Midterm study plan
It can detect open TCP ports on network systems.
How does network scanning help assess operations security? It can log abnormal activity. It can detect weak or blank passwords. It can detect open TCP ports on network systems. It can simulate attacks from malicious sources.
62
How many host addresses are available on the 192.168.10.128/26 network? 30 32 60 62 64
64 bytes 1518 bytes
What are the two sizes (minimum and maximum) of an Ethernet frame? (Choose two.) 56 bytes 64 bytes 128 bytes 1024 bytes 1518 bytes
DNS
What network service uses the WHOIS protocol? HTTPS FTP DNS SMTP
terminal emulator
A Linux system boots into the GUI by default, so which application can a network administrator use in order to access the CLI environment? § system viewer § file viewer § package management tool § terminal emulator
10 segments
A PC is downloading a large file from a server. The TCP window is 1000 bytes. The server is sending the file using 100-byte segments. How many segments will the server send before it requires an acknowledgment from the PC? 1 segment 10 segments 100 segments 1000 segments
a list of all established active TCP connections
A PC user issues the netstat command without any options. What is displayed as the result of this command? § a historical list of successful pings that have been sent § a list of all established active TCP connections § a network connection and usage report § a local routing table
The computer has an invalid default gateway address.
A computer can access devices on the same network but cannot access devices on other networks. What is the probable cause of this problem? The cable is not connected properly to the NIC. The computer has an invalid IP address. The computer has an incorrect subnet mask. The computer has an invalid default gateway address.
arp -a
A cybersecurity analyst believes an attacker is spoofing the MAC address of the default gateway to perform a man-in-the-middle attack. Which command should the analyst use to view the MAC address a host is using to reach the default gateway? ipconfig /all route print netstat -r arp -a
1000:00d8:0058:00ab
A device has been assigned the IPv6 address of 2001:0db8:cafe:4500:1000:00d8:0058:00ab/64. Which is the host identifier of the device? 2001:0db8:cafe:4500:1000:00d8:0058:00ab 2001:0db8:cafe:4500 1000:00d8:0058:00ab 00ab
DHCPACK
A host PC is attempting to lease an address through DHCP. What message is sent by the server to let the client know it is able to use the provided IP information? DHCPDISCOVER DHCPOFFER DHCPREQUEST DHCPACK DHCPNACK
bring your own device
A large corporation has modified its network to allow users to access network resources from their personal laptops and smart phones. Which networking trend does this describe? cloud computing online collaboration bring your own device video conferencing
.
A network administrator is testing network connectivity by issuing the ping command on a router. Which symbol will be displayed to indicate that a time expired during the wait for an ICMP echo reply message? ! . U $
§ Change the startup type for the utility to Automatic in Services .
A technician has installed a third party utility that is used to manage a Windows 7 computer. However, the utility does not automatically start whenever the computer is started. What can the technician do to resolve this problem? § Set the application registry key value to one. § Use the Add or Remove Programs utility to set program access and defaults. § Change the startup type for the utility to Automatic in Services . § Uninstall the program and then choose Add New Programs in the Add or Remove Programs utility to install the application.
IMAP
A technician is configuring email on a mobile device. The user wants to be able to keep the original email on the server, organize it into folders, and synchronize the folders between the mobile device and the server. Which email protocol should the technician use? POP3 IMAP MIME SMTP
PowerShell script
A user creates a file with .ps1 extension in Windows. What type of file is it? § PowerShell documentation § PowerShell cmdlet § PowerShell script § PowerShell function
§ PowerShell script
A user creates a file with .ps1 extension in Windows. What type of file is it? § PowerShell function § PowerShell cmdlet § PowerShell documentation § PowerShell script
ISPs use Network Address Translation to change a user IP address into an address that can be used on the Internet.
A user gets an IP address of 192.168.0.1 from the company network administrator. A friend of the user at a different company gets the same IP address on another PC. How can two PCs use the same IP address and still reach the Internet, send and receive email, and search the web? Both users must be using the same Internet Service Provider. ISPs use Network Address Translation to change a user IP address into an address that can be used on the Internet. ISPs use Domain Name Service to change a user IP address into a public IP address that can be used on the Internet. Both users must be on the same network.
when the value in the TTL field reaches zero
A user is executing a tracert to a remote device. At what point would a router, which is in the path to the destination device, stop forwarding the packet? when the router receives an ICMP Time Exceeded message when the RTT value reaches zero when the host responds with an ICMP Echo Reply message when the value in the TTL field reaches zero when the values of both the Echo Request and Echo Reply messages reach zero
host unreachable
A user issues a ping 192.168.250.103 command and receives a response that includes a code of 1 . What does this code represent? host unreachable protocol unreachable port unreachable network unreachable
protocol unreachable
A user issues a ping 2001:db8:FACE:39::10 command and receives a response that includes a code of 2 . What does this code represent? port unreachable host unreachable protocol unreachable network unreachable
§ Right-click the application and choose Run as Administrator .
A user logs in to Windows with a regular user account and attempts to use an application that requires administrative privileges. What can the user do to successfully use the application? § Right-click the application and choose Run as Priviledge . § Right-click the application and choose Run as Superuser . § Right-click the application and choose Run as Administrator . § Right-click the application and choose Run as root .
the MAC address of the default gateway
A user sends an HTTP request to a web server on a remote network. During encapsulation for this request, what information is added to the address field of a frame to indicate the destination? the MAC address of the destination host the network domain of the destination host the MAC address of the default gateway the IP address of the default gateway
to the file server to test that the host has the capability to reach hosts on other networks
A user who is unable to connect to the file server contacts the help desk. The helpdesk technician asks the user to ping the IP address of the default gateway that is configured on the workstation. What is the purpose for this ping command? to obtain a dynamic IP address from the server to request that gateway forward the connection request to the file server to test that the host has the capability to reach hosts on other networks to resolve the domain name of the file server to its IP address
§ Windows Defender Firewall with Advanced Security
An IT technician wants to create a rule on two Windows 10 computers to prevent an installed application from accessing the public Internet. Which tool would the technician use to accomplish this task? § Local Security Policy § Computer Management § Windows Defender Firewall with Advanced Security § DMZ
The PC cannot contact a DHCP server. The PC is configured to obtain an IP address automatically.
An employee complains that a Windows PC cannot connect to the Internet. A network technician issues the ipconfig command on the PC and is shown an IP address of 169.254.10.3. Which two conclusions can be drawn? (Choose two.) The PC cannot contact a DHCP server. The DNS server address is misconfigured. The default gateway address is not configured. The PC is configured to obtain an IP address automatically. The enterprise network is misconfigured for dynamic routing.
data link layer
At which OSI layer is a source MAC address added to a PDU during the encapsulation process? data link layer application layer transport layer presentation layer
read, write, execute
Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file? ls -l analyst.txt -rwxrw-r-- sales staff 1028 May 28 15:50 analyst.txt § write only § read, write § read only § read, write, execute
read, write, execute
Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file? ls -l analyst.txt -rwxrw-r-- sales staff 1028 May 28 15:50 analyst.txt § read, write, execute § write only § read only § read, write
A DHCPDISCOVER message is sent with the broadcast IP address as the destination address.
How is a DHCPDISCOVER transmitted on a network to reach a DHCP server? A DHCPDISCOVER message is sent with the IP address of the DHCP server as the destination address. A DHCPDISCOVER message is sent with a multicast IP address that all DHCP servers listen to as the destination address. A DHCPDISCOVER message is sent with the broadcast IP address as the destination address. A DHCPDISCOVER message is sent with the IP address of the default gateway as the destination address.
|
In the Linux shell, which character is used between two commands to instruct the shell to combine and execute these two commands in sequence? § $ § # § % § |
PIC
Match each characteristic to the appropriate email protocol. (Not all options are used.)
PIC
Match each statement about FTP communications to the connection it describes. (Not all options are used.)
PIC
Match the HTTP status code group to the type of message generated by the HTTP server.
§ Displays the name of the current working directory: pwd § runs a command as another user: sudo § modifies file permissions: chmod § shuts down the system: Empty § lists the processes that are currently running: ps
Match the Linux command to the function. (Not all options are used.) § Displays the name of the current working directory: § runs a command as another user: § modifies file permissions: § shuts down the system: § lists the processes that are currently running:
§ CLI : a text based interface that accepts user commands § shell : a program that interprets and executes user commands § daemon : a background process that runs without the need for user interaction § (Empty) : a program that manages CPU and RAM allocation to processes, system calls, and file systems
Match the Linux system component with the description. (Not all options are used.) §a text based interface that accepts user commands § a program that interprets and executes user commands § a background process that runs without the need for user interaction § nu a program that manages CPU and RAM allocation to processes, system calls, and file systems
§ Step one: The Windows boot loader Winload.exe loads § Step two: Ntosknl.exe and hal.dll are loaded § Step three: Winload.exe reads the registry, chooses a hardware profile, and loads the device drivers. § Step four: Ntoskrnl.exe takes over the process. § Step five: Winlogon.exe is loaded and excutes the logon process.
Match the Windows 10 boot sequence after the boot manager (bootmgr.exe) loads. § Step one: § Step two: § Step three: § Step four: § Step five:
§ renames a file ~~> ren § creates a new directory ~~> mkdir § changes the current directory ~~> cd § lists files in a directory ~~> dir
Match the Windows command to the description. § renames a file ~~> § creates a new directory ~~> § changes the current directory ~~> § lists files in a directory ~~>
§ Registry : a hierarchical database of all system and user information § Windows Firewall : selectively denies traffic on specified interfaces § PowerShell : a CLI environment used to run scripts and automate tasks § Event Viewer : maintains system logs § (Empty) : provides information on system resources and processes § (Empty) : provides virus and spyware protection
Match the Windows system tool with the description. (Not all options are used.) § a hierarchical database of all system and user information § selectively denies traffic on specified interfaces § a CLI environment used to run scripts and automate tasks § maintains system logs § (Empty) : provides information on system resources and processes § (Empty) : provides virus and spyware protection
§ SMTP: 25 § DNS: 53 § HTTPS: 443 § SSH: 22 § TELNET: 23
Match the commonly used ports on a Linux server with the corresponding service. § SMTP: § DNS: § HTTPS: § SSH: § TELNET:
SMTP 25 DNS 53 HTTPS 443 SSH NOT USED TELNET 23
Match the commonly used ports on a Linux server with the corresponding service. (Not all options are used.) SMTP DNS HTTPS SSH TELNET
§ a type of file that is a reference to another file or directory ~~> symlink § a running background process that does not need user interaction ~~> daemon § protecting remote access ~~> hardening § (Empty) ~~>logging
Match the description to the Linux term. (Not all options are used.) § a type of file that is a reference to another file or directory ~~> § a running background process that does not need user interaction ~~> § protecting remote access ~~> § (Empty) ~~>
§ write only ~~> 010 § read and execute ~~> 101 § read and write ~~> 110 § execute only ~~> 001 § write and execute ~~> NOT SCORED § no access ~~> 000
Match the octal value to the file permission description in Linux. (Not all options are used.) § write only ~~> § read and execute ~~> § read and write ~~> § execute only ~~> § write and execute ~~> § no access ~~>
§ used by RedHat and CentOS computers and tracks authentication-related events: /var/log/secure § contains generic computer activity logs, and is used to store informational and noncritical system messages: /var/log/messages § stores information related to hardware devices and their drivers: /var/log/dmesg § used by Debian and Ubuntu computers and stores all authentication-related events: /var/log/auth.log
Match typical Linux log files to the function. § used by RedHat and CentOS computers and tracks authentication-related events: /var/log/ § contains generic computer activity logs, and is used to store informational and noncritical system messages: /var/log/ § stores information related to hardware devices and their drivers: /var/log/ § used by Debian and Ubuntu computers and stores all authentication-related events: /var/log/
router DG
Refer to the exhibit. A cybersecurity analyst is viewing captured packets forwarded on switch S1. Which device has the MAC address 50:6a:03:96:71:22? router DG router ISP DSN server web server PC-A
48598
Refer to the exhibit. A network security analyst is examining captured data using Wireshark. The captured frames indicate that a host is downloading malware from a server. Which source port is used by the host to request the download? 66 1514 6666 48598
inside global
Refer to the exhibit. From the perspective of users behind the NAT router, what type of NAT address is 209.165.201.1? outside global outside local inside local inside global
the MAC address of the G0/0 interface on R1
Refer to the exhibit. PC1 attempts to connect to File_server1 and sends an ARP request to obtain a destination MAC address. Which MAC address will PC1 receive in the ARP reply? the MAC address of S1 the MAC address of the G0/0 interface on R1 the MAC address of the G0/0 interface on R2 the MAC address of S2 the MAC address of File_server1
RT1 will send an ARP reply with its own Fa0/0 MAC address.
Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC3. In this scenario, what will happen next? RT1 will forward the ARP request to PC3. RT1 will send an ARP reply with its own Fa0/0 MAC address. RT1 will send an ARP reply with the PC3 MAC address. SW1 will send an ARP reply with its Fa0/1 MAC address. RT1 will send an ARP reply with its own Fa0/1 MAC address.
The communication fails after the default gateway.
Refer to the exhibit. This PC is unable to communicate with the host at 172.16.0.100. What information can be gathered from the displayed output? The target host is turned off. 172.16.0.100 is only a single hop away. This PC has the wrong subnet configured on its NIC. The communication fails after the default gateway.
It sends a DHCPREQUEST that identifies which lease offer the client is accepting.
What action does a DHCPv4 client take if it receives more than one DHCPOFFER from multiple DHCP servers? It discards both offers and sends a new DHCPDISCOVER. It sends a DHCPREQUEST that identifies which lease offer the client is accepting. It sends a DHCPNAK and begins the DHCP process over again. It accepts both DHCPOFFER messages and sends a DHCPACK.
destination MAC address to a destination IPv4 address
What addresses are mapped by ARP? destination MAC address to a destination IPv4 address destination IPv4 address to the source MAC address destination IPv4 address to the destination host name destination MAC address to the source IPv4 address
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
What are the three ranges of IP addresses that are reserved for internal private use? (Choose three.) 10.0.0.0/8 64.100.0.0/14 127.16.0.0/12 172.16.0.0/12 192.31.7.0/24 192.168.0.0/16
meeting the reliability requirements of applications, if any multiplexing multiple communication streams from many users or applications on the same network identifying the applications and services on the client and server that should handle transmitted data
What are three responsibilities of the transport layer? (Choose three.) meeting the reliability requirements of applications, if any multiplexing multiple communication streams from many users or applications on the same network identifying the applications and services on the client and server that should handle transmitted data directing packets towards the destination network formatting data into a compatible form for receipt by the destination devices conducting error detection of the contents in frames
§ NTFS supports larger files. § NTFS provides more security features.
What are two advantages of the NTFS file system compared with FAT32? (Choose two.) § NTFS is easier to configure. § NTFS supports larger files. § NTFS allows faster formatting of drives. § NTFS allows the automatic detection of bad sectors. § NTFS allows faster access to external peripherals such as a USB drive. § NTFS provides more security features.
§ improved performance § increase in the size of supported files
What are two benefits of using an ext4 partition instead of ext3? (Choose two.) § an increase in the number of supported devices § improved performance § compatibility with NTFS § increase in the size of supported files § decreased load time § compatibility with CDFS
connectionless
What is a basic characteristic of the IP protocol? connectionless media dependent user data segmentation reliable end-to-end delivery
transferring blocks of DNS data from a DNS server to another server
What is a description of a DNS zone transfer? forwarding a request from a DNS server in a subdomain to an authoritative source the action taken when a DNS server sends a query on behalf of a DNS resolver transferring blocks of DNS data from a DNS server to another server finding an address match and transferring the numbered address from a DNS server to the original requesting client
The tracert command shows the information of routers in the path
What is a function of the tracert command that differs from the ping command when they are used on a workstation? The tracert command reaches the destination faster. The tracert command shows the information of routers in the path. The tracert command sends one ICMP message to each hop in the path. The tracert command is used to test the connectivity between two devices.
It is encapsulated in a Layer 2 frame.
What is done to an IP packet before it is transmitted over the physical medium? It is tagged with information guaranteeing reliable delivery. It is segmented into smaller individual pieces. It is encapsulated into a TCP segment. It is encapsulated in a Layer 2 frame.
2001:0420:0059:0000:0001:0000:0000:000a
What is the full decompressed form of the IPv6 address 2001:420:59:0:1::a/64? 2001:420:59:0:1:0:0:a 2001:0420:0059:0000:0001:0000:0000:000a 2001:4200:5900:0000:1000:0000:0000:a000 2001:4200:5900:0:1:0:0:a000 2001:0420:0059:0000:0001:000a 2001:0420:0059:0000:0001:0000:000a
to request an HTML page from a web server
What is the function of the HTTP GET message? to request an HTML page from a web server to send error information from a web server to a web client to upload content to a web server from a web client to retrieve client email from an email server using TCP port 110
The man man command provides documentation about the man command
What is the outcome when a Linux administrator enters the man man command? § The man man command configures the network interface with a manual address § The man man command opens the most recent log file § The man man command provides a list of commands available at the current prompt § The man man command provides documentation about the man command
to provide feedback of IP packet transmissions
What is the purpose of ICMP messages? to inform routers about network topology changes to ensure the delivery of an IP packet to provide feedback of IP packet transmissions to monitor the process of a domain name to IP address resolution
to configure networking parameters for the PC
What is the purpose of entering the netsh command on a Windows PC? § to configure networking parameters for the PC § to change the computer name for the PC § to create user accounts § to test the hardware devices on the PC
§ to review the settings of password and logon requirements for users
What is the purpose of using the net accounts command in Windows? § to display information about shared network resources § to show a list of computers and network devices on the network § to start a network service § to review the settings of password and logon requirements for users
Client information is stolen.
What is the result of an ARP poisoning attack? Client information is stolen. Client memory buffers are overwhelmed. Network clients experience a denial of service. Network clients are infected with a virus.
53
What is the well-known port address number used by DNS to serve requests? § 25 § 53 § 110 § 60
It decrements the value of the TTL field by 1 and if the result is 0, it discards the packet and sends a Time Exceeded message to the source host.
What mechanism is used by a router to prevent a received IPv4 packet from traveling endlessly on a network? It checks the value of the TTL field and if it is 0, it discards the packet and sends a Destination Unreachable message to the source host. It checks the value of the TTL field and if it is 100, it discards the packet and sends a Destination Unreachable message to the source host. It decrements the value of the TTL field by 1 and if the result is 0, it discards the packet and sends a Time Exceeded message to the source host. It increments the value of the TTL field by 1 and if the result is 100, it discards the packet and sends a Parameter Problem message to the source host.
the ICMPv6 Router Advertisement
What message informs IPv6 enabled interfaces to use stateful DHCPv6 for obtaining an IPv6 address? the ICMPv6 Router Advertisement the ICMPv6 Router Solicitation the DHCPv6 Reply message the DHCPv6 Advertise message
§ UEFI
What technology was created to replace the BIOS program on modern personal computer motherboards? § UEFI § MBR § CMOS § RAM
DHCP DNS FTP
What three application layer protocols are part of the TCP/IP protocol suite? (Choose three.) ARP DHCP DNS FTP NAT PPP
the domain name mapped to mail exchange servers the
What type of information is contained in a DNS MX record? the FQDN of the alias used to identify a service the IP address for an FQDN entry the domain name mapped to mail exchange servers the IP address of an authoritative name server
IP address to MAC address mappings
What type of information is contained in an ARP table? switch ports associated with destination MAC addresses domain name to IP address mappings routes to reach destination networks IP address to MAC address mappings
private
When a wireless network in a small office is being set up, which type of IP addressing is typically used on the networked devices? public private network wireless
pwd
Which Linux command can be used to display the name of the current working directory? sudo ps pwd chmod
segment
Which PDU is processed when a host computer is de-encapsulating a message at the transport layer of the TCP/IP model? bits frame packet segment
Local Security Policy
Which Windows tool can be used by a cybersecurity administrator to secure stand-alone computers that are not part of an active directory domain? § PowerShell § Windows Defender § Windows Firewall § Local Security Policy
Destination Address
Which field in an IPv4 packet header will typically stay the same during its transmission? Flag Time-to-Live Packet Length Destination Address
router advertisement messages received from the link router
Which method would an IPv6-enabled host using SLAAC employ to learn the address of the default gateway? router advertisement messages received from the link router neighbor solicitation messages sent to link neighbors neighbor advertisement messages received from link neighbors router solicitation messages received from the link router
client/server
Which networking model is being used when an author uploads one chapter document to a file server of a book publisher? peer-to-peer master-slave client/server point-to-point
DHCP
Which process failed if a computer cannot access the internet and received an IP address of 169.254.142.5? IP DNS DHCP HTTP
SMB
Which protocol is a client/server file sharing protocol and also a request/response protocol? FTP SMB TCP UDP
IP relies on upper layer services to handle situations of missing or out-of-order packets.
Which statement describes a feature of the IP protocol? IP encapsulation is modified based on network media. IP relies on Layer 2 protocols for transmission error control. MAC addresses are used during the IP packet encapsulation. IP relies on upper layer services to handle situations of missing or out-of-order packets.
§ It is used to share network resources.
Which statement describes the function of the Server Message Block (SMB) protocol? § It is used to stream media contents. § It is used to manage remote PCs. § It is used to compress files stored on a disk. § It is used to share network resources.
Tracert shows each hop, while ping shows a destination reply only.
Which statement describes the ping and tracert commands? Tracert shows each hop, while ping shows a destination reply only. Tracert uses IP addresses; ping does not. Both ping and tracert can show results in a graphical display. Ping shows whether the transmission is successful; tracert does not.
route redirection protocol unreachable
Which two ICMP messages are used by both IPv4 and IPv6 protocols? (Choose two.) router solicitation route redirection neighbor solicitation protocol unreachable router advertisement
netstat -r route print
Which two commands can be used on a Windows host to display the routing table? (Choose two.) netstat -s route print show ip route netstat -r tracert
§ nslookup cisco.com § ping cisco.com
Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.) § nslookup cisco.com § net cisco.com § ipconfig /flushdns § nbtstat cisco.com § ping cisco.com
It is responsible for Media Access Control. It adds a header and trailer to form an OSI Layer 2 PDU.
Which two functions or operations are performed by the MAC sublayer? (Choose two.) It is responsible for Media Access Control. It performs the function of NIC driver software. It adds a header and trailer to form an OSI Layer 2 PDU. It handles communication between upper and lower layers. It adds control information to network protocol layer data.
Enforce the password history mechanism. Ensure physical security.
Which two methods can be used to harden a computing device? (Choose two.) Allow default services to remain enabled. Allow USB auto-detection. Enforce the password history mechanism. Update patches on a strict annual basis irrespective of release date. Ensure physical security.
acknowledging received data retransmitting any unacknowledged data
Which two operations are provided by TCP but not by UDP? (Choose two.) identifying the applications acknowledging received data tracking individual conversations retransmitting any unacknowledged data reconstructing data in the order received
network portion host portion
Which two parts are components of an IPv4 address? (Choose two.) subnet portion network portion logical portion host portion physical portion broadcast portion
cmdlets
Which type of Windows PowerShell command performs an action and returns an output or object to the next command that will be executed? § cmdlets § functions § routines § scripts
packet capture software
Which type of tool allows administrators to observe and understand every detail of a network transaction? § log manager § malware analysis tool § ticketing system § packet capture software
root user
Which user can override file permissions on a Linux computer? § any user that has 'group' permission to the file § only the creator of the file § any user that has 'other' permission to the file § root user
Time-to-Live
Which value, that is contained in an IPv4 header field, is decremented by each router that receives a packet? Differentiated Services Fragment Offset Header Length Time-to-Live
It is an open source Linux security distribution containing many penetration tools.
Why is Kali Linux a popular choice in testing the network security of an organization? § It is a network scanning tool that prioritizes security risks. § It is an open source Linux security distribution containing many penetration tools. § It can be used to test weaknesses by using only malicious software. § It can be used to intercept and log network traffic.
file system structure, file permissions, and user account restrictions
Why is Linux considered to be better protected against malware than other operating systems? § customizable penetration and protection tools § fewer deployments § file system structure, file permissions, and user account restrictions § integrated firewall
The administrator has more control over the operating system.
Why would a network administrator choose Linux as an operating system in the Security Operations Center (SOC)? It is easier to use than other operating systems. More network applications are created for this environment. It is more secure than other server operating systems. The administrator has more control over the operating system.