Cyber Unit 5 Review
Which of the following BEST describes a honeyfile?
A single file setup to entice and trap attackers.
Which of the following switch attacks associates the attacker's MAC address with the IP address of the victim's devices?
ARP spoofing/poisoning
Which of the following scenarios would typically utilize 802.1x authentication?
Controlling access through a switch
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
DDoS
Anti-phishing software
Permanent
You are part of a committee that is meeting to define how Network Access Control (NAC) should be implemented in the organization. Which step in the NAC process is this?
Plan
Which of the following does a router use to determine where packets are forwarded to?
Routing table
Which VPN implementation uses routers on the edge of each site?
Site-to-site VPN
You have just installed a packet-filtering firewall on your network. Which options are you able to set on your firewall? (Select all that apply.)
Source address of a packet, Port number, Destination address of a packet
Which VPN tunnel style routes only certain types of traffic?
Split
A VPN is primarily used for which of the following purposes?
Support secured communications over an untrusted network
When configuring VLANs on a switch, what is used to identify which VLAN a device belongs to?
Switch port
Which of the following is commonly created to segment a network into different zones?
VLANs
You are configuring web threat protection on the network and want to prevent users from visiting www.videosite.org. Which of the following needs to be configured?
Website filtering
In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
You want to protect a public web server from attack.
Which of the following is a typical goal of MAC spoofing?
Bypass 802.1x port-based security
Which common design feature among instant messaging clients make them less secure than other means of communicating over the internet?
Peer-to-peer networking
Which of the following is a benefit of P2P applications?
Shared resources
Dynamic Trunking Protocol
Should be disabled on the switch's end user (access) ports before implementing the switch configuration into the network.
A proxy server can be configured to do which of the following?
Restrict users on the inside of a network from getting out to the internet.
Which of the following NAC agent types creates a temporary connection?
Dissolvable
Which of the following is susceptible to social engineering exploits?
Instant messaging
Which classification of attack type does packet sniffing fall under?
Passive
Attempting to gather information without affecting the flow of information on the network.
Passive attack
Which of the steps in the Network Access Control (NAC) implementation process occurs once the policies have been defined?
Apply
Sniffing network packets or performing a port scan.
Passive attack
Which 802.1Q priority is IP phone traffic on a voice VLAN tagged with by default?
5
You connect your computer to a wireless network available at the local library. You find that you can access all of the websites you want on the internet except for two. What might be causing the problem?
A proxy server is blocking access to the websites.
Which of the following should be configured on the router to filter traffic at the router level?
Access control list
You are the security analyst for your organization and have discovered evidence that someone is attempting to brute-force the root password on the web server. Which classification of attack type is this?
Active
Attempting to find the root password on a web server by brute force.
Active attack
Perpetrators attempt to compromise or affect the operations of a system.
Active attack
Which of the following NAC agent types would be used for IoT devices?
Agentless
Which of the following happens by default when you create and apply a new ACL on a router?
All traffic is blocked.
As the security analyst for your organization, you have noticed an increase in emails that attempt to trick users into revealing confidential information. Which web threat solution should you implement to protect against these threats?
Anti-phishing software
Which of the following defines all the prerequisites a device must meet in order to access a network?
Authentication
Which of the following applies the appropriate policies in order to provide a device with the access it's defined to receive?
Authorization
An attacker was able to gain unauthorized access to a mobile phone and install a Trojan horse so that he or she could bypass security controls and reconnect later. Which type of attack is this an example of?
Backdoor
While developing a network application, a programmer adds functionally that allows her to access the running program without authentication so she can capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. Which type of security weakness does this describe?
Backdoor
MAC spoofing
Can be used to hide the identity of the attacker's computer or impersonate another device on the network.
Should be disabled on the switch's end user (access) ports before implementing the switch configuration into the network.
Causes packets to fill up the forwarding table and consumes so much of the switch's memory that it enters a state called Fail Open Mode.
A network device is given an IP address of 172.16.0.55. Which type of network is this device on?
Class B private network
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ.
The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so that only library computers are permitted connectivity to the internet. What can you do? Incorrect response:
Configure port security on the switch.
Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.)
Configure the browser to send HTTPS requests through the VPN connection & Configure the VPN connection to use IPsec
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted internet?
DMZ
Where should an organization's web server be placed?
DMZ
Which of the following best describes the concept of a virtual LAN?
Devices on the same network logically grouped as if they were on separate networks.
Which area of focus helps to identify weak network architecture or design?
Documentation
You want to connect your small company network to the internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. Which type of Network Address Translation (NAT) should you implement?
Dynamic
Which NAT implementation assigns two IP addresses to the public NAT interface, allowing traffic to flow in both directions?
Dynamic and static
Which IPSec subprotocol provides data encryption?
ESP
Travis is sending a highly confidential email to Craig that contains sensitive data. Which of the following should Travis implement to ensure that only Craig is able to read the email?
Encryption
Which area of focus do public-facing servers, workstations, Wi-Fi networks, and personal devices fall under?
Entry points
Unauthorized individuals try to breach a network from off-site.
External attack
Which of the following are characteristics of a packet-filtering firewall? (Select two.)
Filters IP address and port & Stateless
Which of the following are functions of gateway email spam filters? (Select two.)
Filters messages containing specific content & Blocks email from specific senders
An attacker has gained access to the administrator's login credentials. Which type of attack has most likely occurred?
Password cracking
Which of the following types of proxies would you use to remain anonymous when surfing the internet?
Forward
Jessica needs to set up a firewall to protect her internal network from the internet. Which of the following would be the BEST type of firewall for her to use?
Hardware
Which of the following are characteristics of a complex password? (Select two.)
Has a minimum of eight characters & Consists of letters, numbers, and symbols
You want to create a collection of computers on your network that appear to have valuable data but actually store fake data that could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the attacker's methods. Which feature should you implement?
Honeynet
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from internet-based attacks. Which solution should you use?
Host-based firewall
What is Cisco's Network Access Control (NAC) solution called?
Identity Services Engine (ISE)
Which VPN protocol typically employs IPsec as its data encryption mechanism?
L2TP
At which layer of the OSI model do NAT routers operate?
Layer 3 (Network layer)
You are configuring the security settings for your network. You have decided to configure a policy that requires any computer connecting to the network to run at least Windows 10 version 2004. Which of the following have you configured?
NAC
Your network architecture employs multiple VLANs for each of these network zones. Each zone is separated by a firewall that ensures only specific traffic is allowed. Which of the following is the secure architecture concept that is being used on this network?
Network segmentation
Which of the following can make passwords useless on a router?
Not controlling physical access to the router
Which of the following BEST describes zero-trust security?
Only devices that pass both authentication and authorization are trusted.
Which of the following is the MOST likely to happen if the firewall managing traffic into the DMZ fails?
Only the servers in the DMZ are compromised, but the LAN will stay protected.
Which of the following VPN protocols is no longer considered secure?
PPTP
A relatively new employee in the data entry cubical farm was assigned a user account similar to the other data entry employees' accounts. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?
Privilege escalation
Which of the following are features of an application-level gateway? (Select two.)
Reassembles entire messages & Stops each packet at the firewall for inspection
You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these servers?
Static
You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website. What should you use to allow access?
Static NAT
A virtual LAN can be created using which of the following?
Switch
Which statement BEST describes IPsec when used in tunnel mode?
The entire data packet, including headers, is encapsulated
Which problem does NAT help address?
The shortage of IPv4 addresses
ARP spoofing/poisoning
The source device sends frames to the attacker's MAC address instead of to the correct device.
A honeypot is used for which purpose?
To delay intruders in order to gather auditing data
Which of the following types of proxies can be used for web filtering?
Transparent
You've configured the management interface with a username of admin and a password of password. What should you do to increase the security of this device?
Use a stronger administrative password.
As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)
Virus scanner & Spam Filters
You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to internet users. Which solution should you use?
Use firewalls to create a DMZ. Place the web server inside the DMZ and the private network behind the DMZ.
Your organization has started receiving phishing emails. You suspect that an attacker is attempting to find an employee workstation they can compromise. You know that a workstation can be used as a pivot point to gain access to more sensitive systems. Which of the following is the MOST important aspect of maintaining network security against this type of attack?
User education and training
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
VLAN
A group of salesmen would like to remotely access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
VPN concentrator
