CIT 182
A company uses an Internet Protocol Security (IPSec) virtual private network (VPN) solution. It allows remote users to connect to the main office and allows communication between the main office and branch offices securely over the Internet. The main office network uses network address translation (NAT) with an internal IP address range of 192.168.0.1 to 192.168.0.254. Which of the following ranges must remote offices and users NOT use on their internal networks?
192.168.0.x
Which of the following is a feature of NTFS that allows complete additional files to successfully hide beneath any normal file object and be almost undetectable?
Alternate Data Streams (ADS)
Mario is the network security engineer for his company. He discovered that, periodically, a remote user working from home accesses certain resources on the network that are not part of her regular duties. Mario has questioned the user and her supervisor, and has accessed the user's workstation. Mario believes the user is not the source of these intrusions and strongly suspects a malicious source is responsible. What is the most likely explanation?
An external hacker has gained access to the user's authentication and is accessing confidential company resources.
The IT security officer for a large company has spent the past year upgrading security for the corporate network. Employees working from home have personal firewalls running on their computers. They use a virtual private network (VPN) to connect to the corporate network. The corporate network utilizes the latest devices and techniques, including an intrusion detection system/intrusion prevention system (IDS/IPS), anti-malware protection, and firewalls. What security threat most likely still needs to be addressed?
An internal threat, such as a disgruntled employee or contractor
In executing the processes of risk assessment and risk management, which statistic calculates the potential number of times the threat could be a realized attack in a year's time?
Annualized rate of occurrence
Although it is not recommended, a company chief information officer (CIO) wants to configure and use the ff02::1 group on his new IPv6 network to send traffic to every node in the infrastructure. What group must he enable?
Anycast
Wen, a network engineer for a mid-sized company, is rolling out a virtual private network (VPN) solution that is easy to set up, manage, and maintain and represents the majority of VPN platforms on the market. What type of VPN is Wen deploying?
Customer premise equipment (CPE)
James is a network engineer. He has been assigned the responsibility of designing a virtual private network (VPN) solution that will allow customers, suppliers, and business partners access to network resources without exposing the secure private LAN. The parties accessing these resources must use digital certificates issues by a certification authority (CA). What form of VPN is he setting up?
Extranet
A chief financial officer's (CFO's) business account has been leaked onto the Internet, including the CFO's username, password, and financial data. The firm's security manager scanned the CFO's computer for viruses, which was clean. However, the manager is still convinced that the CFO's computer is somehow compromised, allowing whatever is typed to be disclosed. The manager recalls that six weeks ago, the CFO's assistant was caught illicitly accessing secure financial files and was subsequently dismissed. What is the likely problem?
Hardware keystroke logger
To secure the System/Application Domain of an IT infrastructure, what is the primary focus?
In a collection of servers and virtualized systems, defending both data and server computing power
An IT infrastructure manager is reviewing his company's computer assets, particularly the mean time to failure (MTTF) of the PC and server hard drives. The manufacturer of the hard drives typically used in the company states that the MTTF is approximately 11 years. Because servers and some high-priority workstations must operate continuously except for brief periods of maintenance, how many hours, on average, can these hard drives be expected to operate before failure?
More than 90,000 hours
A major U.S. online retailer has discovered that thousands of purchases have been paid for by stolen credit card numbers. An initial analysis of the location of the buyers reveals IP addresses from within the United States. Upon further investigation, it is found that the actual origin point of the fraudulent buyer is a series of IP addresses located in Asia. What technology is the fraudster using?
Proxy Server
Jacob is a remote employee. He clicks the Start menu button in Windows and selects an application to run. Most of the time, he is unaware that he is really accessing the application on a server at his company's main office several miles away. What solution is he using?
RD RemoteApp
Gino is an ethical hacker hired as a consultant to test the security of a mid-sized company's network. As part of his assignment, he has been given physical access to the system. He has built a dictionary of hashed passwords from the hard drive of the device. Which type of attack is he planning to launch?
Rainbow
The chief information officer (CIO) is working with the chief financial officer (CFO) on next year's budget for new networking equipment. The CIO is explaining that lowest-cost equipment is not the sole deciding factor. The hardware must conform to high security standards to prevent a malicious person from hacking into the network and accessing valuable company data. Which of the following considerations does not specifically require a hacker to have physical access to the equipment?
Remote connection
Which deployment of a web server uses network address translation (NAT) mapping and is considered the poorest security choice?
Reverse proxy
Various virtual private network (VPN) encryption technologies offer access to almost any network application or resource. Which one offers additional features, such as easy connectivity from non-company-managed desktops, little or no desktop software maintenance, and user-customized web portals upon login?
Secure Sockets Layer/Transport Layer Security (SSL/TLS)
The imitation of source email, Internet Protocol (IP), or Media Access Control (MAC) addresses is part of which type of attack?
Spoofing
Mei is working from home and speaking with her department manager on a Voice over IP (VoIP) phone connection. This technology allows telephone conversations to be routed over the Internet. During a VoIP conversation, Mei loses a few moments of what the manager has said to her. What is the problem?
The OSI model Transport Layer was unable to guarantee reliable packet delivery
A company's IT security engineer has noticed several employees periodically checking their social media accounts. One such platform allows chat, which can include sharing links, photos, and videos. When the engineer casually observes one user about to click a link to view a video, she stops the worker. Afterward, she approaches the chief information officer (CIO) and advises that all social media accounts be blocked, and that only online training videos authorized by the company be allowed to be viewed. What threat is the IT security engineer concerned about?
Trojan horse
Nahla is a network engineer charged with maintaining the routine operations of equipment in her company's server room. She is aware that fluctuations in electrical power flow can damage delicate circuitry. While configuring redundancy into a number of systems, which component does she choose that offers both redundancy and power conditioning?
Uninterruptable power supply (UPS)
A company vice president (VP) finds that the network security restrictions imposed by the security manager are too confining. To counter them, the VP habitually uses weak passwords, shares accounts with his assistant, and installed unapproved software. What security principle is the VP violating?
Universal participation
As part of the bring your own device (BYOD) program, the company CIO is encouraging employees to use their personal devices for business purposes. However, an attacker with the right kind of antenna can access the wireless network from a great distance, putting personal devices at risk. What is the best solution?
Use subnets and filtering
Which of the following roles is most commonly responsible for observing system and user activity, looking for violations, trends toward bottlenecks, and attempts to perform violations?
Auditor
Agents, bots, and zombies are part of which type of attack?
Distributed denial of service (DDoS) attack
Which form of firewall filtering is NOT as clear or distinct as other types?
Filtering on whether an address is real or spoofed
Which of the following is considered a node?
Networked printer
Which of the following network zones has the lowest risk and the highest trust?
Private network
Landon is a network contractor. He has been hired to design security for the network of a small company. The company has a limited budget. Landon is asked to create a system that will protect the company's workstations and servers without undo expense. Landon decides to deploy one hardware firewall between the Internet and the local area network (LAN). What is this solution called?
Single defense
A hacker is attempting to access a company's router using false Internet Control Message Protocol (ICMP) type 5 redirect messages. What is the hacker's goal?
To spoof or manipulate routing data
Many company employees work from home on a full-time basis. What technology do they commonly use to communicate securely with the organization's network?
VPN
Carl is a student in a computer networking class who is studying virtual private network (VPN) implementations. He is learning the basics about VPNs. Which of the following statements does he find is TRUE?
VPNs are both hardware and software solutions
Arturo is a new network technician. He wants to use Remote Desktop Protocol (RDP) to connect to a server from his computer. The server is on the other side of the building. His computer is running Windows 10. Will he be able to make the connection?
Yes, because the RDP protocol has clients that work on most common operating systems.
Thirty years ago, a major corporation purchased and still owns IP addresses within the IPv4 Class A range. The corporation uses these addresses to connect to the Internet. To which IPv4 address range do they belong?
1.0.0.1 to 126.255.255.254
Which of the following is an authentication method that supports smart cards, biometrics, and credit cards, and is a fully scalable architecture?
802.1x
A company's cybersecurity trainer is recording a Lunch and Learn video for new employees. The trainer discusses the dangers of spam. Besides being annoying, what other problem could spam cause?
A spam email could contain a link to what appears as a benign or beneficial website that could, if clicked, upload malicious software to the user's computer.
You are setting up a small home network. You want all devices to communicate with each other. You assign IPv4 addresses between 192.168.0.1 and 192.168.0.6 to the devices. What processes must still be configured so that these nodes can communicate with the Internet?
Both network address translation (NAT) and port address translation (PAT) must be enabled to allow private network addresses to be translated to a random external port and public IP address.
A bank's online infrastructure has been under attack by hackers. In addition to standard security methods, the bank's IT security manager has requested website code to be examined and modified, where necessary, to address possible arbitrary code execution. What will the code modifications prevent?
Buffer overflows
Marta is a network technician intern at a mid-sized company. She is learning hardware virtual private network (VPN) best practices from one of the engineers. Which of the following does the engineer tell Marta is NOT a best practice?
Connecting a client computer to more than one network interface while connected to the office via VPN
Dhruv is a network engineer using a command-line interface on his computer. He types the command mstsc/v and then a server name. What is he doing?
Connecting to a Windows server running a virtual private network (VPN)
Temika is the IT security officer for her company. She is developing a plan to measure the effectiveness of the organization's network security. Which of the following will accomplish that goal?
Continually improving the state of security so that, as time passes, the network is better protected than it was in the past
Which form of attack is described as throttling the bandwidth consumption on an Internet link at a specific interval as a method of transmitting small communication streams such as user credentials?
Covert channels
A malicious person has installed ransomware on a company user's computer. The ransomware message states that the malicious software will be removed if the user pays a certain amount of money digitally. What is a typical form of payment?
Cryptocurrency
Isabelle is a network engineer deploying an IT infrastructure in one of her company's new branch offices. Currently, she is designing a local subnetwork that contains and exposes the office's external services to a larger, untrusted network, specifically the Internet. What is this called?
DMZ
Which of the following is unlikely to support at-firewall authentication?
DMZ Firewall
Which OSI model layer deals with frames?
Data link layer
What is an intrusion detection system/intrusion prevention system (IDS/IPS) that uses patterns of known malicious activity similar to how antivirus applications work?
Database-based detection
Devaki is an engineer who is designing network security for her company's infrastructure. She is incorporating protections for programming flaws, default settings, maximum values, processing capabilities, and memory capacities on devices, as well as malicious code and social engineering. What is this type of protection called?
Defense in depth
Bill's work-issued Windows laptop has been configured so he can remotely connect to his office from home without having to initiate a virtual private network (VPN) connection. What technology is he using?
DirectAccess
The network engineer of a mid-size company needs to have all servers, network printers, and other online resources possess the same IPv6 address over time. The engineer does not want to perform manual address assignments on all of these resources. Additionally, she wants to prevent any rogue device from having an IPv4 address dynamically assigned just by making the request. What is her solution?
Dynamic Host Configuration Protocol (DHCP) reservation
Removing all unnecessary protocols, uninstalling all unnecessary applications and services, and installing the latest final releases of all device drivers are part of which security process?
Hardening
What is the basic service of a reverse proxy?
Hides the identity of a web server accessed by a client over the Internet
Tonya is an accountant working from home. She connects to her office each day over a virtual private network (VPN). The IT department for her company has deployed a VPN appliance to assist employees such as Tonya in performing their tasks remotely. What solution does Tonya use to access her files on the company's accounting server?
Host-to-gateway
Location-aware anti-theft software will periodically upload its location to a centralized site in the event that the mobile device is lost or stolen. What can defeat this?
If the thief reformats the mobile device's drive
Alice is a network engineer who has been tasked with researching a virtual private network (VPN) tunneling protocol to be used by her company. It must be able to pass traffic through a network address translation (NAT) server and be compatible with a number of well-known proprietary and open source platforms. What solution does she select?
Internet Key Exchange v2 (IKEv2)
Nicolau is a network engineer for a large online retailer. He is concerned about the security of his company's network connections to its customers, vendors, and partners. Although all of these sources are generally trusted, he knows they can be hacked by malicious parties and used to steal confidential company data. Which network-based solution should he choose to detect unauthorized user activity and attacks that is also capable of taking action to prevent a breach?
Intrusion detection system/intrusion prevention system (IDS/IPS)
The chief information officer (CIO) of a large company has been informed by the board of directors that their corporation is anticipating rapid growth over the next two years. She calculates the contingency of building additional capacity into the current network infrastructure. Based on the board's growth estimates, what percentage of additional capacity should she plan for?
More than 50 percent
Which network security technology can block or restrict access if a computer does NOT have the latest antivirus update, a certain security patch, or a host firewall?
Network access control (NAC)
Amy is a network engineering consultant who is designing security for a small office/home office (SOHO) company. The network consists of 10 workstations plus a wireless printer, but it needs remote authentication. The client has a limited budget and the network design needs to be relatively simple. What type of authentication solution does she deploy?
One that authenticates at the firewall and doesn't integrate with single sign-on (SSO)
Oscar is deploying a virtual private network (VPN) solution for his company. The VPN needs to connect to remote servers by their Internet Protocol (IP) addresses rather than using network address translation (NAT). What type of VPN is Oscar deploying?
Operating system (OS)
Which of the following BEST describes a technology with inherent security risks and that can reveal information a user did NOT intend to share?
Peer-to-peer (P2P)
Which of the following is a firewall, proxy, and routing service that does NOT support caching, encryption endpoint, or load balancing? Note that this service can be found on almost any service or device that supports network address translation.
Port forwarding
Which operating system (OS) for a bastion host runs on most appliance firewalls as well as many Internet service provider (ISP) connection devices?
Proprietary OS
Remote Desktop Connection (RDC) is a built-in application that uses what proprietary protocol?
Remote Desktop Protocol (RDP)
Several times this week, the IT infrastructure chief of a small company has suspected that wireless communications sessions have been intercepted. After investigating, he believes some form of insertion attack is happening. He is considering encrypted communications and preconfigured network access as a defense. What type of insertion attack is suspected?
Rogue device insertion
Which type of hackers often lack the knowledge or motivation to write their own malicious code, depend on programs written by others to use in their attacks, and may not understand the full consequences of their actions?
Script kiddie
What is a virtual private network (VPN) protocol that requires public key infrastructure (PKI) support to obtain and use a certificate?
Secure Sockets Layer/Transport Layer Security (SSL/TLS)
Which of the following is described as an approach to network security in which each administrator is given sufficient privileges only within a limited scope of responsibility?
Separation of duties
A company has discovered that confidential business information has been repeatedly acquired by a competitor over the past six months. The IT security team has been unable to find the leaks. The team suspects a form of side-channel eavesdropping may be involved. What is the suspected hacking method?
The competitor is using a phreaking attack.
Carl is a network engineer for a mid-sized company. He has been assigned the task of positioning hardware firewalls in the IT infrastructure based on common pathways of communication. After analyzing the problem, on which aspect of the network does he base his design?
Traffic patterns
Dhruv is the lead network engineer for his three-year-old company. He is writing a proposal that recommends the network protocol to use in several branch offices. Based on the age of the networking equipment, what is his recommendation to the chief information officer (CIO)?
Upgrade to IPv6
What is an example of security through obscurity?
Using a nonstandard operating system for workstations such as FreeBSD
Joaquin is a senior network technician for a mid-sized company who has been assigned the task of improving security for the IT infrastructure. He has been given a limited budget and must increase security without redesigning the network or replacing all internetworking security devices. He focuses on an approach that will identify a single vulnerability. What does he recommend?
Weakest link
A combination of intrusion detection and prevention, as well as logging and monitoring, provides the best defense against what kind of attack?
Zero-day exploit
A filter pathway is designed to:
make it hard to bypass a network filtering system and force all traffic through one route.