ITN 263 yeeted?
Which of the following is a common firewall philosophy?
deny by default
A company vice president (VP) finds that the network security restrictions imposed by the security manager are too confining. To counter them, the VP habitually uses weak passwords, shares accounts with his assistant, and installed unapproved software. What security principle is the VP violating?
fail open
All firewalls provide network perimeter security.
false
Hashing does not verify the integrity of messages.
false
In intrusion detection, anomaly-based detection looks for differences from normal traffic based on a recording of real-world traffic that establishes a baseline.
false
Multiple firewalls in a series is considered diversity of defense but not defense in depth.
false
The goal of the Electronic Privacy Information Center (EPIC) is to preserve consumer privacy in the state of California.
false
The less complex a solution, the more room there is for mistakes, bugs, flaws, or oversights by security administrators.
false
The pfSense firewall is a border firewall.
false
The weakest link security strategy gains protection by using abnormal configurations.
false
pfSense can be installed on a local firewall only.
false
Which of the following is closely associated with maintaining data integrity?
hash
Chang is a network engineer. He is revising the company's firewall implementation procedure. He is reviewing the procedural element requiring placement of network firewalls at chokepoints and mapping out the network structure to pinpoint the location where firewalls are to be placed. Which of the following is he focusing on?
network design
Protecting computers, hard disks, databases, and other computer equipment from unauthorized Internet access can be categorized as what kind of security area?
network security
The design of firewall placement and configuration in a network infrastructure has many aspects. Which of the following concerns is most likely related to an upper management decision that does NOT conform with existing security policy?
political
Which of the following network zones has the lowest risk and the highest trust?
private network
Landon is a network contractor. He has been hired to design security for the network of a small company. The company has a limited budget. Landon is asked to create a system that will protect the company's workstations and servers without undo expense. Landon decides to deploy one hardware firewall between the Internet and the local area network (LAN). What is this solution called?
single defense
A best practice when troubleshooting issues is to make one change at a time, and then test the change before making any other changes.
true
A drawback of multiple-vendor environments is the amount of network staff training that is typically needed.
true
A firewall allows you to restrict unauthorized access between the Internet and an internal network.
true
A firewall best practice is to document every action taken during troubleshooting.
true
A small office/home office (SOHO) virtual private network (VPN) hardware firewall provides remote access.
true
A web server between two firewalls is considered to be in a demilitarized zone (DMZ).
true
Basic packet filtering provided by routers can be used to protect subnets within a network.
true
Firewall implementation documentation should include every action taken from the moment the firewall arrives on site through the point of enabling the filtering of production traffic.
true
Firewall logging helps to ensure that defined filters or rules are sufficient and functioning as expected.
true
Thirty years ago, a major corporation purchased and still owns IP addresses within the IPv4 Class A range. The corporation uses these addresses to connect to the Internet. To which IPv4 address range do they belong?
10.0.0.0 to 10.255.255.255
While the design of a hardware firewall requires it to filter all inbound and outbound traffic, it can also act as a bottleneck for that traffic if the wire speed it filters at is too slow. For a 1 gigabits per second (Gbps) network, what filtering wire speed should the firewall possess?
2 Gbps or higher
Tonya is a student. She is working through a network addressing scheme example for a class. She has read that the 128-bit address 2001:0f58:0000:0000:0000:0000:1986:62af can be shortened but is trying to understand how. What is the correct solution?
2001:0f58::1986:62af
Passive threats are those you must act upon to be harmed, such as clicking a link and downloading infected content. An active threat, such as a hacker, seeks out vulnerable targets. Which of the following is least effective against passive threats?
A door lock
Firewalls should be considered a part of a security infrastructure, not the totality of security.
true
Which of the following can affect the confidentiality of documents stored on a server?
A server breach
Which of the following best describes a network chokepoint?
A specialized kind of gateway that focuses on traffic to a single concentrated pathway to streamline the process of filtering
In an N-tier deployment, multiple subnets are deployed in series to separate private resources from public.
true
One common firewall event that usually warrants an alert is a firewall reboot.
true
Reverse proxy is a firewall service that allows external users access to internally hosted web resources.
true
Security systems configured by the same security administrator can potentially have the same misconfiguration or design weakness.
true
The pfSense firewall requires the host to have at least two network interface controllers (NICs).
true
Under the universal participation security stance, every employee, consultant, vendor, customer, business partner, and outsider must be forced to work within the security policy's limitations.
true
Users with the minimum level of access to resources needed to complete their assigned tasks follow the principle of least privilege.
true
When the defense in depth security strategy is followed, a single component failure does not result in compromise or intrusion.
true
With diversity of defense, most layers use a different security mechanism.
true
You can check firewall connectivity using the ping and traceroute commands.
true
Which network device concentrates communications signals, accepts only basic commands, and provides statistics such as throughput measures and uptime percentages?
Active Hub
Which of the following is a feature of NTFS that allows complete additional files to successfully hide beneath any normal file object and be almost undetectable?
Alternate Data Streams (ADS)
Although it is not recommended, a company chief information officer (CIO) wants to configure and use the ff02::1 group on his new IPv6 network to send traffic to every node in the infrastructure. What group must he enable?
Anycast
Charles is an IT help desk technician. He gets a ticket from a branch office saying that they lost Internet connectivity. He investigates remotely over a backup maintenance link and determines that this was done by design; the office's firewall deliberately severed the connection. Which of the following does this functionality define?
Bastion host
Before an Internet user can access a demilitarized zone (DMZ), extranet, or private network resource, it first encounters an entity that is sturdy enough to withstand any sort of attack. What is this entity called?
Bastion host operating system
Isaac is designing a network infrastructure as a class project. He determines that one device he requires must have the capacity to act as a repeater, operate at the Data Link Layer of the OSI model, be able to filter packets based on their MAC address, and allow communication between two local area networks (LANs). Which device will fulfill these specifications?
Bridge
A bank's online infrastructure has been under attack by hackers. In addition to standard security methods, the bank's IT security manager has requested website code to be examined and modified, where necessary, to address possible arbitrary code execution. What will the code modifications prevent?
Buffer overflows
Nina is a corporate attorney for a San Francisco firm. The chief information and security officer (CISO) told her that the firm's data center had been hacked 24 hours ago. The personal information of more than 3 million users was accessed, including their full names, addresses, and login credentials. Nina discusses the company's liability under the law, including the requirement to implement and maintain reasonable security procedures and practices. If it can be proven that the firm was negligent, it may need to pay damages. Which of the following regulates this issue?
CCPA
Augustine is a network engineer for a mid-sized company. He needs to deploy a new firewall, which was expensive to purchase and is complex to configure. In preparation for installation and configuration, he attends training conducted by the firewall vendor. Which of the following types of firewalls is he most likely planning to install?
Commerical
Jiang is a network technician. He is programming a web server to provide clients with dynamically produced web content in real time based on several attributes that the connecting user enters. This includes any forms the user may fill out. Martha is the cybersecurity chief. She says that the technology Jiang is using could expose sensitive customer data to hackers if it were ever accessed. What web server technology is Jiang using?
Common Gateway Interface (CGI )
Tonya is redesigning her company's network infrastructure to accommodate rapid growth. Several departments are highly specialized. Tonya needs to allow Network News Transfer Protocol (NNTP) on some, but not all, subnets. Her budget is limited. Which of the following is the best solution
Configure existing routers to filter NNTP packets.
Temika is the IT security officer for her company. The CIO has told her that network security success is not about preventing all possible attacks or compromises. Of the following, what goal or accomplishment should she work toward?
Continually improving the state of security so that, as time passes, the network is better protected than it was in the past
A social networking website has been gathering a great deal of personal information on its users for years. This presents the potential danger of exposure if the site is hacked. In addition, the data could be sold by the social networking platform without the users' knowledge or consent. What technology does the social media company most likely use to gather data, such as users' buying preferences?
Data mining
What is an intrusion detection system/intrusion prevention system (IDS/IPS) that uses patterns of known malicious activity similar to how antivirus applications work?
Database-based detection
Devaki is an engineer who is designing network security for her company's infrastructure. She is incorporating protections for programming flaws, default settings, maximum values, processing capabilities, and memory capacities on devices, as well as malicious code and social engineering. What is this type of protection called?
Defense in depth
Which of the following is a firewall, proxy, and routing service that does NOT support caching, encryption endpoint, or load balancing? Note that this service can be found on almost any service or device that supports network address translation.
Demilitarized zone (DMZ)
Which of the following is a firewall implementation best practice?
Different firewall products should be used depending on firewall placement, such as different products for border firewalls versus internal host firewalls.
Brianna is an IT technician. She is studying a threat that holds the communication channel open when a TCP handshake does not conclude. What kind of attack does this involve?
Dos
The network engineer of a mid-size company needs to have all servers, network printers, and other online resources possess the same IPv4 address over time. The engineer does not want to perform manual address assignments on all of these resources. Additionally, she wants to prevent any rogue device from having an IPv4 address dynamically assigned just by making the request. What is her solution?
Dynamic Host Configuration Protocol (DHCP) reservation
What prevents firewall filtering?
Encryption
An intrusion detection system (IDS) false positive occurs when the IDS fails to detect an attack.
FALSE
A breach is any attempt to get past a network's defenses
False
Cross-site scripting (XSS) grants a hacker access to a back-end database.
False
Eavesdropping occurs over wireless connections, not wired connections.
False
In terms of networking, permission is the abilities granted on the network.
False
In terms of networking, privilege is the authorization to access an asset.
False
Integrity is the protection against unauthorized access, while providing authorized users access to resources without obstruction.
False
One of the advantages of an off-the-shelf firewall versus a do-it-yourself firewall is lower cost.
False
Static IP addressing hands out IP addresses to hosts from a pool.
False
Subnetting and VLANing are methods used to create physical networks.
False
The physical topology is how the network appears from any device or user and is governed by policy and access rather than by physical connectivity.
False
The sole use of ingress and egress filtering is to eliminate spoofing.
False
Malika is a network engineer who is configuring firewalls separating both the Accounting and HR departments from the rest of the business divisions on the local area network (LAN). She wants to allow only certain traffic into those subnets from both internal employees and those working from home. The traffic may include email, chat, and video conferencing. She wants to prevent access to the company intranets to protect confidential employee and financial data. How has she configured these firewalls
Filter
Which form of firewall filtering is NOT as clear or distinct as other types?
Filtering on whether an address is real or spoofed
A major U.S. online retailer has discovered that thousands of purchases have been paid for by stolen credit card numbers. An initial analysis of the location of the buyers reveals IP addresses from within the United States. Upon further investigation, it is found that the actual origin point of the fraudulent buyer is a series of IP addresses located in Asia. What technology is the fraudster using?
IP address fraud
Location-aware anti-theft software will periodically upload its location to a centralized site in the event that the mobile device is lost or stolen. What can defeat this?
If the thief reformats the mobile device's drive
To secure the System/Application Domain of an IT infrastructure, what is the primary focus?
In a collection of servers and virtualized systems, defending both data and server computing power
An IT infrastructure manager is reviewing his company's computer assets, particularly the mean time to failure (MTTF) of the PC and server hard drives. The manufacturer of the hard drives typically used in the company states that the MTTF is approximately 11 years. Because servers and some high-priority workstations must operate continuously except for brief periods of maintenance, how many hours, on average, can these hard drives be expected to operate before failure?
More than 90,000 hours
Which of the following can be described as putting each resource on a dedicated subnet behind a demilitarized zone (DMZ) and separating it from the internal local area network (LAN)?
N-tier deployment
Marcus is studying networking with an emphasis on cybersecurity at a local university. As part of his research, he wants to visit certain hacker sites but is concerned that his laptop would be vulnerable to passive threats while visiting them. He doesn't have the funds for expensive security equipment. What is the least expensive option he has at hand?
Native Firewall
Werner is a security manager for a health insurance company. He is examining the organization's compliance with patient privacy. While investigating how staff handle verbal and email communications, he discovers that some staff members are lax about how well they protect details that, when combined, might be used to reveal sensitive details about some customers. What is the focus of his concern?
PII
Thuan is a new network engineer. He is increasing the security of end-user computers. Which of the following is a security feature every client computer needs?
Password-protected screen saver
As part of the bring your own device (BYOD) program, the company CIO is encouraging employees to use their personal devices for business purposes. However, an attacker with the right kind of antenna can access the wireless network from a great distance, putting internal assets at risk. Of the following, what is the best solution?
Physically isolate wireless access from the wired network.
Israel is a network technician who has just deployed a new firewall. Before putting it in production, he wants to test the firewall's ability to filter traffic according to its rule set, without risking the internal network. What is the best solution?
Place the firewall in a virtual network environment and simulate traffic.
Which of the following is a concern when considering the use of a demilitarized zone (DMZ) firewall solution to access high-value data on an internal network?
Poorly constructed firewall rules
Logan is a network administrator. He is considering a firewall purchase for a branch office being built by his company. Above all other considerations, the design requires a device capable of a high degree of imposing user access restrictions. What is this called?
Privilege control
Which operating system (OS) for a bastion host runs on most appliance firewalls as well as many Internet service provider (ISP) connection devices?
Proprietary OS
Which of the following records every connection outside the network on the Internet by IP address and URL requested?
Proxy server
Amy is a network engineering consultant. She is designing security for a small to medium-sized government contractor working on a project for the military. The government contractor's network is comprised of 30 workstations plus a wireless printer, and it needs remote authentication. Which of the following is a type of authentication solution she should deploy?
RADIUS
A mid-sized company's IT security engineer is attempting to make it more difficult for the company's wireless network to be compromised. She is using techniques such as random challenge-response dialogue for authentication, timestamps on authentication exchanges, and one-time pad or session-based encryption. What form of wireless attack is she defending against?
Replay
Which deployment of a web server uses network address translation (NAT) mapping and is considered the poorest security choice?
Reverse proxy
The combination of certain techniques allows for relevant information collected by this solution from multiple systems and processes to be aggregated and analyzed for use in decision making. What is the name of this solution?
Security information and event management (SIEM)
Manuela has researched a third-party software firewall she wants to install on her PC since she believes it is a better quality than the operating system's onboard firewall. She has read the installation instructions. The firewall is compatible with her operating system and has gotten good customer reviews. After performing the installation last week, she notices that numerous malicious exploits are successfully hacking her computer. What went wrong?
She forgot to disable the native firewall when she installed the third-party firewall.
Demetrice is a network consultant. She has been hired to design security for a network that hosts 25 employees, many of whom need remote access. The client recently opened another small office in a neighboring community and wants to be able to routinely establish secure network connections between the two locations. The client often deals with customer bank information and requires a particularly secure solution. What is her response to these requirements?
Small office/home office (SOHO) virtual private network (VPN)
A best practice is to use strong authentication and nonrepudiation methods for all transactions over the Internet.
TRUE
In the fail-safe security stance, when any aspect of security fails, the best result of that failure is to fail into a state that supports or maintains essential security protections.
TRUE
Including photos of configuration screens in firewall procedures can speed up restoration after a network incident.
TRUE
It is often more difficult to preserve a user's privacy on the Internet than in the physical world.
TRUE
The collection of disparate log information from systems on a network is called aggregation.
TRUE
A company has discovered that confidential business information has been repeatedly acquired by a competitor over the past six months. The IT security team has been unable to find the leaks. The team suspects a form of side-channel eavesdropping may be involved. What is the suspected hacking method?
The competitor is using a phreaking attack.
Jacob is a network technician who works for a publishing company. He is setting up a new hire's access permissions. The new hire, Latisha, is an editor. She needs access to books that have been accepted for publication but are in the review stage. Jacob gives her access to the network drive containing only books in review, but not access to administrative or human resources network drives. What principle is Jacob applying?
The principle of least privilege
Carl is a network engineer for a mid-sized company. He has been assigned the task of positioning hardware firewalls in the IT infrastructure based on common pathways of communication. After analyzing the problem, on which aspect of the network does he base his design?
Traffic patterns
A network switch avoids collisions by reviewing the Media Access Control (MAC) address to determine where each data packet is meant to go.
True
A router is a wired or wireless device that routes traffic between network segments.
True
An advanced persistent threat (APT) quietly resides on a target machine until activated.
True
Static packet filtering uses a static or fixed set of rules to filter network traffic.
True
TCP/IP is a suite of two communication protocols.
True
Windows Defender Firewall is an example of a native firewall.
True
Nahla is a network engineer charged with maintaining the routine operations of equipment in her company's server room. She is aware that fluctuations in electrical power flow can damage delicate circuitry. While configuring redundancy into a number of systems, which component does she choose that offers both redundancy and power conditioning?
Uninterruptable power supply (UPS)
Dhruv is the lead network engineer for his three-year-old company. He is writing a proposal that recommends the network protocol to use in several branch offices. Based on the age of the networking equipment, what is his recommendation to the chief information officer (CIO)?
Upgrade to IPv6
You are a network professional. You want to overcome the security shortcomings of the Domain Name System (DNS). Of the following, what is one of those shortcomings?
Use of a plaintext communication
The network infrastructure supervisor is designing a firewall placement strategy that will protect the organization's Internet-facing web and email servers and the internal network. Which design will provide the best protection?
Using two firewalls to create a demilitarized zone (DMZ); one firewall is placed between the Internet and the servers, the other firewall is located behind the first firewall and the servers protecting the internal network
A combination of intrusion detection and prevention, as well as logging and monitoring, provides the best defense against what kind of attack?
Zero-day exploit
In preserving the confidentiality of users on a corporate network, which party is responsible for setting up security policies to guarantee users' privacy?
administrator