Networking : ch 16, 17
Which device is used by other network devices to authenticate and authorize management access? 1 AAA Server 2 firewall 3 ESA/WSA 4 IPS
1 AAA Server
What mechanism can be implemented in a small network to help minimize network latency for real-time streaming applications? 1 QoS 2 PoE 3 ICMP 4 AAA
1 QoS Quality of service (QoS) is a mechanism which is used to classify and prioritize traffic through the network. This enables network devices to minimize the latency for real-time applications such as voice and video.
George needed to share a video with a co-worker. Because of the large size of the video file, he decided to run a simple FTP server on his workstation to serve the video file to his co-worker. To make things easier, George created an account with the simple password of "file" and provided it to his co-worker on Friday. Without the proper security measures or a strong password, the IT staff was not surprised to learn on Monday that George's workstation had been compromised and was trying to upload work related documents to the internet. What type of attack is described in this scenario? 1 access attack 2 denial of service (DoS) attack 3 malware attack 4 reconnaissance attack
1 access attack
Which three services are provided by the AAA framework? (Choose three.) 1 accounting 2 autoconfiguration 3 autobalancing 4 authentication 5 authorization 6 automation
1 accounting 4 authentication 5 authorization
Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe? 1 environmental 2 electrical 3 configuration 4 maintenance
1 environmental The four classes of threats are as follows: Hardware threats - physical damage to servers, routers, switches, cabling plant, and workstations Environmental threats - temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry) Electrical threats - voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss Maintenance threats - poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
Which network design consideration would be more important to a large corporation than to a small business? 1 redundancy 2 firewall 3 low port density switch 4 Internet router
1 redundancy Small businesses today do need Internet access and use an Internet router to provide this need. A switch is required to connect the two host devices and any IP phones or network devices such as a printer or a scanner. The switch may be integrated into the router. A firewall is needed to protect the business computing assets. Redundancy is not normally found in very small companies, but slightly larger small companies might use port density redundancy or have redundant Internet providers/links.
Which statement is true about CDP on a Cisco device? 1 Because it runs at the data link layer, the CDP protocol can only be implemented in switches. 2 CDP can be disabled globally or on a specific interface. 3 To disable CDP globally, the no cdp enable command in interface configuration mode must be used. 4 The show cdp neighbor detail command will reveal the IP address of a neighbor only if there is Layer 3 connectivity.
2 CDP can be disabled globally or on a specific interface. CDP is a Cisco-proprietary protocol that can be disabled globally by using the no cdp run global configuration command, or disabled on a specific interface, by using the no cdp enable interface configuration command. Because CDP operates at the data link layer, two or more Cisco network devices, such as routers can learn about each other even if Layer 3 connectivity does not exist. The show cdp neighbors detail command reveals the IP address of a neighboring device regardless of whether you can ping the neighbor.
What Windows 10 tool is useful to determine which applications are using network services on a host? 1 Control panel 2 Data Usage 3 File Manager 4 Windows Defender Firewall 5 Windows Explorer
2 Data Usage
What is necessary to plan and use when implementing a network? 1 device names 2 IP addressing scheme 3 MAC addressing scheme 4 printer location
2 IP addressing scheme
Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds? 1 RouterA(config)# login block-for 30 attempts 10 within 2 2 RouterA(config)# login block-for 30 attempts 2 within 10 3 RouterA(config)# login block-for 10 attempts 2 within 30 4 RouterA(config)# login block-for 2 attempts 30 within 10
2 RouterA(config)# login block-for 30 attempts 2 within 10 The correct syntax is RouterA(config)# login block-for (number of seconds) attempts (number of attempts) within (number of seconds).
Which is appropriate for providing endpoint security? 1 a AAA server 2 antivirus software 3 a server-based firewall 4 an ESA/WSA
2 antivirus software
What are two forms of software programs or processes that provide access to the network? (Choose two.) 1 antivirus software 2 application layer services 3 gaming software 4 network applications 5 productivity software 6 virtual machine software
2 application layer services 4 network applications
Where are Cisco IOS debug output messages sent by default? 1 vty lines 2 console line 3 memory buffers 4 Syslog server
2 console line Debug messages, like other IOS log messages, are sent to the console line by default. Sending these messages to the terminal lines requires the terminal monitor command.
What factor should be considered in the design of a small network when devices are being chosen? 1 redundancy 2 cost of devices 3 ISP 4 traffic analysis
2 cost of devices Factors to consider when designing a network include the cost of devices, speed, modularity and scalability, and ease of managing the network.
Angela, an IT staff member at ACME Inc., notices that communication with the company's web server is very slow. After investigating, she determines that the cause of the slow response is a computer on the internet sending a very large number of malformed web requests to ACME'S web server. What type of attack is described in this scenario? 1 access attack 2 denial of service (DoS) attack 3 malware attack 4 reconnaissance attack
2 denial of service (DoS) attack
What is the objective of a network reconnaissance attack? 1 unauthorized manipulation of data 2 discovery and mapping of systems 3 denying access to resources by legitimate users 4 disabling network systems or services
2 discovery and mapping of systems
Which device controls traffic between two or more networks to help prevent unauthorized access? 1 AAA Server 2 firewall 3 ESA/WSA 4 IPS
2 firewall
What is one of the most effective security tools available for protecting users from external threats? 1 patch servers 2 firewalls 3 password encryption techniques 4 router that run AAA services
2 firewalls A firewall is one of the most effective security tools for protecting internal network users from external threats. A firewall resides between two or more networks, controls the traffic between them, and helps prevent unauthorized access. A host intrusion prevention system can help prevent outside intruders and should be used on all systems.
What is required to classify traffic according to priority? 1 IP addressing scheme 2 quality of service (QoS) 3 routing 4 switching
2 quality of service (QoS)
A network technician is investigating network connectivity from a PC to a remote host with the address 10.1.1.5. Which command, when issued on a Windows PC, will display the path to the remote host? 1 traceroute 10.1.1.5 2 tracert 10.1.1.5 3 trace 10.1.1.5 4 ping 10.1.1.5
2 tracert 10.1.1.5 The tracert command is used to initiate a trace from the command prompt on a Windows PC. The traceroute command is used to initiate a trace from a Cisco router or switch. Some other PC operating systems, such as Linux and Mac OS also use the traceroute command. The ping command does not display the network path to the remote host.
What type of traffic would most likely have the highest priority through the network? 1 SNMP 2 voice 3 FTP 4 instant messaging
2 voice
A small company has only one router as the exit point to its ISP. Which solution could be adopted to maintain connectivity if the router itself, or its connection to the ISP, fails? 1 Purchase a second least-cost link from another ISP to connect to this router. 2 Add more interfaces to the router that is connected to the internal network. 3 Have a second router that is connected to another ISP. 4 Activate another router interface that is connected to the ISP, so the traffic can flow through it.
3 Have a second router that is connected to another ISP.
What three configuration steps must be performed to implement SSH access to a router? (Choose three.) 1 an encrypted password 2 a password on the console line 3 an IP domain name 4 a unique hostname 5 an enable mode password 6 a user account
3 an IP domain name 4 a unique hostname 6 a user account To implement SSH on a router the following steps need to be performed: Configure a unique hostname. Configure the domain name of the network. Configure a user account to use AAA or local database for authentication. Generate RSA keys. Enable VTY SSH sessions.
A newly hired network technician is given the task of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician be concerned with when choosing the new devices? 1 redundant devices 2 devices that have support for network monitoring 3 devices with support for modularity 4 devices with a fixed number and type of interfaces
3 devices with support for modularity In a small business with a large growth forecast, the primary influencing factor would be the ability of devices to support modularity. Devices with a fixed type/number of interfaces would not support growth. Redundancy is an important factor, but typically found in large enterprises. Network monitoring is also an important consideration, but not as important as modularity.
Jeremiah was browsing the internet from his personal computer when a random website offered a free program to clean his system. After the executable was downloaded and running, the operating system crashed. Crucial operating system related files had been corrupted and Jeremiah's computer required a full disk format and operating system re-installation. What type of attack is described in this scenario? 1 access attack 2 denial of service (DoS) attack 3 malware attack 4 reconnaissance attack
3 malware attack
A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection? 1 on-site access to a switch through the use of a directly connected PC and a console cable 2 out-of-band access to a switch through the use of a virtual terminal with password authentication 3 remote access to a switch where data is encrypted during the session 4 remote access to the switch through the use of a telephone dialup connection 5 direct access to the switch through the use of a terminal emulation program
3 remote access to a switch where data is encrypted during the session SSH provides a secure remote login through a virtual interface. SSH provides a stronger password authentication than Telnet. SSH also encrypts the data during the session.
Which backup policy consideration is concerned with using strong passwords to protect the backups and for restoring data? 1 frequency 2 storage 3 security 4 validation
3 security
A technician has established a remote connection to router R1 to observe debug output. The technician enters the debug ip icmp command then pings a remote destination. However, no output is displayed. Which command would the technician have to enter to display log messages on a remote connection? 1 monitor debug output 2 monitor terminal 3 terminal monitor 4 terminal monitor debug
3 terminal monitor
his zone is used to house servers that should be accessible to outside users. 1 inside 2 outside 3 internet 4 DMZ
4 DMZ
Which type of network threat is intended to prevent authorized users from accessing resources? 1 trust exploitation 2 access attacks 3 reconnaissance attacks 4 DoS attacks
4 DoS attacks Network reconnaissance attacks involve the unauthorized discovery and mapping of the network and network systems. Access attacks and trust exploitation involve unauthorized manipulation of data and access to systems or user privileges. DoS, or Denial of Service attacks, are intended to prevent legitimate users and devices from accessing network resources.
When should an administrator establish a network baseline? 1 at the lowest point of traffic in the network 2 when the traffic is at peak in the network 3 when there is a sudden drop in traffic 4 at regular intervals over a period of time
4 at regular intervals over a period of time An effective network baseline can be established by monitoring the traffic at regular intervals. This allows the administrator to take note when any deviance from the established norm occurs in the network.
Which element of scaling a network involves identifying the physical and logical topologies? 1 traffic analysis 2 cost analysis 3 device inventory 4 network documentation
4 network documentation To scale a network, several elements are required: Network documentation - physical and logical topology Device Inventory - list of devices that use or make up the network Budget - Itemized IT budget, including fiscal year equipment purchasing budget Traffic analysis - protocols, applications, and services and their respective traffic requirements should be documented
Sharon, an IT intern at ACME Inc., noticed some strange packets while revising the security logs generated by the firewall. A handful of IP addresses on the internet were sending malformed packets to several different IP addresses, at several different random port numbers inside ACME Inc. What type of attack is described in this scenario? 1 access attack 2 denial of service (DoS) attack 3 malware attack 4 reconnaissance attack
4 reconnaissance attack
What type of attack may involve the use of tools such as nslookup and fping? 1 worm attack 2 access attack 3 denial of service attack 4 reconnaissance attack
4 reconnaissance attack For reconnaissance attacks, external attackers can use Internet tools, such as the nslookup and whois utilities, to easily determine the IP address space assigned to a given corporation or entity. After the IP address space is determined, an attacker can then ping the publicly available IP addresses to identify the addresses that are active. Fping is a ping sweep tool that can help automate this process.
A network technician suspects that a particular network connection between two Cisco switches is having a duplex mismatch. Which command would the technician use to see the Layer 1 and Layer 2 details of a switch port? 1 show ip interface brief 2 show running-config 3 show mac-address-table 4 show interfaces
4 show interfaces The show interfaces command can be used on both routers and switches to see speed, duplex, media type, MAC address, port type, and other Layer 1/Layer 2-related information.
What is the purpose of the network security accounting function? 1 to determine which resources a user can access 2 to require users to prove who they are 3 to provide challenge and response questions 4 to keep track of the actions of a user
4 to keep track of the actions of a user Authentication, authorization, and accounting are network services collectively known as AAA. Authentication requires users to prove who they are. Authorization determines which resources the user can access. Accounting keeps track of the actions of the user.
Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked? 1 social engineering 2 virus 3 Trojan horse 4 worm
4 worm
Which component is designed to protect against unauthorized communications to and from a computer? 1 security center 2 port scanner 3 firewall 4 antimalware 5 antivirus
3 firewall
Which software installed on key hosts can reveal the types of network traffic flowing through the network? 1 Linux 2 MacOS 3 SSH 4 Windows 5 Wireshark
5 Wireshark
Which two traffic types require delay sensitive delivery? (Choose two.) 1 voice 2 FTP 3 email 4 video 5 web
1 voice 4 video Voice and video traffic have delay sensitive characteristics and must be given priority over other traffic types such as web, email, and file transfer traffic.
Which elements are required to scale to a larger network? (Choose two.) 1 budget 2 device configurations 3 increased bandwidth 4 network documentation 5 windows hosts
1 budget 4 network documentation
A computer is used as a print server for ACME Inc. The IT staff failed to apply security updates to this computer for over 60 days. Now the print server is operating slowly, and sending a high number of malicious packets to its NIC. What type of attack is described in this scenario? 1 access attack 2 denial of service (DoS) attack 3 malware attack 4 reconnaissance attack
2 denial of service (DoS) attack
Which benefit does SSH offer over Telnet for remotely managing a router? 1 authorization 2 TCP usage 3 encryption 4 connections via multiple VTY lines
3 encryption
For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task? 1 file system settings 2 MAC address settings 3 firewall settings 4 smartcard settings
3 firewall settings Smartcard and file system settings do not affect network operation. MAC address settings and filtering may be used to control device network access but cannot be used to filter different data traffic types.
Arianna found a flash drive lying on the pavement of a mall parking lot. She asked around but could not find the owner. She decided to keep it and plugged it into her laptop, only to find a photo folder. Feeling curious, Arianna opened a few photos before formatting the flash drive for her own use. Afterwards, Arianna noticed that her laptop camera was active. What type of attack is described in this scenario? 1 access attack 2 denial of service (DoS) attack 3 malware attack 4 reconnaissance attack
3 malware attack
A technician is using the debug ip icmp privileged EXEC command to capture live router output. Which commands would stop this debug command on a Cisco router? (Choose two.) 1 debug ip icmp off 2 no debug debug ip icmp 3 no debug ip icmp 4 undebug all 5 undebug debug ip icmp
3 no debug ip icmp 4 undebug all
Which two network protocols are used to establish a remote access network connection to a device? (Choose two.) 1 File Transfer Protocol (FTP) 2 Hypertext Transfer Protocol (HTTP). 3 Remote Connect (RC) 4 Secure Shell (SSH) 5 Simple Mail Transfer Protocol (SMTP) 6 Telnet
4 Secure Shell (SSH) 6 Telnet
