Netowrking 2 final test
In ACL statements, using the "any" keyword is equivalent to using a wildcard mask of what value?
255.255.255.255
Which of the following is NOT a task that a VPN concentrator is responsible for?
A VPN concentrator shuts down established connections when malicious traffic occurs.
What statement regarding denial-of-service (DoS) attacks is accurate?
A denial-of-service attack prevents legitimate users from accessing normal network resources.
What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model?
A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.
Which of the following statements describes a worm?
A program that runs independently of other software and travels between computers and across networks.
Which of the following scenarios represents a phishing attempt?
An e-mail was sent to a manager at your company that appeared to be from the company's CTO, asking for access.
In order to prevent ports that are serving network hosts from being considered as best paths, what should be enabled to block BPDUs?
BPDU guard
Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?
Citrix Xen
Which of the following virtualization products is an example of a bare-metal hypervisor?
Citrix XenServer
What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels?
Dynamic Multipoint VPN
The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?
FCS
A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor. T/F
False
A hacker, in the original sense of the word, is someone with technical skill and malicious intent. T/F
False
A stateless firewall inspects each incoming packet to determine whether it belongs to a currently active connection. T/F
False
After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel. T/F
False
Different types of organizations have similar levels of network security risks. T/F
False
FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the same protocol. T/F
False
It is ideal to use the same password for multiple different applications, provided the password is complex enough. T/F
False
Of the three methods of access control (RBAC, DAC, and MAC), RBAC is the least secure of the options. T/F
False
The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80. T/F
False
The original version of the Secure Hash Algorithm was developed by MIT. T/F
False
When utilizing Kerberos, an access granting ticket is the same as a key. T/F
False
The Spanning Tree Protocol operates at the Network layer of the OSI model. T/F
Flase
Which statement regarding the IKEv2 tunneling protocol is accurate?
IKEv2 offers fast throughput and good stability when moving between wireless hotspots.
What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?
IPsec
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?
IaaS
When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect?
In an authorization file on the host where the SSH server is.
What is a SIEM (Security Information and Event Management) system utilized for?
It is a system used to evaluate data from security devices and generate alerts.
When using Kerberos, what is the purpose of a ticket?
It is a temporary set of credentials that a client uses to prove to other servers that its identity has been validated.
Why is the telnet utility a poor choice for remote access to a device?
It provides poor authentication and no encryption.
A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model?
Layer 2
Which legacy authentication protocol requires mutual authentication?
Microsoft Challenge Handshake Authentication Protocol, version 2 (MS-CHAPv2)
By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM?
NAT mode
Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers?
Nessus
At what layer of the OSI model does the IPsec encryption protocol operate?
Network layer
What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked?
OpenVPN
Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate?
PPP can support strong encryption, such as AH or ESP.
What is NOT a variable that an network access control list can filter traffic with?
The operating system used by the source or destination device.
Which statement regarding the use of a bridged mode vNIC is accurate?
The vNIC will its own IP address on the physical LAN.
Which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use?
Trivial FTP (TFTP)
A community cloud is a service shared between multiple organizations, but not available publicly.T /F
True
A drop ceiling could be used by an intruder to gain access to a secured room. T/F
True
An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models. T/F
True
By default, Active Directory is configured to use the Kerberos protocol, but can be configured to use LDAP or a combination of LDAP and Kerberos. T/F
True
Current research indicates that a long, random string of words, such as correct horse battery staple is more secure than a random series of letters, numbers, and symbols that is short enough to be remembered. T/F
True
Digital certificates are issued, maintained, and validated by an organization called a certificate authority (CA) T/F
True
Office 365 is an example of an SaaS implementation with a subscription model. T/F
True
Over a long-distance connection, using SSH keys is more secure than using passwords. T/F
True
PPP can support several types of Network layer protocols that might use the connection T/F
True
Proxy servers and ACLs on network devices are examples of non-security devices with security features, while firewalls and IDS/IPS systems are the network's specialized security devices. T/F
True
Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both potential symptoms of a viral infection. T/F
True
The PEAP standard creates an encrypted TLS tunnel between the supplicant and the server before proceeding with the usual EAP process. T/F
True
The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol. T/F
True
The day after Patch Tuesday is informally dubbed Exploit Wednesday. T/F
True
The storm-control command is a type of flood guard that is available on most major network switch vendor platforms. T/F
True
The supplicant is an EAP entity responsible for requesting authentication, such as a smartphone or laptop. T/F
True
The term malware is derived from a combination of the words malicious and software. T/F
True
User access to network resources falls into one of these two categories: 1) the privilege or right to execute, install, and uninstall software, and 2) permission to read, modify, create, or delete data files and folders. T/F
True
VMware Player and Linux KVM are both examples of what type of hypervisor?
Type 2 hypervisor
Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate?
VNC is open source, allowing companies to develop their own software based on VNC.
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?
VPN gateway
What is NOT a potential disadvantage of utilizing virtualization?
Virtualization software increases the complexity of backups, making creation of usable backups difficult.
When is it appropriate to utilize the NAT network connection type?
Whenever the VM does not need to be access at a known address by other network nodes.
What penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes?
metasploit
What term is used to describe a space that is rented at a data center facility by a service provider?
point of presence (PoP)
The concept of giving employees and contractors only enough access and privileges to do their jobs is known by what term?
principle of least privilege
The use of certificate authorities to associate public keys with certain users is known by what term?
public-key infrastructure
If someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking place?
quid pro quo
In order to generate a public and private key for use with SSH, what command line utility should you use?
ssh-keygen
A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this?
tailgating
Which of the following statements correctly describes the malware characteristic of polymorphism?
Polymorphic malware can change its characteristics every time it is transferred to a new system.
Which adaptation of EAP utilizes EAP-MSCHAPv2 inside of an encrypted TLS tunnel?
Protected EAP (PEAP)
By far the most popular AAA service, what open-source service runs in the Application layer and can use UDP or TCP in the Transport layer?
RADIUS
In a software defined network, what is responsible for controlling the flow of data?
SDN controller
What statement regarding the SSH (Secure Shell) collection of protocols is accurate?
SSH supports port forwarding.
When using Spanning Tree Protocol, what is the first step in selecting paths through a network?
STP must first select the root bridge, or master bridge.
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?
SaaS
Which protocol designed to replace STP operates at Layer 3 of the OSI model?
Shortest Path Bridging (SPB)
Which of the following is an example of proxy server software?
Squid
In the typical social engineering attack cycle, what occurs at Phase 3?
The attacker exploits an action undertaken by the victim in order to gain access.
In a red team-blue team exercise, what is the purpose of the blue team?
The blue team is charged with the defense of the network.
What kind of firewall can block designated types of traffic based on application data contained within packets?
content-filtering firewall
Utilized by China's so-called "Great Firewall", what type of attack can prevent user access to web pages, or even redirect them to illegitimate web pages?
denial-of-service attack
Enforcing a virtual security perimeter using a client's geographic location is known by what term?
geofencing
If multiple honeypots are connected to form a larger network, what term is used to describe the network?
honeynet
On a Linux system, which command allows you to modify settings used by the built-in packet filtering firewall?
iptables
The combination of a public key and a private key are known by what term below?
key pair
A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what type of malware?
logic bomb
You have been tasked with the configuration of a Juniper switch, and have been told to restrict the number of MAC addresses allowed in the MAC address table. What command should you use?
mac-limit
An attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack?
man-in-the-middle attack