IT 330 Exam 2

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

What is a Type I hypervisor?

A hypervisor that runs directly on computer hardware

Which of the following best describes a network address translation?

A network translation (NAT) enables a private IP network to connect to the internet

How is a network-based MITM attack executed?

A network-based MITM attack involves a threat actor who inserts himself into a conversation between two parties. The actor impersonates both parties to gain access to information they are sending to each other. Neither of the legitimate parties is aware of the presence of the threat actor and thus communicate freely, thinking they are talking only to the authentic party.

What type of network access control uses Active Directory to scan a device to verify that it is in compliance?

Agentless NAC

What process links several certificates together to establish trust between all the certificates involved?

Certificate Chaining

Which of the following protects SNMP-managed devices from unauthorized access?

Community String

In an interview, Tom was asked to give a brief on how containers perform virtualization. How should Tom reply?

Containers use OS components for virtualization

The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done?

Create a VLAN and add the users' computers / ports to the correct VLAN

What type of attack is being performed when multiple computers overwhelm a system with fake requests?

DDoS

How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?

DNS poisoning

Which of the following is a feature of secrets management?

Default Encryption

A digital certificate is a technology used to associate a user's identity to a private key.

False

Which of the following tools can be used to secure multiple VMs?

Firewall Virtual appliance

What is the name of a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?

Forward proxy Server

What term is used to describe the software agents that are used by NAC and installed on devices to gather information?

Host health agents

Which type of intrusion detection system can also block attacks?

Inline

As a cybersecurity specialist, you are asked to defend the web app hosted by your enterprise from web application attacks like cross-site scripting, SQL injections, etc. Which of the following actions should you take?

Install WAF

An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is transparent to the end users?

Load Balancing

What type of additional attack does ARP spoofing rely on?

MAC Spoofing

Which of the following are considered to be interception attacks?

Man-in-the-middle, replay attacts

Which of the following is a valid way to check the status of a certificate?

Online Certificate Status Protocol, Certificate Revocation List

On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?

Privilege Escalation

A framework for all of the entities involved in digital certificates for digital certificate management is known as:

Public Key Infrastructure

What is a jump box used for?

Restricting access to a demilitarized zone

An attack that takes advantage of the procedures for initiating a session is known as what type of attack?

SYN Flood Attatack

Which of the following tools can be used to protect containers from attack?

Security Enhanced Linux

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

Session Hijacking

Which of the following is a deception instrument?

Sinkhole, Honeypot

In an interview, Max was asked to tell one difference between a software firewall and a virtual firewall. How should Max answer?

Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.

In _____, VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet.

Split Tunneling

A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?

Stateful packet filtering

David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed?

Take a screenshot of the virtual machine before testing the configuration

A certificate repository (CR) is a publicly accessible centralized directory of digital certificates.

True

You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal?

Use private subnets for backend servers

In a practical test, Steve was asked to securely connect different on-premises computing devices with a database deployed in the cloud. What action is Steve taking?

Using next-generation secure web gateway

The head of cybersecurity at your enterprise has asked you to set up an IDS that can create the baseline of all system activities and raise an alarm whenever any abnormal activities take place, without waiting to check the underlying cause. Which of the following actions should you take?

You should set up an IDS with anomaly based monitoring methodology.

If a MAC address is permanently "burned" into a network interface card, how can an attacker change the MAC address to perform an ARP poisoning attack?

because the MAC address is stored in a software ARP cache, it can be changed there, which would then result in the corresponding IP address pointing to a different computer.

Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected?

data loss prevention

What process will remove all private and public keys along with the user's identification information in the CA?

destruction

Which of the following certificates verifies the identity of the entity that has control over the domain name?

domain validation digital certificate

Which of the following best describes the cloud access security broker?

ensures the security policies of the enterprise comply with the cloud.

At what stage can a certificate no longer be used for any type of authentication?

expiration

Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs?

host-based intrusion detection system

The process by which keys are managed by a third party, such as a trusted CA, is known as?

key escrow

What two locations can be a target for DNS poisoning?

local host table, external DNS server

What type of attack intercepts communication between parties to steal or manipulate the data?

man-in-the-browser

What role does a key recovery agent fulfill in an enterprise environment?

responsible for recovering lost or damaged digital certificates

Which of the following certificates are self-signed?

root digital certificates

In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply?

the virtual machine can be migrated to another physical machine with more capabilities.


संबंधित स्टडी सेट्स

Week 8-9 CH: 9 The Problem of Evil: Is there Evidence against God's Existence?

View Set

chapter 23:goat breed identification and production mangement

View Set

Ch26:Respiratory Assessment, ATI- 17-25

View Set

Wk. 3 - measures of center/location, 5 # sum., boxplot

View Set