inbound on the f0/0 interface?

Traffic originating from 172.16.4.0/24 is permitted to all TCP port 80 destinations.

What is the quickest way to remove a single ACE from a named ACL?

Use the no keyword and the sequence number of the ACE to be removed.

What is a ping sweep?

a network scanning technique that indicates the live hosts in a range of IP addresses.

If an asymmetric algorithm uses a public key to encrypt data, what is used to decrypt it?

a private key

Which ACE will permit a packet that originates from any network and is destined for a web server at 192.168.1.1?

access-list 101 permit tcp any host 192.168.1.1 eq 80

Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?

access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80access-list 103 deny tcp ​192.168.10.0 0.0.0.255 any eq 23

What causes a buffer overflow?

attempting to write more data to a memory location than that location can hold

What is the term used to describe unethical criminals who compromise computer and network security for personal gain, or for malicious reasons?

black hat hackers

Which objective of secure communications is achieved by encrypting data?

confidentiality

Which two packet filters could a network administrator use on an IPv4 extended ACL? (Choose two.

destination UDP port number; ICMP message type

What is the term used to describe a mechanism that takes advantage of a vulnerability?

exploit

What type of ACL offers greater flexibility and control over network access?

extended

What commonly motivates cybercriminals to attack networks as compared to hacktivists or state-sponsored hackers?

financial gain

What commonly motivates cybercriminals to attack networks as compared to hactivists or state-sponsored hackers?

financial gain

Which type of hacker is motivated to protest against political and social issues?

hacktivist

What is the term used to describe gray hat hackers who publicly protest organizations or governments by posting articles, videos, leaking sensitive information, and performing network attacks?

hacktivists

Which two keywords can be used in an access control list to replace a wildcard mask or address and wildcard mask pair? (Choose two.)

host; any

Which requirement of secure communications is ensured by the implementation of MD5 or SHA hash generating algorithms?​

integrity

Which attack involves threat actors positioning themselves between a source and destination with the intent of transparently monitoring, capturing, and controlling the communication?

man-in-the-middle attack

What is the term used to describe a guarantee that the message is not a forgery and does actually come from whom it states?

origin authentication

A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?

social engineering

What is the term used to describe the same pre-shared key or secret key, known by both the sender and receiver to encrypt and decrypt data?

symmetric encryption algorithm

What is the term used to describe a potential danger to a company's assets, data, or network functionality?

threat

A technician is tasked with using ACLs to secure a router. When would the technician use the remark configuration option or command?

to add a text entry for documentation purposes

A technician is tasked with using ACLs to secure a router. When would the technician use the established configuration option or command?

to allow returning reply traffic to enter the internal network

A technician is tasked with using ACLs to secure a router. When would the technician use the 'ip access-group 101 in' configuration option or command?

to apply an extended ACL to an interface

A technician is tasked with using ACLs to secure a router. When would the technician use the ip access-group 101 in configuration option or command?

to apply an extended ACL to an interface

A technician is tasked with using ACLs to secure a router. When would the technician use the 40 deny host 192.168.23.8 configuration option or command?

to create an entry in a numbered ACL

A technician is tasked with using ACLs to secure a router. When would the technician use the any configuration option or command?

to identify any IP address

A technician is tasked with using ACLs to secure a router. When would the technician use the host configuration option or command?

to identify one specific IP address

A technician is tasked with using ACLs to secure a router. When would the technician use the no ip access-list 101 configuration option or command?

to remove a configured ACL

A technician is tasked with using ACLs to secure a router. When would the technician use the deny configuration option or command?

to restrict specific traffic access through an interface

A technician is tasked with using ACLs to secure a router. When would the technician use the access-class 20 in configuration option or command?

to secure administrative access to the router

What type of malware has the primary objective of spreading across the network?

worm


Ensembles d'études connexes

IMMIGRATION LAW - CHAPTER 5 - TEMPORARY RESIDENCE: STUDENTS AND WORKERS

View Set

Chapter 10-Learning Environments & Classroom Management

View Set

BUSLaw Chp12: Capacity and Legality

View Set

Horticulture: Integrated Pest Management

View Set

Vocabulary: Chapter 11: The Middle Ages

View Set

Management and Leadership (quizzes)

View Set

ATI Learning System RN Pharmacology Quiz

View Set

Chapter 2: Computer System Questions

View Set

Cognitive Psych Quiz 2: Chapter 4

View Set

Psychology 301 Final Test (ch 9-11) Ole Miss

View Set