ITN 263 Midterm Pt 1

A first-year student in a computer networking class is studying different addressing types and attempting to identify them. Which of the following does she determine is a Media Access Control (MAC) address?

00-14-22-01-23-45

Tonya is a student. She is working through a network addressing scheme example for a class. She has read that the 128-bit address 2001:0f58:0000:0000:0000:1986:62af can be shortened but is trying to understand how. What is the correct solution?

2001:0f58::1986:62af

A company's cybersecurity trainer is recording a Lunch and Learn video for new employees. The trainer discusses the dangers of spam. Besides being annoying, what other problem could spam cause?

A spam email could contain a link to what appears as a benign or beneficial website that could, if clicked, upload malicious software to eh user's computer.

Which of the following is a feature of NTFS that allows complete additional files to successfully hide beneath any normal file object and be almost undetectable?

Alternate Data Streams (ADS)

The IT security officer for a large company has spent the past year upgrading security for the corporate network. Employees working from home have personal firewalls running on their computers. They use a virtual private network (VPN) to connect to the corporate network. The corporate network utilizes the latest devices and techniques, including an intrusion detection system/intrusion prevention system (IDS/IPS), anti-malware protection, and firewalls. What security threat most likely still needs to be addressed?

An internal threat, such as a disgruntled employee or contractor

Which of the following roles is most commonly responsible for observing system and user activity, looking for violations, trends towards bottlenecks, and attempts to perform violations?

Auditor

Estefan is a network professional for an e-commerce company. The chief information officer (CIO) wants the customer web portal downtime to be reduced from 5 minutes per year to 30 seconds per year. The change should occur over the next 6 months. Which security objective must Estefan employ to accomplish this goal?

Availability

You are setting up a small home network. You want all devices to communicate with each other. You assign IPv4 addresses between 192.168.0.1 and 192.168.0.6 to the devices. What processes must still be configured so that these nodes can communicate with the Internet?

Both network address translation (NAT) and port address translation (PAT) must be enabled to allow private network addresses to be translated to a random external port and public IP address.

Miles is an IT consultant. He is given the specifications of a networking project for the new campus of a multinational corporation. Among the requirements, switches and wireless access points (WAPs_ must interconnect all nose, the network must use hardware firewalls, and it must support single sign-on (SSO). Which network infrastructure does he select that fulfills these requirements?

Client/server

Temika is the IT security officer for her company. The CIO has told her that network security success is not about preventing all possible attacks or compromises. Of the following, what goal or accomplishment should she work toward?

Continually improving the state of security so that, as time passes, the network is better protected than it was in the past

A malicious person has installed ransomware on a company user's computer. The ransomware message states that the malicious software will be removed if the user pays a certain amount of money digitally. What is a typical form of payment?

Cryptocurrency

Which OSI model layer deals with frames?

Data Link Layer

Which type of boundary network hosts resource servers for the public Internet?

Demilitarized zone (DMZ)

Agents, bots, and zombies are part of which type of attack?

Distributed denial of service (DDoS) attack

Khalilah is a network engineer. She is devising a plan to help her company's infrastructure transition from IPv4 to IPv6 addressing. She selects a solution where both IPv4 and IPv6 protocol stacks coexist in the same network equipment, allowing network communication using both protocols. Which solution did she choose?

Dual-stack

In which form of social engineering does the malicious person physically go through trash cans and other refuse looking for valuable information about a network such as IP addresses, usernames, and passwords?

Dumpster diving

A WAN is a network limited by geographic boundaries.

False

A backdoor acts like a device driver, positioning itself between the kernel (the core program of an operating system) and the hardware.

False

A breach is any attempt to get past a network's defenses.

False

A router has only two ports because the device connects only two local area networks (LANs).

False

Cross-site scripting (XSS) grants a hacker access to a back-end database.

False

Eavesdropping occurs over wireless connections, not wired connections.

False

In any organization, network administrators have the ultimate and final responsibility for security.

False

In terms of networking, permission is the abilities granted on the network.

False

In terms of networking, privilege is the authorization to access an asset.

False

Integrity is the protection against unauthorized access, while providing authorized users access to resources without obstruction.

False

Network switches provide network segmentation through logical addressing.

False

Ransomware is defined as unwanted and unrequested email.

False

Recreational hackers are criminals whose sole career objective is to compromise IT infrastructures.

False

Subnetting and VLANing are methods used to create physical networks.

False

The LAN Domain of an IT infrastructure includes routers, firewalls, and switches.

False

The bus topology has an independent cable to each device on a network.

False

The physical topology is how the network appears from any device or user and is governed by policy and access rather than by physical connectivity.

False

Wireless networks are more secure than wired networks.

False

Which form of firewall filtering is NOT as clear or distinct as other types?

Filtering on whether an address is real or spoofed

A chief information officer (CIO) works for a mid-sized company located on the California cost. The CIO is developing a disaster plan for the IT infrastructure in the event of an earthquake powerful enough to damage or destroy network and computing equipment, including the database servers. What can she do to protect valuable company data even under the worst circumstances?

Have the data regularly backed up and stored in a secure, off-site facility not prone to such environmental dangers.

To secure the System/Application Domain of an IT infrastructure, what is the primary focus?

In a collection of servers and virtualized systems, defending both data and server computing power

An IT infrastructure manager is reviewing the company's computer assets, particularly the mean time to failure (MTTF) of the PC and server hard drives. The manufacturer of the hard drives typically used in the company states that the MTTF is approximately 11 years. Because servers and some high-priority workstations must operate continuously except for brief periods of maintenance, how many hours, on average, can these hard drives be expected to operate before failure?

More than 90,000 hours

Which type of boundary network creates a series of subnets separated by firewalls?

N-tier

Which network security technology can block or restrict access if a computer does NOT have the latest antivirus update, a certain security patch, or a host firewall?

Network access control (NAC)

Which fragmentation attack results in full or partial overwriting of datagram components?

Overlap

As part of the bring your own device (BYOD) program, the company CIO is encouraging employees to use their personal devices for business purposes. However, an attacker with the right kind of antenna can access the wireless network from a great distance, putting internal assets at risk. Of the following, what is the best solution?

Physically isolate wireless access from the wired network.

Which type of hacker is a criminal whose career objective is to compromise IT infrastructures?

Professional

Eduardo is configuring a system that allows multiple users working from home to connect to the office network over a wide area network (WAN) link. The platform is required to accept inbound connections from those user computers, allowing the clients to interact with the network as if they were locally connected. What is he working on?

Remote access server (RAS)

A mid-sized company's IT security engineer is attempting to make it more difficult for the company's wireless network to be compromised. She is using techniques such as random challenge-response dialogue for authentication, timestamps on authentication exchanges, and one-time pad or session-based encryption. What form of wireless attack is she defending against?

Replay

The imitation of source email, Internet Protocol (IP), or Media Access Control (MAC) addresses is part of which type of attack?

Spoofing

Which network device differentiates network traffic using Layer 2 of the OSI model?

Switch

A brouter performs the functions of both a bridge and a router.

True

A demilitarized zone (DMZ) is a boundary network that hosts resource servers for the public Internet.

True

A gateway is a device that connects two networks that use dissimilar protocols for communication.

True

A network switch avoids collisions by reviewing the Media Access Control (MAC) address to determine where each data packet is meant to go.

True

A router is a wired or wireless device that routes traffic between network segments.

True

A small office/home office (SOHO) environment can be a workgroup or a client/server network.

True

A wireless network topology uses some wire.

True

In a full connection mesh topology, all devices on a network are connected to all other devices.

True

In the context of networks, the term "topology" refers to the order and arrangement of the elements of a communications network.

True

Logical networks limit access to data and resources by allowing only those individuals and devices that require such access permission to access them.

True

One of the improvements of IPv6 versus IPv4 is better security.

True

Remote control is the ability to use a local computer system to remotely take over control of another computer over a network connection.

True

Wired topologies have a physical wire between devices, allowing for communication among those devices.

True

With single sign-on (SSO), users need to log on to the network only once during a session.

True

You are a network professional. You want to overcome the security shortcomings of the Domain Name System (DNS). Of the following, what is one of those shortcomings?

Use of a plaintext communication

While there is no single rule as to the size of this network type, which network is usually made up of fewer than 10 computers and rarely more than 20?

Workgroup

A combination of intrusion detection and prevention, as well as logging and monitoring, provides the best defense against what kind of attack?

Zero-day exploit

Logical topologies are primarily about:

connections

Which network device concentrates communications signals, accepts only basic commands, and provides statistics such as throughput measures and uptime percentages?

Active hub

An advanced persistent threat (APT) quietly resides on a target machine until activated.

True

Authentication is the proof or verification of a user's identity before granting access to a secured area.

True

Authorization is also known as access control.

True

Banner grabbing is the activity of probing services running behind an open port to obtain information.

True

Caching is a data storage mechanism that keeps a local copy of content that is fairly static in nature.

True

Cryptocurrency is electronic currency for which the existence of the currency is a mathematical formula stored on the systems of the participants and has a value that fluctuates.

True

Determining who or what is trustworthy on a network is an ongoing activity.

True

Fragmentation attacks involve an abuse of the fragmentation offset feature of IP packets.

True

Hackers can deposit software keystroke loggers onto a victim's system through a worm or a Trojan horse.

True

Hardening is the process of securing or locking down a host against threats and attacks.

True

Hardware failures are a primary cause of unexpected downtime.

True

In terms of an attack, scanning is the activity of using various tools to confirm information learned during reconnaissance and to discover new details.

True

In terms of hacking, a deterrent is any tool or technique that makes hacking your network less attractive than hacking another network.

True

Information leakage often stems from malicious employees.

True

Insertion attacks involve the introduction of unauthorized content or devices into an otherwise secured infrastructure.

True

Nonrepudiation is the security principle that prevents a user from being able to deny having performed an action.

True

Peer pressure is a form of motivation for some hackers.

True

RFC 1918 addresses are for use only in private networks.

True

Security objectives are goals that an organization strives to achieve through its security efforts.

True

Spoofing tricks a user or a host into believing a communication originated from somewhere other than its real source.

True

The User Domain of an IT infrastructure refers to actual users, whether they are employees, consultants, contractors, or other third-party users.

True

The WAN Domain of an IT infrastructure includes networks owned by a teclo or a carrier network company that leases access to corporations.

True

Whitelisting blocks the execution of any program not on the approved list.

True

Zero-day exploits are new and previously unknown attacks for which no current specific defenses exist.

True

Which of the following is described as "confidence in your expectation that others will act in your best interest"?

Trust

A networking instructor is demonstrating the use of a device that, when making a connection to the Internet, issues a series of alternating tones, and is used to translate the digital signals from computers to the analog signals used on traditional telephone lines. Although the name is familiar to the students, this particular device is no longer in common use. What is the instructor demonstrating?

A modem

Isaac is designing a network infrastructure as a class project. He determines that one device he requires must have the capacity to act as a repeated, operate at the Data Link Later of the OSI model, be able to filter packets based on the MAC address, and allow communication between two local area networks (LANs). Which device will fulfill these specifications?

Bridge

A bank's online infrastructure has been under attack by hackers, In addition to standard security methods, the bank's IT security manager has requested website code to be examined and modified, where necessary, to address possible arbitrary code execution. What will the code modifications prevent?

Buffer overflows

Which form of attack is described as throttling the bandwidth consumption on an Internet link at a specific interval as a method of transmitting small communication streams such as user credentials?

Covert channels

Which network index technology allows users to locate resources on a private network, keeps track of which servers and clients are online, and identifies the resources that network hosts share?

Directory services

A chief financial officer's (CFO's) business account has been leaked onto the Internet, including the CFO's username, password, and financial data. The firm's security manager scanned the CFO's computer for viruses, which was clean. However, the manager is still convinced that the CFO's computer is somehow compromised, allowing whatever is typed to be disclosed. The manager recalls that six weeks ago, the CFO's assistant was caught illicitly accessing secure financial files and was subsequently dismissed. What is the likely problem?

Hardware keystroke logger

Which form of addressing uses 32 bits and subnetting, but suffers from a lack of integrated security?

Internet Protocol version 3 (IPv4)

Mohammad is presenting IPv6 cryptographic security features to his networking class. A student asks him to explain data origin authentication. How does he answer this question?

It uses a checksum that incorporates a shared encryption key so that the receiver can verify that the data was actually sent by the apparent sender.

In theory, a hacker with a small but powerful directional antenna could access a wireless network from more than one mile away. In a real-world situation, what is the more likely range involved?

Less than 1,000 feet

Which of the following is considered a node?

Networked printer

A major U.S. online retailer has discovered that thousands of purchases have been paid for by stolen credit card numbers. An initial analysis of the location of the buyers reveals IP addresses from within the United States. Upon further investigation, it is found that the actual origin point of the fraudulent buyer is a series of IP addresses located in Asia. What technology is the fraudster using?

Proxy server

Which deployment of a web server uses network address translation (NAT) mapping and is considered the poorest security choice?

Reverse proxy

Fatima has been hired as a contractor to decommission a network topology that has been employed by a small company since the 1990's. In studying the project specifications, she reads that this physical topology uses a special packet called tokens, and can be unidirectional or bidirectional. Although it has fewer collisions than other types of networks, this topology is rarely seen in the twenty-first century. Baffled as to what type of network this is, she goes on the Internet and researches the technology. What sort of topology does she find?

Ring

Several times this week, the IT infrastructure chief of a small company has suspected that wireless communications sessions have been intercepted. After investigating, he believes some form of insertion attack is happening. He is considering encrypted communications and preconfigured network access as a defense. What type of insertion attack is suspected?

Rogue device insertion

A fallback attack is defined as an attack that a hacker might try after an unsuccessful breach attempt against a target.

True

A wrapper is a specialized tool used by hackers to build Trojan horses.

True

Mel is working from home and speaking with her department manager on a Voice over IP (VoIP) phone connection. This technology allows telephone conversations to be routed over the Internet. During a VoIP conversation, Mei loses a few moments of what the manager has said to her. What is the problem?

The OSI model Transport Layer was unable to guarantee reliable packet delivery.

A company has discovered that confidential business information has been repeatedly acquired by a competitor over the past six months. The IT security team has been unable to find the leaks. The team suspects a form of side-channel eavesdropping may be involved. What is the suspected hacking method?

The competitor is using a phreaking attack

A major social networking site has been hacked. The usernames, passwords, and security questions of more than 500 million users were compromised. The company disclosed the breach to all users, advising them to immediately change their passwords and security questions. The vulnerability that lead to the breach has been discovered and patched. However, the security engineer suspects there is still a problem left unaddressed. What is the most likely problem?

The hackers may have left malicious tools within the network that will allow them continued access.

Samantha is a network engineer. She is writing a proposal to her company's chief information officer (CIO) about the deployment of a group of end-user nodes to replace the office's aging workstations. Her solution is to use PC's with only display screens, keyboards, and mice, with all of the computing work and storage hosted on servers. What is her solution?

Thin client

A company's IT security engineer has notices several employees periodically checking their social media accounts. One such platform allows chat, which can include sharing links, photos, and videos. When the engineer casually observes one user about to click a link to view a video, she stops the worker. Afterward, she approaches the chief information officer (CIO) and advises that all social media accounts be blocked, and that only online training videos authorized by the company be allowed to be viewed. What threat is the IT security engineer concerned about?

Trojan horse

A Media Access Control (MAC) address is the 48-bit physical hardware address of a network interface card (NIC) assigned by the manufacturer.

True

A buffer overflow is an attack against poor programming techniques and a lack of quality control.

True

Norman is a network engineer. He is creating a series of logical networks based on different departments for a new branch office. Although the physical locations of the computers for a particular department may be in different areas or on different floors of the building, they have to operate as if they are on a single physical network. Norman's solution involves putting the accounting, engineering, and marketing computer nodes on different subnets. What sort of network topology does Norman create?

Virtual local area network (VLAN)

Many company employees work from home on a full-time basis. What technology do they commonly use to communicate securely with the organization's network?

Virtual private network (VPN)

The chief information officer (CIO) is negotiating lease prices with several telecommunications providers. She wants a service that offers circuits that will link to various physical buildings and branches, including a connection to the physical demarcation point. For what network infrastructure will this service be used?

Wide area network (WAN)

Vivienne has been commissioned to design a workgroup network infrastructure for a small office that includes five workstations, three laptops, and a printer. Given that some of the nodes are stationary and others are mobile, what is the best solution for interconnectivity?

Wireless access point (WAP) and wired switch

Kristin's position in IT focuses on using antivirus, anti-spyware, and vulnerability software patch management to maintain security and integrity. Which IT infrastructure domain is she protecting?

Workstation Domain

Which of the following must be done first to accomplish an organization's security goals?

Write down security goals.