QUIZ 4 (CH 7-8)
The acronym is about end users having the freedom to use their personal devices (laptops, tablets, smartphones) to access information and communicate across the corporate network.
BYOD
What technique is a security attack that depletes the pool of IP addresses available for legitimate hosts?
DHCP starvation
Which of the following offers a free service called Automated Indicator that enables the real-time exchange of cyberthreat indicators?
Department of Homeland Security
Which network monitoring technology collects IP operational data on packets flowing through Cisco routers and multilayer switches?
NetFlow
What is a characteristic of a layered defense-in-depth security approach?
One safeguard failure does not affect the effectiveness of other safeguards.
Which monitoring technology mirrors traffic flowing through a switch to an analysis device connected to another switch port?
SPAN
Which language is used to query a relational database?
SQL
Which technology is a proprietary SIEM system?
Splunk
What is privilege escalation?
Vulnerabilities in systems are exploited to grant higher levels of privilege than someone or some process should have
Which network monitoring tool is in the category of network protocol analyzers?
Wireshark
Which network monitoring tool saves captured network frames in PCAP files?
Wireshark
Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources?
accounting
With the evolution of borderless networks, which vegetable is now used to describe a defense-in-depth approach?
artichoke
A/An is anything within IT that is of value that needs protection including information, and infrastructure devices such as servers, routers, access points, switches, and firewalls.
asset
Passwords, passphrases, and PINs are examples of which security term?
authentication
What are two characteristics of the RADIUS protocol? (Choose two.)
encryption of the password only the use of UDP ports for authentication and accounting
During the AAA process, when will authorization be implemented?
immediately after successful authentication against an AAA data source
Which network technology uses a passive splitting device that forwards all traffic, including Layer 1 errors, to an analysis device?
network tap
The principle of least ____________ specifies a limited, as-needed approach to granting users the minimum amount of access required to perform work.
privilege
A DNS _____________ attack is used to build botnets to bypass traditional security solutions.
tunneling
