Endpoint Security Final Exam
Which field in the IPv6 header points to optional network layer information that is carried in the IPv6 packet?
Next Header
Syslog
Notifies the administrator with detailed system messages
NetFlow
Provides statistics on IP packets flowing through network devices
NetFlow
Provides statistics on packets flowing through a Cisco router or multilayer switch
A new PC is taken out of the box, started up and connected to the Internet. Patches were downloaded and installed. Antivirus was updated. In order to further harden the operating system what can be done?
Remove unnecessary programs and services
NTP (Network Time Protocol)
Synchronizes the time across all devices on the network
A flood of packets with invalid source IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of attack has occurred?
TCP SYN flood
What are three benefits of using symbolic links over hard links in Linux? (Choose 3)
They can link to a directory. They can show the location of the original file. They can link to a file in a different file system
What is a feature of distributed firewalls?
They combine the feature of host-based firewalls with centralized management.
Which technology is used by Cisco Advanced Malware Protection (AMP) in defending and protecting against known and emerging threats?
Threat Intelligence
What occurs when a rogue access point is added to a WLAN?
Unauthorized users can gain access to internal servers, thus causing a security hole.
What is the reason for disabling SSID broadcasting and changing the default SSID on a wireless access point?
Wireless clients must then have the SSID manually configured to connect to the wireless network.
What is an attack vector as it relates to network security?
a path by which a threat actor can gain access to an internal network device
What is required in order to connect a Wi-Fi enabled laptop to a WPA secured wireless network?
a security encryption key
What are two types of attacks used on DNS open resolvers?
amplification and reflection
What is the motivation of a white hat attacker?
discovering weaknesses of networks and systems to improve the security level of these systems
What is a wireless security mode that requires a RADIUS server to authenticate wireless users?
enterprise
Which two types of hackers are typically classined as grey hat hackers? (Choose 2)
hacktivists vulnerability brokers
Which two options can limit the information discovered from port scanning? (Choose 2)
intrusion prevention system firewall
Which statement describes the anomaly-based intrusion detection approach?
it compares the behavior of a host to an established baseline to identify potential intrusions.
What does a rootkit modify?
operating system
Which user can override file permissions on a Linux computer?
root user
Which data state is maintained in NAS and SAN services?
stored data
What are three functions provided by the syslog service? (Choose 3)
to gather logging information for monitoring and troubleshooting to specity the destinations of captured messages to select the type of logging information that is captured
Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of BYOD on campus?
wireless networks
ACL
A series of commands that control whether a device forwards or drops packets
What is an example of a local exploit?
A threat actor tries to gain the user password of a remote host by using a keyboard capture software installed on it by a Trojan
Port mirroring
Allows a switch to make duplicate copies of traffic that is sent to a traffic analyzer
SNMP (Simple Network Management Protocol)
Allows administrators to manage network devices
SNMP (Simple Network Management Protocol)
Allows administrators to manage network nodes
The entrepreneur is concerned about company employees having uninterrupted access to important resources and data. Which of the CIA triad components would address the concern?
Availability
An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?
Bluesnarfing
What are two shared characteristics of the IDS and the IPS? (Choose 2)
Both use signatures to detect malicious traffic. Both are deployed as sensors.
A security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?
Implement a firewall.
Which Windows tool can be used by a cybersecurity administrator to secure stand-alone computers that are not part of an active directory domain?
Local Security Policy
