Building and securing a small network

Which method is used to send ping message specifying source address for ping?

Issue ping command without specifying destination IP address.

Accounting

Keeps track of actions of user

!

Response is successfully received

What is the purpose of small company using protocol analyzer utility to capture network traffic on network segments where company is considering network upgrade?

To document (record) and analyze (examine) network traffic requirements on each network segment

Why would network administrator use tracert utility?

To identify where packet was lost or delayed on network

Stateful packet inspection

Type of firewall filtering prevents or allows access based on whether traffic is in response to requests from internal hosts

show cdp command

Used to prove that layer 1 and 2 connectivity exists between two cisco devices.

ipconfig

Utility used to display TCP/IP addressing and domain name information in Windows client operating systems.

show ip interface

Verify Layer 3 information of interface

Authorization

determines which resources user can access

ipconfig /displaydns

displays all cached dns entries in windows system

Which command renews IP address configuration?

ipconfig /release and ipconfig /renew

You are troubleshooting connectivity issues and need to find out IP address of website. What is the best command to use to accomplish this task?

nslookup

Authentication

requires users to prove who they are

A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?

show cdp neighbors detail

Which command can administrator execute to determine what interface router will use to reach remote networks

show ip route

Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?

terminal monitor

Steps for SSH configuration

Configure domain name Generate RSA keys Create local user Use login local command Use transport input ssh command

.

Connection timed out while waiting for reply

Which network service automatically assigns IP address to devices on network?

DHCP

What feature of SSH makes it more secure than Telnet

Data, encryption, and user login information

arp -a

Displays known IP and MAC address binding

Which ping method allow you to specify source of ping?

Extended ping

Purpose of -6 command option.

Force ping to use IPv6

Maintenance threats

Includes poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling.

Disruption of service

Preventing legitimate users from accessing services to which they are entitled Examples: denial of service attacks on servers, network devices, or network communication links

DoS (Denial of Service)

Preventing legitimate users from accessing website by sending huge number of requests in very short period

IPS (Intrusion Prevention System)

Provides real-time detection and blocking of attacks

U

Router along path did not have route to destination and send ICMP destination unreachable message back to source

Which command would mitigate brute-force password attacks against router

login block-for 120 attempts 3 within 60

How is ping used to examine latency (delay)?

Administrator can compare host-to-host timers from ping command and possible latency issues

Reconnaissance attack

Attack involves threat actor mapping to identify vulnerabilities

redunancy

Attempts to remove any single point of failure

Identity theft

Form of information theft where personal information is stolen for purpose of taking over identity of someone. Using this information, threat actor can obtain legal documents, apply for credit, and make unauthorized online purchases. Growing problem costing billions of dollars per year.

Main steps in troubleshooting

Identify problem Establish theory of probable causes Test theory to determine cause establish plan of action Establish plan of action and implement solution Verify solution and implement preventive measures Document findings, actions and outcomes

Environmental threats

Includes temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry).

Electrical threats

Includes voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss.

Data loss

Installing virus code to destroy images, files, etc on server

A user is redesigning network for small company and wants to ensure security at reasonable price. User deploys new application-aware firewall with intrusion detection capabilities on ISP connection. User installs second firewall to separate company network from public network. Additionally, user installs IPS on internal network of company. What approach is user implementing?

Layered

On which two interfaces or ports can security be improved by configuring executive timeouts?

Line con 0 and vty

Trojan horse

Malicious code that has been written specifically to look like legitimate program

Which attack involves person (or software) positioned between two end points

Man-in-the-middle

Configuration weakness

Network engineer did not close all unused ports on switch Examples : Unsecured user accounts, system accounts with easily guessed passwords, misconfigured internet services, unsecured default settings within products, and misconfigured network equipment

Security policy weakness

Network engineer did not institute policies requiring users to create secure passwords Examples: lack of written security policy, politics, lack of authentication continuity, logical access controls not applied, software and hardware installation and changes do not follow policy, and discover recovery plan is nonexistent

A user reports lack of network connectivity. Technician takes control of user machine and attempts to ping other computers on network and these pings fail. Technician pings default gateway and that also fails. What can be determined for sure by results of these tests?

Nothing can be determined for sure at this point.

Employee complains that Windows PC cannot connect to Internet. Network technician issues ipconfig command on PC and is shown IP address of 169.254.10.3. Which two conclusions can be drawn?

PC cannot contact DHCP server. PC is configured to obtain IP address automatically.

Hardware threats

Phyiscal damage to servers, routers, switches, cabling, plant, and workstations

What is the advantage of using SSH over Telnet?

SSH provides secure communications to access hosts.

Which statement describes the ping and tracert commands?

Tracert shows each hop, while ping shows a destination reply only.

URL filtering

Type of firewall filtering prevents or allows access based on web addresses or keywords

What information about Cisco router can be verified using show version command?

Value of configuration register

show running-config

Verify current configuration and settings

show interfaces

Verify interface status and see if there are any error messages

Information theft

Breaking into computer to obtain confidential information Information can be used or sold for various purposes such as when someone is stealing proprietary information of organization, like research and development data

What five configuration actions have to performed to complete SSH configuration?

Configure host name Configure IP domain name Generate key to encrypt SSH traffic Create user. Username password Authenticate from local database, login local Enable inbound SSH sessions, transport input SSH

What is the most effective way to mitigate worm attack?

Download security updates from operating system vendor and patch all vulnerable systems

An administrator decides to use "WhatAreyouwaiting4" as the password on a newly installed router. Which statement applies to the password choice?

It is strong because it uses a passphrase.

Packet filtering

Kind of firewall filtering or allows access based on IP or MAC addresses of source and destination

Application filtering

Kind of firewall filtering prevents or allows access based on port numbers

show arp

Verify list of known hosts on local Ethernet LANs

show protocols

Verify which protocols are operational

ipconfig /all

View MAC address and number of details regarding layer 3 addressing of device

You are upgrading small network to give high priority to real-time applications traffic. What two types of networking services are you accommodating?

Voice and video

Technological weakness

Vulnerabilities are discovered on operating system or network device Examples: TCP/IP protocol weakness, operating system weakness, and network equipment weakness

Purpose of tracert command

Identify path packet takes from source to destination. Used when packets are delayed, dropped or not reaching (clearly identified) specific destination