Final Exam (Chapter Quizes)

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What port do SNMP agents listen on? - Port 161 - Port 21 - Port 162 - Port 20

Port 161

Which form of SHA was developed by private designers? - SHA-1 - SHA-3 - SHA-224 - SHA-256

SHA-3

Which of the following is not an example of biometric detection? - Iris color patterns - Smart Card - Facial recognition - Fingerprints

Smart Card

Any traffic that is not explicitly permitted in the ACL is __, which is called the ____. - denied, explicit deny rule - rejected, implicit deny rule - rejected, explicit deny rule - denied, implicit deny rule

denied, implicit deny rule

802.11ac and 802.11ax both support all the following except which two bonded channels? (Select two.) - 10 MHz - 20 MHz - 40 MHz - 60 MHz - 80 MHz - 160 MHz - 240 MHz

10 MHz & 240 MHz

Which 802.11 standard functions in both the 2.4-GHz and 5-GHz bands? - 802.11g - 802.11ac - 802.11b - 802.11ax

802.11ax

What was the first 802.11 standard to implement channel bonding? - 802.11n - 802.11ax - 802.11g - 802.11ac

802.11n

Which of these is considered a secure place to store a list of documented network passwords? - The CEO's smartphone - A sticky note under the keyboard - A password manager - The MDF

A password manager

Which Carrier Sense technology is used on wireless networks to reduce collisions? - CSMA/CD - EAPoL - CSMA/CA - SSID

CSMA/CA

A technician from your ISP has arrived to help you troubleshoot a weak WAN connection. To what location do you take them? - IDF - Work area - CEO's office - EF

EF

Which type of identifier allows wireless clients to roam freely from AP to AP? - BSSID - IP address - ESSID - Transmitter address

ESSID

Which function of WPA/WPA2 security ensures data cannot be read in transit? - Message integrity - Authentication - Encryption - Key distribution

Encryption

You just settled in for some study time at the local coffee shop, and you pause long enough to connect your smartphone to the Wi-Fi so you can listen to some music while you study. As you're about to sign in, you realize that you clicked on an SSID called "Free Coffee and Internet." What kind of security trap did you almost fall for? - Guest network - Captive portal - Evil twin - Brute force attack

Evil twin

What causes MOST firewall failures? - Firewall misconfiguration - Defective firewall - Firmware corruption - Malware

Firewall misconfiguration

What feature of a site survey maps the Wi-Fi signals in your location? - Frequency map - Spectral map - Heat map - Channel map

Heat map

What software allows you to define VMs and manage resource allocation and sharing among VMs on a host computer? - Hypervisor - NFV (Network Functions Virtualization) - SDN (software-defined networking) - Terminal emulation

Hypervisor

Which policy ensures messages are discarded when they don't match a specific firewall rule? - Implicit allow - Explicit deny - Explicit allow - Implicit deny

Implicit deny

A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this? - Principle of least privilege - Insider threat - Vulnerability - Denial of service

Insider threat

Active Directory and 389 Directory Server are both compatible with which directory access protocol? - LDAP - RADIUS - Kerberos - AD DS

LDAP

What is the lowest layer of the OSI model at which wired and wireless transmissions share the same protocols? - Layer 4 - Layer 3 - Layer 2 - Layer 1

Layer 3

At what layer of the OSI model do proxy servers operate? - Layer 3 - Layer 2 - Layer 7 - Layer 4

Layer 7

What is the first step of inventory management? - Interview users. - Identify network requirements. - List an administrative account's username and password for each device on a network. - List all components on the network.

List all components on the network.

What information does the switchport port-security command use to restrict access to a switch's interface? - MAC address - Port number - IP address - Broadcast address

MAC address

Which power backup method will continually provide power to a server if the power goes out during a thunderstorm? - Online UPS - Generator - Dual power supplies - Standby UPS

Online UPS

You need to connect a new network printer to a nearby wall jack. What kind of cable should you use? - Fiber-optic cable - Patch cable - Backbone cable - Plenum-rated cable

Patch cable

Which of the following is not a phase in the social engineering attack cycle? - Research. - Building trust. - Penetrate. - Exit.

Penetrate.

A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers to collect information from people who make the same typo. What kind of attack is this? - Phishing - Tailgating - Quid pro quo - Baiting

Phishing

Which two features on a switch or router are integrated into CoPP? Choose two. - ICMP - DHCP - QoS - ACLs

QoS ACLs

Which authorization method will allow Nancy, a custodian, to access the company's email application but not its accounting system? - RBAC - Auditing - DAC - Local authentication

RBAC

Which of the following attack simulations detect vulnerabilities and attempt to exploit them? Choose two. - Red team-blue team exercise - Vulnerability assessment - Security audit - Pen testing

Red team-blue team exercise & Pen testing

What information in a transmitted message might an IDS use to identify network threats? - Signature - FIM - Port mirroring - ACL

Signature

Who is responsible for the security of hardware on which a public cloud runs? - The cloud customer - It depends - Both the cloud customer and the cloud provider - The cloud provider

The cloud provider

When a wireless signal encounters a large obstacle with wide, smooth surfaces, what happens to the signal? The signal reflects and changes direction according to the angle in which it struck the obstacle. - The signal reflects, or bounces back, toward its source. - The signal will be attenuated by the obstacle. - The signal will refract and dissipate

The signal reflects, or bounces back, toward its source.

Which type of switch connects all devices in a rack to the rest of the network? - ToR switch - Spine switch - EoR switch - Core switch

ToR switch

One of your coworkers downloaded several, very large video files for a special project she's working on for a new client. When you run your network monitor later this afternoon, what list will your coworker's computer likely show up on? - Top talkers - Top listeners - Giants - Jabbers

Top listeners

What virtual, logically defined device operates primarily at the data link layer to ss frames between nodes? - Virtual firewall - Virtual switch - Virtual router - Virtual load balancer

Virtual switch

The ability to insert code into a database field labeled "Name" is an example of a(n) ___. - attack. - vulnerability. - breach. - exploit.

vulnerability

Which protocol replaced TKIP for WPA2? - CCMP - WEP - RADIUS - RC4

CCMP

Which one of the following wireless transmission types requires a clear LOS to function? - Bluetooth - NFC - IR - Wi-Fi?

IR

Which authentication protocol is optimized for wireless clients? - RADIUS - Active Directory - TACACS1 - Kerberos

RADIUS

What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack? - ARP performs no authentication. - ARP uses a dynamic port number - ARP broadcasts outside the edge router - ARP is transmitted in cleartext

ARP performs no authentication.

Which access control technique is responsible for detection of an intruder who succeeds in accessing a network? - Authentication - Accounting - Geofencing - Separation of duties

Accounting

Which of the following is not one of the AAA services provided by RADIUS and TACACS+? - Authentication - Authorization - Administration - Accounting

Administration

Which of the following criteria can a packet-filtering firewall not use to determine whether to accept or deny traffic? - Destination IP address - SYN flags - Application data - ICMP message

Application data

Which firewall type can protect a home network from adult content not suitable for the family's children? - Packet-filtering firewall - Host-based firewall - Stateless firewall - Application layer firewall

Application layer firewall

Which log type is used to prove who did what and when? - Traffic log - Audit log - System log - Syslog

Audit log

Which physical security device works through wireless transmission? - Badge reader - Access control vestibule - Cipher lock - Biometrics

Badge reader

Which security device relies on a TAP or port mirroring? - NIDS - HIPS - FIM - HIDS

NIDS

Which of the following defenses addresses a weakness of IPv6? - DHCP snooping - CoPP - DAI - RA guard

RA guard

You're setting up a home network for your neighbor, who is a music teacher. She has students visiting her home regularly for lessons and wants to provide Internet access for their parents while they're waiting on the children. However, she's concerned about keeping her own data private. What wireless feature can you configure on her AP to meet her requests? (Select all that apply.) - Screened network - Wireless client isolation - Guest network - MAC filtering

Wireless client isolation & Guest network

While troubleshooting a recurring problem on your network, you want to examine the TCP messages being exchanged between a server and a client. Which tool should you use on the server? - Spiceworks - Wireshark - iPerf - NetFlow

Wireshark

What type of diagram shows a graphical representation of a network's wired infrastructure? - Rack diagram - Wiring diagram - Network map - Network topology

Wiring diagram

Which of the following wireless technologies does not use the 2.4 GHz band? - Z-Wave - Bluetooth - ZigBee - Wi-Fi

Z-Wave

You've decided to run an Nmap scan on your network. Which apps could you open to perform this task? Choose all that apply. - Zenmap - Microsoft Edge - Command Prompt - PowerShell

Zenmap, Command Prompt, PowerShell

When a vulnerability is exploited before the software developer can provide a solution for it or before the user applies the published solution is known as a ___ attack. - DDoS - Zero-Day - Phishing - Man-in-the-middle

Zero-Day

Which device can manage traffic to multiple servers in a cluster so all servers equally share the traffic? - Router - Firewall - Switch - Load balancer

Load balancer

With which network connection type does the VM obtain IP addressing information from its host? - Bridged mode - Managed mode - NAT mode - Isolation mode

NAT mode

Which term best describes the act of actively searching for a computer's ports by the use of specialized software? - Port searching - Port vulnerabilities - Port reconnaissance - Port scanning

Port scanning

As you're troubleshooting a dead zone in your office, which measurement will help you determine the edges of the dead zone? - RSSI - Channel - EIRP - Band

RSSI

Which type of disaster recovery site contains all the equipment you would need to get up and running again after a disaster, and yet would require several weeks to implement? - Warm site - Standby site - Hot site - Cold site

Cold site

Which device would allow an attacker to make network clients use an illegitimate default gateway? - RA guard - DHCP server - Proxy server - Network-based firewall

DHCP server

Which type of DoS attack orchestrates an attack bounced off uninfected computers?

DRDoS attack

Which type of DoS attack orchestrates an attack bounced off uninfected computers? - FTP bounce - Ransomware - DRDoS attack - PDoS attack

DRDoS attack

What type of attack relies on spoofing? - Deauth attack - Friendly DoS attack - Tailgating - Pen testing

Deauth attack

What field in an IPv4 packet is altered to prioritize video streaming traffic over web surfing traffic? - Traffic Class - Priority Code Point - Time to Live - DiffServ

DiffServ

You sent a coworker a .exe file to install an app on their computer. What information should you send your coworker so they can ensure the file has not been tampered with in transit? - Public encryption key - Hash of the encryption key - Private encryption key - Hash of the file

Hash of the file

When shopping for a new router, what does the MTBF tell you? - How long until that device fails - How much it will cost to repair that device - How long devices like this one will last on average until the next failure - How long it will usually take to repair that device

How long devices like this one will last on average until the next failure

What is the first step in improving network security? - Document next steps. - Identify risks. - Determine which resources might be harmed) - Develop plans for responding to threats.

Identify risks.

Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this? - Ransomware - Logic bomb - Virus - Worm

Logic bomb

A transceiver was recently damaged by a lightning strike during a storm. How might you decide whether the ISP is responsible for replacing this device, or whether your company must foot the bill? - Look at whether the device is located on the ISP's side of the demarc) - Look at the manufacturer information on the device's label. - Look at purchase records for the device to determine when it was acquired) - Look at what kinds of cables are connected to this device.

Look at whether the device is located on the ISP's side of the demarc)

A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project's team members. What type of document should they use? - AUP - NDA - MDM - BYOD

NDA

What type of document should a company use to restrict project-related information?

NDA

Which cloud management technique executes a series of tasks in a workflow? - Automation - IaC - SLA - Orchestration

Orchestration

Which cloud service model gives software developers access to multiple platforms for testing code? - IaaS - PaaS - SaaS - XaaS

PaaS

Which of the following social engineering attack types most likely requires that the attacker have existing knowledge about the victim? - Tailgating - Shoulder surfing - Piggybacking - Phishing.

Phishing.

Your organization has just approved a special budget for a networksecurity upgrade. What procedure should you conduct to develop your recommendations for the upgrade priorities? -Data breach - Security audit - Exploit - Posture assessment

Posture assessment

Which assessment type would most likely discover a security risk related to employee on-boarding? - Vendor risk assessment - Process assessment - Threat assessment - Posture assessment

Process Assessment

Which device can be used to increase network performance by caching websites? - Firewall - Proxy server - IDS - Security group

Proxy server

You've just completed a survey of the wireless signals traversing the airspace in your company's vicinity, and you've found an unauthorized AP with a very strong signal near the middle of the 100-acre campus. Its SSID is broadcasting the name of a smartphone model. What kind of threat do you need to report to your boss? - Rogue AP - War driving - Evil twin - Hidden node

Rogue AP

Which of the following devices are you likely to find in the MDF? Choose all that apply. - Routers - Switches - Network printer - KVM switch

Routers, Switches, KVM

What command requests the next record in an SNMP log? - SNMP Get Request - SNMP Get Next - SNMP Trap - SNMP Get Response

SNMP Get Next

Which of the following is considered a secure protocol? - FTP - SSH - Telnet - HTTP

SSH

Which principle ensures auditing processes are managed by someone other than the employees whose activities are being audited? - Separation of duties - Principle of least privilege - Shared responsibility model - Defense in depth

Separation of duties

You need to securely store handheld radios for your network technicians to take with them when they're troubleshooting problems around your campus network. What's the best way to store these radios so all your techs can get to them and so you can track who has the radios? - Locking rack - Smart locker - Locking cabinet - Access control vestibule

Smart locker

Which device will let you determine all frequencies within a scanned range that are present in a specific environment, not just Wi-Fi? - Wi-Fi analyzer - Captive portal - Wireless LAN controller - Spectrum analyzer

Spectrum analyzer

Which of the following features of a network connection between a switch and server is not improved by link aggregation? - Bandwidth - Fault tolerance - Speed - Availability

Speed

A neighbor hacks into your secured wireless network on a regular basis, but you didn't give her the password) What loophole was most likely left open? - Guest Network was not established - You are using WPA2 encryption instead of using WEP Encryption - MAC filtering was not enabled -The default password was not changed)

The default password was not changed)

What does a client present to a network server to access a resource on that server? - Principal - Ticket - Ticket-Granting Ticket - Key

Ticket

Your roommate has been hogging the bandwidth on your router lately. What feature should you configure on the router to limit the amount of bandwidth his computer can utilize at any one time? - Power management - Congestion control - Flow control - Traffic shaping

Traffic shaping

What addresses does an 802.11 frame contain that an 802.3 frame does not? (Select all that apply.) MAC address - Transmitter address - IP address - Receiver address - Gateway address

Transmitter address & Receiver address

Which Wi-Fi encryption standard was designed to use AES encryption? - WPA - WPA2 - WEP - WEP2

WPA2

What is the primary difference between how WPA2-Personal and WPA2-Enterprise are implemented on a network? - WPA2-Personal offers a stronger encryption. - WPA2-Personal requires a RADIUS authentication server. - No difference other than the size of the network being used) - WPA2-Enterprise requires a RADIUS authentication server.

WPA2-Enterprise requires a RADIUS authentication server.

Which ACL rule will prevent pings from a host at 192.168.2.100? - access-list acl_2 permit icmp any host 192.168.2.100 - access-list acl_2 deny icmp host 192.168.2.100 any - access-list acl_2 deny tcp host 192.168.2.100 host 192.168.2.1 - access-list acl_2 deny icmp any host 192.168.2.100

access-list acl_2 deny icmp host 192.168.2.100 any

Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address? - access-list acl_2 deny tcp any any - access-list acl_2 permit https any any - access-list acl_2 deny tcp host 2.2.2.2 host 3.3.3.3 eq www - access-list acl_2 permit icmp any any

access-list acl_2 permit https any any

Which off-boarding policy can protect proprietary corporate information if a smartphone is lost? - Remote wipe - Trusted access - OS update requirements - Site survey

emote wipe

To exchange information, two antennas must be tuned to the same ____. (Select all that apply.) - frequency - band- channel - bandwidth

frequency & channel

Although they might engage in illegal activity, the intent of a __ is to educate and assist. - white hat hacker - black hat hacker - red hat hacker - gray hat hacker

gray hat hacker

If you're shopping for a rack switch, what component on the switch tells you it can be mounted to a rack? - AC adapter - Rack ears - Padded feet - Large fans

Rack ears

Which power device prevents a critical server from losing power, even for an instant? - Surge protector - Generator - PDU - UPS

UPS

Which of the following would an environmental monitoring system not track? - Liquid detection - User authentication - Data room lights - UPS voltage

User authentication

Which device converts signals from a campus's analog phone equipment into IP data that can travel over the Internet? - Legacy PBX - VoIP phone - Voice gateway - Dedicated telephone switch

Voice gateway

Which backup site includes a running server that does not have access to the latest backups? - Warm site - Cold site - Hot site - On site

Warm site

Which of the following would be assigned an OID? - An NMS server - A switch's interface - A web server - A UDP port

A switch's interface

When you arrive at work one morning, your inbox is full of messages complaining of a network slowdown. You collect a capture from your network monitor. What documentation can help you determine what has changed? - Anomalous behavior - Operating System Logs - A baseline - None of the above

Baseline

When repairing a coworker's computer, you find some illegal files. What should you do next? - Shut down the computer and unplug it. - Take screenshots on the computer and save them in your own folder. - Disconnect the computer from the network and leave it running. - Delete the files.

Disconnect the computer from the network and leave it running.

Which bandwidth management technique limits traffic specifically between a single sender and a single receiver? - Congestion control - Traffic shaping - Quality of Service - Flow control

Flow control

Which flow control method resends a lost frame along with all frames sent with it? - Selective repeat sliding window - Backpressure - Go-back-n sliding window - Stop-and-wait

Go-back-n sliding window

Why might you want to install two power supplies in a critical server? - to increase the power capabilities of the server - If one power supply fails, the other can take over - to increase the voltage capacity of the server - both a and b are correct

If one power supply fails, the other can take over

Which of the following is not defined by syslog? - Message transmission - Message format - Message handling - Message security

Message security

Which data link layer flow control method offers the most efficient frame transmission when sending large volumes of data? - Go-back-n sliding window - Choke packet - Selective repeat sliding window - Stop-and-wait

Selective repeat sliding window

What are the two main categories of UPSs? (Select 2) - Standby - Shunt - Online - inline

Standby Online

Which log type would most likely be used first to investigate the cause of high numbers of dropped packets? - Traffic log - System log - Jitter log - Audit log

Traffic log

All of the following are congestion control techniques help to prevent network congestion except? - Retransmission policy - acknowledgment policy - bandwidth governance policy - discarding policy

bandwidth governance policy

Which of the following statements is true? Choose two. - When streaming a movie, the transmission is sensitive to loss and tolerant of delays. - When sending an email, the transmission is sensitive to delays and tolerant of loss. - When streaming a movie, the transmission is sensitive to delays and tolerant of loss. - When sending an email, the transmission is sensitive to loss and tolerant of delays.

When streaming a movie, the transmission is sensitive to delays and tolerant of loss. When sending an email, the transmission is sensitive to loss and tolerant of delays.


Ensembles d'études connexes

Accounting Ch.2 Required and Optional Notes

View Set

Chapter 8--Organizing and Outlining

View Set

Field Crop Section 3 review questions

View Set

Econ203 Chapter 5.4-5.5 & Appendix

View Set

NU310 HESI (renal, urinary and reproductive)

View Set