Ch. 10 - LAN Security Concepts
A. Address spoofing
A threat actor changes the MAC address of the threat actor's device to the MAC address of the default gateway. What type of attack is this? A. Address spoofing B. ARP spoofing C. CDP reconnaissance D. DHCP starvation E. STP attack F. VLAN hopping
F. VLAN hopping
A threat actor configures a host with the 802.1Q protocol and forms a trunk with the connected switch. What type of attack is this? A. Address spoofing B. ARP spoofing C. CDP reconnaissance D. DHCP starvation E. STP attack F. VLAN hopping
C. CDP reconnaissance
A threat actor discovers the IOS version and IP addresses of the local switch. What type of attack is this? A. Address spoofing B. ARP spoofing C. CDP reconnaissance D. DHCP starvation E. STP attack F. VLAN hopping
D. DHCP starvation
A threat actor leases all the available IP addresses on a subnet. What type of attack is this? A. Address spoofing B. ARP spoofing C. CDP reconnaissance D. DHCP starvation E. STP attack F. VLAN hopping
E. STP attack
A threat actor sends a BPDU message with priority 0. What type of attack is this? A. Address spoofing B. ARP spoofing C. CDP reconnaissance D. DHCP starvation E. STP attack F. VLAN hopping
B. ARP spoofing
A threat actor sends a message that causes all other devices to believe the MAC address of the threat actor's device is the default gateway. What type of attack is this? A. Address spoofing B. ARP spoofing C. CDP reconnaissance D. DHCP starvation E. STP attack F. VLAN hopping
C. authorization
Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? A. authentication B. accounting C. authorization D. auditing E. accessibility
A. RADIUS
In a server-based AAA implementation, which protocol will allow the router to successfully communicate with the AAA server? A. RADIUS B. SSH C. 802.1x D. TACACS
B. Authenticator
In an 802.1X implementation, which device is responsible for relaying responses? A. Supplicant B. Authenticator C. Router D. Authentication server E. Client
true
True or False?In the 802.1X standard, the client attempting to access the network is referred to as the supplicant. true false
D. A legitimate network IP address is hijacked by a rogue node.
What is involved in an IP address spoofing attack? A. A rogue node replies to an ARP request with its own MAC address indicated for the target IP address. B. Bogus DHCPDISCOVER messages are sent to consume all the available IP addresses on a DHCP server. C. A rogue DHCP server provides false IP configuration parameters to legitimate DHCP clients. D. A legitimate network IP address is hijacked by a rogue node.
C. The switch will forward all received frames to all other ports within the VLAN.
What is the behavior of a switch as a result of a successful MAC address table attack? A. The switch will shut down. B. The switch interfaces will transition to the error-disabled state. C. The switch will forward all received frames to all other ports within the VLAN. D. The switch will drop all received frames.
C. to collect and report application usage
What is the purpose of AAA accounting? A. to prove users are who they say they are B. to determine which operations the user can perform C. to collect and report application usage D. to determine which resources the user can access
D. Enable port security.
What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow? A. Disable DTP. B. Disable STP. C. Place unused ports in an unused VLAN. D. Enable port security.
C. Port security
What mitigation technique must be implemented to prevent MAC address overflow attacks? A. IPSG B. DAI C. Port security D. DHCP snooping
A. accounting, C. authorization, & F. authentication
What three services are provided by the AAA framework? (Choose three.) A. accounting B. automation C. authorization D. autobalancing E. autoconfiguration F. authentication
C. TACACS+ & D. RADIUS
What two protocols are supported on Cisco devices for AAA communications? (Choose two.) A. HSRP B. LLDP C. TACACS+ D. RADIUS E. VTP
A. So that the threat actor can see frames that are destined for other devices.
What would be the primary reason a threat actor would launch a MAC address overflow attack? A. So that the threat actor can see frames that are destined for other devices. B. So that the threat actor can execute arbitrary code on the switch. C. So that the switch stops forwarding traffic. D. So that legitimate hosts cannot obtain a MAC address.
A. Layer 2
When security is a concern, which OSI Layer is considered to be the weakest link in a network system? A. Layer 2 B. Layer 3 C. Layer 4 D. Layer 7
C. Accounting
Which AAA component is responsible for collecting and reporting usage data for auditing and billing purposes? A. Authentication B. Authorization C. Accounting
A. Authentication
Which AAA component is responsible for controlling who is permitted to access the network? A. Authentication B. Authorization C. Accounting
B. Authorization
Which AAA component is responsible for determining what the user can access? A. Authentication B. Authorization C. Accounting
B. IP Source Guard
Which Cisco solution helps prevent MAC and IP address spoofing attacks? A. DHCP Snooping B. IP Source Guard C. Dynamic ARP Inspection D. Port Security
B. MAC address overflow
Which Layer 2 attack will result in a switch flooding incoming frames to all ports? A. IP address spoofing B. MAC address overflow C. ARP poisoning D. Spanning Tree Protocol manipulation
D. DHCP starvation
Which Layer 2 attack will result in legitimate users not getting valid IP addresses? A. IP address spoofing B. ARP spoofing C. MAC address flooding D. DHCP starvation
D. Ransomware
Which attack encrypts the data on hosts in an attempt to extract a monetary payment from the victim? A. DDoS B. Data breach C. Malware D. Ransomware
D. WSA
Which device monitors HTTP traffic to block access to risky sites and encrypt outgoing messages? A. NGFW B. ESA C. NAC D. WSA
B. ESA
Which device monitors SMTP traffic to block threats and encrypt outgoing messages to prevent data loss? A. NGFW B. ESA C. NAC D. WSA
A. VPN-enabled router, B. NGFW, & E. NAC
Which devices are specifically designed for network security? (Choose three) A. VPN-enabled router B. NGFW C. Switch D. WLC E. NAC
B. VPN, C. Firewalls, & E. IPS devices
Which of the following mitigation techniques are used to protect Layer 3 through Layer 7 of the OSI Model? (Choose three.) A. DHCP snooping B. VPN C. Firewalls D. IPSG E. IPS devices
C. DAI
Which of the following mitigation techniques prevents ARP spoofing and ARP poisoning attacks? A. IPSG B. DHCP snooping C. DAI D. Port security
B. DHCP snooping
Which of the following mitigation techniques prevents DHCP starvation and DHCP spoofing attacks? A. IPSG B. DHCP snooping C. DAI D. Port security
A. IPSG
Which of the following mitigation techniques prevents MAC and IP address spoofing? A. IPSG B. DHCP snooping C. DAI D. Port security
D. Port security
Which of the following mitigation techniques prevents many types of attacks including MAC address table overflow and DHCP starvation attacks? A. IPSG B. DHCP snooping C. DAI D. Port security
C. CDP
Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack? A. HTTP B. FTP C. CDP D. LLDP
B. Email Security Appliance, D. NAC Appliance, & F. Web Security Appliance
Which three Cisco products focus on endpoint security solutions? (Choose three.) A. Adaptive Security Appliance B. Email Security Appliance C. SSL/IPsec VPN Appliance D. NAC Appliance E. IPS Sensor Appliance F. Web Security Appliance
B. It provides a fallback authentication method if the administrator forgets the username or password.
Why is authentication with AAA preferred over a local database method? A. It specifies a different password for each line or port. B. It provides a fallback authentication method if the administrator forgets the username or password. C. It uses less network bandwidth. D. It requires a login and password combination on the console, vty lines, and aux ports.
