Chapter 5: Devices and Infrastructure 5.9-5.13
5.11 Switch Security and Attacks Which protocol should you disable on the user access ports of a switch? A) DTP B) TCP C) IPsec D) PPTP
A) DTP
5.9 Network Device Vulnerabilities An attacker was able to gain unauthorized access to a mobile phone and install a Trojan horse so that he or she could bypass security controls and reconnect later. Which type of attack is this an example of? A) Privilege escalation B) Backdoor C) Social engineering D) Replay
B) Backdoor
5.11 Switch Security and Attacks You manage a single subnet with three switches. They are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches? A) 802.1x B) Spanning Tree Protocol C) Trunking D) PoE E) Bonding
B) Spanning Tree Protocol
5.12 Using VLANSs A virtual LAN can be created using which of the following? A) Hub B) Switch C) Gateway D) Router
B) Switch
5.11 Switch Security and Attacks Which of the following is a typical goal of MAC spoofing? A) Cause a switch to enter fail open mode B) Cause incoming packets to broadcast to all ports C) Reroute local switch traffic to a specified destination D) Bypass 802.1x port-based security
D) Bypass 802.1x port-based security
5.13 Router Security You are deploying a brand new router. After you change the factory default settings, what should you do next? A) Secure the configuration file. B) Configure SSH to access the router configuration. C) Configure anti-spoofing rules. D) Update the firmware.
D) Update the firmware.
5.12 Using VLANSs Which 802.1Q priority is IP phone traffic on a voice VLAN tagged with by default? A) 5 B) 1 C) 3 D) 8
A) 5
5.13 Router Security You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID for access. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.) A) Change the default administrative username and password. B) Use a web browser to access the router configuration using an HTTP connection. C) Use TFTP to back up the router configuration to a remote location. D) Use encrypted Type 7 passwords. E) Use an SSH client to access the router configuration.
A) Change the default administrative username and password. E) Use an SSH client to access the router configuration.
5.9 Network Device Vulnerabilities Which of the following are characteristics of a complex password? (Select two.) A) Consists of letters, numbers, and symbols B) Has a minimum of six characters C) Consists of letters and numbers only D) Has a minimum of eight characters E) Has a maximum of fifteen characters
A) Consists of letters, numbers, and symbols D) Has a minimum of eight characters
5.10 Network Applications You are implementing a new application control solution. Prior to enforcing your application whitelist, you want to monitor user traffic for a period of time to discover user behaviors and log violations for later review. How should you configure the application control software to handle applications not contained in the whitelist? A) Flag B) Drop C) Tarpit D) Block
A) Flag
5.10 Network Applications Which of the following is susceptible to social engineering exploits? A) Instant messaging B) Group Policy C) Peer-to-peer software D) Real-time communication
A) Instant messaging
5.9 Network Device Vulnerabilities An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions? A) Privilege escalation B) Social engineering C) Replay D) Impersonation
A) Privilege escalation
5.10 Network Applications You are the security analyst for your organization and have recently noticed a large amount of spim on the company mobile devices. Employees rely on the IM app to communicate with each other. Which of the following countermeasures should you implement? A) Use an IM blocker. B) Create a blacklist. C) Disable instant messaging. D) Encrypt all IM traffic.
A) Use an IM blocker.
5.12 Using VLANSs You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access Which feature should you implement? A) VLANs B) DMZ C) NAT D) Port authentication
A) VLANs
5.12 Using VLANSs The IT manager has asked you to create a separate VLAN to be used exclusively for wireless guest devices to connect to. Which of the following is the primary benefit of creating this VLAN? A) You can control security by isolating wireless guest devices within this VLAN. B) You can control broadcast traffic and create a collision domain for just the wireless guest devices. C) You can load-balance wireless guest network traffic to have a lower priority than the rest of the traffic on the network. D) You can create a wireless guest network more affordably with a VLAN than you can with a router.
A) You can control security by isolating wireless guest devices within this VLAN.
5.12 Using VLANSs You are creating a VLAN for voice over IP (VoIP). Which command should you use? A) switchport voice vlan [number] B) switchport vlan voice [number] C) switchport voip vlan [number] D) switchport vlan voip [number]
A) switchport voice vlan [number]
5.9 Network Device Vulnerabilities In an effort to increase the security of your organization, programmers have been informed they can no longer bypass security during development. Which vulnerability are you attempting to prevent? A) Privilege escalation B) Backdoor C) Social engineering D) Replay
B) Backdoor
5.10 Network Applications Which of the following is considered a major problem with instant messaging applications? A) Freely available for use B) Loss of productivity C) Transfer of text and files D) Real-time communication
B) Loss of productivity
5.13 Router Security Which of the following can make passwords useless on a router? A) Storing the router configuration file in a secure location B) Not controlling physical access to the router C) Using SSH to remotely connect to a router D) Using the MD5 hashing algorithm to encrypt the password
B) Not controlling physical access to the router
5.10 Network Applications Which common design feature among instant messaging clients make them less secure than other means of communicating over the internet? A) Real-time communication B) Peer-to-peer networking C) Freely available for use D) Transfer of text and files
B) Peer-to-peer networking
5.10 Network Applications Which type of application allows users to share and access content without using a centralized server? A) Real-time communication B) Peer-to-peer software C) Instant messaging D) Group Policy
B) Peer-to-peer software
5.13 Router Security You have configured your ACL to block outgoing traffic from a device with the IP address 192.168.1.52. Which type of ACL have you configured? A) Advanced B) Standard C) Extended D) Basic
B) Standard
5.12 Using VLANSs Which of the following is an appropriate definition of a VLAN? A) A physical collection of devices that belong together and are connected to the same wire or physical switch. B) A device used to route traffic between separate networks. C) A logical grouping of devices based on service need, protocol, or other criteria. D) A device used to filter WAN traffic.
C) A logical grouping of devices based on service need, protocol, or other criteria.
5.11 Switch Security and Attacks Which of the following switch attacks associates the attacker's MAC address with the IP address of the victim's devices? A) DNS poisoning B) Cross-site scripting (XSS) C) ARP spoofing/poisoning D) MAC spoofing
C) ARP spoofing/poisoning
5.10 Network Applications What do application control solutions use to identify specific applications? A) Packet inspection B) Flags C) Application signatures D) Whitelists
C) Application signatures
5.11 Switch Security and Attacks You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so that only library computers are permitted connectivity to the internet. What can you do? A) Remove the hub and place each library computer on its own access port. B) Create static MAC addresses for each computer and associate each address with a VLAN. C) Configure port security on the switch. D) Create a VLAN for each group of four computers.
C) Configure port security on the switch.
5.11 Switch Security and Attacks Which of the following scenarios would typically utilize 802.1x authentication? A) Authenticating VPN users through the internet B) Authenticating remote access clients C) Controlling access through a switch D) Controlling access through a router
C) Controlling access through a switch
5.9 Network Device Vulnerabilities When setting up a new wireless access point, what is the first configuration change that should be made? A) Encryption protocol B) SSID C) Default login D) MAC filtering
C) Default login
5.13 Router Security Which type of ACL should be placed as close to the source as possible? A) Advanced B) Basic C) Extended D) Standard
C) Extended
5.13 Router Security Which of the following does a router use to determine where packets are forwarded to? A) Access control list B) Anti-spoofing rules C) Routing table D) Firewall
C) Routing table
5.10 Network Applications Which of the following is a benefit of P2P applications? A) Real-time communication B) Strong security C) Shared resources D) Low-upload bandwidth
C) Shared resources
5.10 Network Applications You have implemented a new application control solution. After monitoring traffic and use for a while, you have noticed an application that continuously circumvents blocking. How should you configure the application control software to handle this application? A) Drop B) Flag C) Tarpit D) Block
C) Tarpit
5.11 Switch Security and Attacks When configuring VLANs on a switch, which type of switch ports are members of all VLANs defined on the switch? A) Any port not assigned to a VLAN B)Each port can only be a member of a single VLAN C) Trunk ports D) Gigabit and higher Ethernet ports E) Uplink ports
C) Trunk ports
5.13 Router Security You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a locked server closet. You use an FTP client to regularly back up the router configuration to a remote server in an encrypted file. You access the router configuration interface from a notebook computer that is connected to the router's console port. You've configured the device with the username admin01 and the password P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? A) Move the router to a secure data center. B) Use encrypted Type 7 passwords. C) Use SCP to back up the router configuration to a remote location. D) Use an SSH client to access the router configuration.
C) Use SCP to back up the router configuration to a remote location.
5.9 Network Device Vulnerabilities You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer by connecting it to the console port on the router. You've configured the management interface with a username of admin and a password of password. What should you do to increase the security of this device? A) Include hard-coded passwords and hidden service accounts. B) Use an SSH client to access the router configuration. C) Use a stronger administrative password. D) Move the device to a secure data center.
C) Use a stronger administrative password.
5.12 Using VLANSs You are adding switches to your network to support additional VLANs. Unfortunately, the new switches are from a different vendor than the current switches. Which standard do you need to ensure that the switches are supported? A) 802.3 B) 802.1x C) 802.11 D) 802.1Q
D) 802.1Q
5.13 Router Security Which of the following should be configured on the router to filter traffic at the router level? A) Anti-spoofing rules B) Telnet C) SSH D) Access control list
D) Access control list
5.13 Router Security Which of the following happens by default when you create and apply a new ACL on a router? A) All traffic is permitted. B) ACLs are not created on a router. C) The ACL is ignored until applied. D) All traffic is blocked.
D) All traffic is blocked.
5.9 Network Device Vulnerabilities While developing a network application, a programmer adds functionally that allows her to access the running program without authentication so she can capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. Which type of security weakness does this describe? A) Privilege escalation B) Weak password C) Buffer overflow D) Backdoor
D) Backdoor
5.11 Switch Security and Attacks Which of the following best describes the concept of a virtual LAN? A) Devices connected through the internet that can communicate without using a network address. B) Devices connected by a transmission medium other than a cable (microwave, radio transmissions). C) Devices in separate networks (different network addresses) logically grouped as if they were in the same network. D) Devices on different networks that can receive multicast packets.
D) Devices on different networks that can receive multicast packets.
5.11 Switch Security and Attacks Which of the following attacks, if successful, causes a switch to function like a hub? A) MAC spoofing B) Replay attack C) ARP poisoning D) MAC flooding
D) MAC flooding
5.13 Router Security You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with the username admin01 and the password P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? A) Use encrypted Type 7 passwords. B) Use a Telnet client to access the router configuration. C) Change the default administrative username and password. D) Move the router to a secure server room.
D) Move the router to a secure server room.
5.12 Using VLANSs The IT manager has asked you to create four new VLANs for a new department. As you are going through the VLAN configurations, you find some VLANs numbered 1002-1005. However, they are not in use. What should you do with these VLANs? A) Renumber them and assign them to ports on the switch. B) Delete them since they are not being used. C) Configure them so they can be used on the new network. D) Nothing. They are reserved and cannot be used or deleted.
D) Nothing. They are reserved and cannot be used or deleted.
5.9 Network Device Vulnerabilities An attacker has gained access to the administrator's login credentials. Which type of attack has most likely occurred? A) Buffer overflow B) Privilege escalation C) Backdoor D) Password cracking
D) Password cracking
5.10 Network Applications Which of the following methods did Microsoft introduce in Windows 10 to help distribute OS updates? A) Server download B) Group Policy C) File Transfer Protocol D) Peer-to-peer software
D) Peer-to-peer software
5.9 Network Device Vulnerabilities A relatively new employee in the data entry cubical farm was assigned a user account similar to the other data entry employees' accounts. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred? A) Physical security B) External attack C) Social engineering D) Privilege escalation
D) Privilege escalation
5.9 Network Device Vulnerabilities Travis and Craig are both standard users on the network. Each user has a folder on the network server that only they can access. Recently, Travis has been able to access Craig's folder. This situation indicates which of the following has occurred? A) External attack B) Replay C) Social engineering D) Privilege escalation
D) Privilege escalation
5.12 Using VLANSs When configuring VLANs on a switch, what is used to identify which VLAN a device belongs to? A) IP address B) Host name C) MAC address D) Switch port
D) Switch port
5.12 Using VLANSs You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation? A) Spanning Tree Protocol B) Port security C) VPN D) VLAN
D) VLAN