Building and securing a small network
Which method is used to send ping message specifying source address for ping?
Issue ping command without specifying destination IP address.
Accounting
Keeps track of actions of user
!
Response is successfully received
What is the purpose of small company using protocol analyzer utility to capture network traffic on network segments where company is considering network upgrade?
To document (record) and analyze (examine) network traffic requirements on each network segment
Why would network administrator use tracert utility?
To identify where packet was lost or delayed on network
Stateful packet inspection
Type of firewall filtering prevents or allows access based on whether traffic is in response to requests from internal hosts
show cdp command
Used to prove that layer 1 and 2 connectivity exists between two cisco devices.
ipconfig
Utility used to display TCP/IP addressing and domain name information in Windows client operating systems.
show ip interface
Verify Layer 3 information of interface
Authorization
determines which resources user can access
ipconfig /displaydns
displays all cached dns entries in windows system
Which command renews IP address configuration?
ipconfig /release and ipconfig /renew
You are troubleshooting connectivity issues and need to find out IP address of website. What is the best command to use to accomplish this task?
nslookup
Authentication
requires users to prove who they are
A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?
show cdp neighbors detail
Which command can administrator execute to determine what interface router will use to reach remote networks
show ip route
Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?
terminal monitor
Steps for SSH configuration
Configure domain name Generate RSA keys Create local user Use login local command Use transport input ssh command
.
Connection timed out while waiting for reply
Which network service automatically assigns IP address to devices on network?
DHCP
What feature of SSH makes it more secure than Telnet
Data, encryption, and user login information
arp -a
Displays known IP and MAC address binding
Which ping method allow you to specify source of ping?
Extended ping
Purpose of -6 command option.
Force ping to use IPv6
Maintenance threats
Includes poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling.
Disruption of service
Preventing legitimate users from accessing services to which they are entitled Examples: denial of service attacks on servers, network devices, or network communication links
DoS (Denial of Service)
Preventing legitimate users from accessing website by sending huge number of requests in very short period
IPS (Intrusion Prevention System)
Provides real-time detection and blocking of attacks
U
Router along path did not have route to destination and send ICMP destination unreachable message back to source
Which command would mitigate brute-force password attacks against router
login block-for 120 attempts 3 within 60
How is ping used to examine latency (delay)?
Administrator can compare host-to-host timers from ping command and possible latency issues
Reconnaissance attack
Attack involves threat actor mapping to identify vulnerabilities
redunancy
Attempts to remove any single point of failure
Identity theft
Form of information theft where personal information is stolen for purpose of taking over identity of someone. Using this information, threat actor can obtain legal documents, apply for credit, and make unauthorized online purchases. Growing problem costing billions of dollars per year.
Main steps in troubleshooting
Identify problem Establish theory of probable causes Test theory to determine cause establish plan of action Establish plan of action and implement solution Verify solution and implement preventive measures Document findings, actions and outcomes
Environmental threats
Includes temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry).
Electrical threats
Includes voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss.
Data loss
Installing virus code to destroy images, files, etc on server
A user is redesigning network for small company and wants to ensure security at reasonable price. User deploys new application-aware firewall with intrusion detection capabilities on ISP connection. User installs second firewall to separate company network from public network. Additionally, user installs IPS on internal network of company. What approach is user implementing?
Layered
On which two interfaces or ports can security be improved by configuring executive timeouts?
Line con 0 and vty
Trojan horse
Malicious code that has been written specifically to look like legitimate program
Which attack involves person (or software) positioned between two end points
Man-in-the-middle
Configuration weakness
Network engineer did not close all unused ports on switch Examples : Unsecured user accounts, system accounts with easily guessed passwords, misconfigured internet services, unsecured default settings within products, and misconfigured network equipment
Security policy weakness
Network engineer did not institute policies requiring users to create secure passwords Examples: lack of written security policy, politics, lack of authentication continuity, logical access controls not applied, software and hardware installation and changes do not follow policy, and discover recovery plan is nonexistent
A user reports lack of network connectivity. Technician takes control of user machine and attempts to ping other computers on network and these pings fail. Technician pings default gateway and that also fails. What can be determined for sure by results of these tests?
Nothing can be determined for sure at this point.
Employee complains that Windows PC cannot connect to Internet. Network technician issues ipconfig command on PC and is shown IP address of 169.254.10.3. Which two conclusions can be drawn?
PC cannot contact DHCP server. PC is configured to obtain IP address automatically.
Hardware threats
Phyiscal damage to servers, routers, switches, cabling, plant, and workstations
What is the advantage of using SSH over Telnet?
SSH provides secure communications to access hosts.
Which statement describes the ping and tracert commands?
Tracert shows each hop, while ping shows a destination reply only.
URL filtering
Type of firewall filtering prevents or allows access based on web addresses or keywords
What information about Cisco router can be verified using show version command?
Value of configuration register
show running-config
Verify current configuration and settings
show interfaces
Verify interface status and see if there are any error messages
Information theft
Breaking into computer to obtain confidential information Information can be used or sold for various purposes such as when someone is stealing proprietary information of organization, like research and development data
What five configuration actions have to performed to complete SSH configuration?
Configure host name Configure IP domain name Generate key to encrypt SSH traffic Create user. Username password Authenticate from local database, login local Enable inbound SSH sessions, transport input SSH
What is the most effective way to mitigate worm attack?
Download security updates from operating system vendor and patch all vulnerable systems
An administrator decides to use "WhatAreyouwaiting4" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a passphrase.
Packet filtering
Kind of firewall filtering or allows access based on IP or MAC addresses of source and destination
Application filtering
Kind of firewall filtering prevents or allows access based on port numbers
show arp
Verify list of known hosts on local Ethernet LANs
show protocols
Verify which protocols are operational
ipconfig /all
View MAC address and number of details regarding layer 3 addressing of device
You are upgrading small network to give high priority to real-time applications traffic. What two types of networking services are you accommodating?
Voice and video
Technological weakness
Vulnerabilities are discovered on operating system or network device Examples: TCP/IP protocol weakness, operating system weakness, and network equipment weakness
Purpose of tracert command
Identify path packet takes from source to destination. Used when packets are delayed, dropped or not reaching (clearly identified) specific destination