Netsec 2
To determine best path, routers use metrics such as the value of the first octet of the destination IP address.
False
A packet monkey is an unskilled programmer who spreads viruses and other malicious scripts to exploit computer weaknesses.
False, mate
What is the packet called where a Web browser sends a request to the Web server for Web page data?
HTTP GET
Which security tool works by recognizing signs of a possible attack and sending notification to an administrator?
IDPS
What is contained in ARP tables?
IP address, MAC address
What feature in ICMPv6 replaces ARP in IPv4?
Neighbor Discovery
Which of the following is an open standard used for authentication on Cisco routers?
RADIUS
Which of the following is the first packet sent in the TCP three-way handshake?
SYN
What is the sequence of packets for a successful three-way handshake?
SYN, SYN ACK, ACK
Which field in the IP header is an 8-bit value that identifies the maximum amount of time the packet can remain in the network before it is dropped?
TTL
Which IPv6 header field is known as the priority field?
Traffic Class
What is a program that appears to do something useful but is actually malware?
Trojan
A worm creates files that copy themselves repeatedly and consume disk space.
True
Cisco routers support both numbered and named ACLs, starting with IOS version 11.2.
True
Physical security protects a system from theft, fire, or environmental disaster.
True
The IP address 172.20.1.5 is a private IP address.
True
The TCP protocol uses a three-way handshake to create a connection.
True
What tool do you use to secure remote access by users who utilize the Internet?
VPN
Why might you want your security system to provide nonrepudiation?
so a user can't deny sending or receiving a communication
Which term is best described as an attack that relies on the gullibility of people?
social engineering
What remote shell program should you use if security is a consideration?
ssh
Which of the following is NOT an advantage of IPv6 versus IPv4?
supports static configuration
Under which attack category does a UNIX Sendmail exploitation fall?
suspicious data payload
What should you set up if you want to store router system log files on a server?
syslog server
Which of the following is a valid IPv6 address?
1080::8:800:200C:417A
How large is the IPv6 address space?
128 bits
Which of the following addresses is a Class B IP address?
189.77.101.6
If you are subnetting a class B network, what subnet mask will yield 64 subnets?
255.255.252.0
Which of the following is considered a flooded broadcast IP address?
255.255.255.255
Which protocol that runs on Cisco routers shares information between Cisco devices?
CDP
Which protocol is responsible for automatic assignment of IP addresses?
DHCP
A rollover cable is wired similarly to an Ethernet cable except that pins 7 and 8 are crossed
False
Current Microsoft OSs include IPv6, but to use it, you must enable it first.
False
Reviewing log files is a time-consuming task and therefore should only be done when an attack on the network has occurred.
False
The Transport layer of the OSI model includes the RIP protocol.
False
Which type of scan has the FIN, PSH, and URG flags set?
Xmas scan
Which of the following is true about standard IP ACLs?
a 0.0.0.0 inverse mask means all bits are significant
Defense in depth can best be described as which of the following?
a layered approach to security
Which security layer verifies the identity of a user, service, or computer?
authentication
What type of attack does a remote-access Trojan attempt to perpetrate?
back door
Malware that creates networks of infected computers that can be controlled from a central station is referred to as which of the following?
botnet
In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated?
challenge/response
What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?
checksum
Which of the following is NOT information that a packet filter uses to determine whether to block a packet?
checksum
Which of the following is a command you would find in an antispoofing ACL for network 172.31.0.0/16?
deny ip 172.31.0.0 0.0.255.255 any log
What should you do when configuring DNS servers that are connected to the Internet in order to improve security?
disable zone transfers
What uses mathematical calculations to compare routes based on some measurement of distance?
distance-vector routing protocols
Which of the following types of password prevents a user from accessing privileged exec mode on a Cisco router?
enable
Which of the following is NOT one of the three primary goals of information security?
impartiality
Which of the following is a reason that UDP is faster than TCP?
it doesn't guarantee delivery
Which of the following is a metric routers can use to determine best path?
link state
Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus?
macro
Which of the following is NOT a reason for subnetting a network?
making larger groups of computers
Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications?
man-in-the-middle
Of what category of attack is a DoS attack an example?
multiple-packet attack
What can an attacker use a port scanner to test for on a target computer?
open sockets
What does a sliding window do in a TCP packet?
provides flow control
What is the name of a storage area where viruses are placed by antivirus software so they cannot replicate or do harm to other files?
quarantine
Which type of firewall policy calls for a firewall to deny all traffic by default?
restrictive policy
Which of the following makes routing tables more efficient?
route summarization
What is a VPN typically used for?
secure remote access
What Cisco router command encrypts all passwords on the router?
service password-encryption
Which of the following is true about extended IP ACLs?
they should be applied to an interface close to the traffic source
A hactivist can best be described as which of the following?
use DoS attacks on Web sites with which they disagree