Network Foundations Question Set
Amazon Web Services, Microsoft Azure, and Google Cloud Platform are responsible for the physical data center security and most the physical hardware security concerns in which cloud deployment? A. Private Cloud B. Hybrid Cloud C. Public Cloud D. Community Cloud
c. Public Cloud
A wireless disassociation attack is a type of: (Select 2 answers) - Cryptographic attack - Downgrade attack - Deauthentication attack - Brute-force attack - Denial-of-Service (DoS) attack
- Deauthentication Attack - Denial-of-Service (DoS) Attack
Which of the following answers refer to the characteristic features of bus topology? (Select 3) - Each network node connects to exactly two other nodes - The main network cable becomes a single point of failure - Data is passed through each intermediate node until the receiver node is reached - All network nodes connect to a single central cable (a.k.a. backbone or trunk) - Each node becomes a network's single point of failure - A terminator at each end of the main network cable prevents collisions caused by signal bounce
- The main network cable becomes a single point of failure. - All network nodes connect to a single central cable. - A terminator at each end of the main network cable prevents collisions caused by signal bounce.
An organization is looking to utilize a Firewall that can help prevent attacks, such as SQL Injection and Buffer Overflow attacks. Which type of Firewall can assist in this situation by inspecting the network payload of each packet? A. Application Firewall B. Stateful Firewall C. Packet Filtering D. Circuit Level Gateway
A. Application Firewall
Kim has taken her Network and Security Foundation exam and is waiting to get her results by email. By accident, Kim's results are sent to Karen. What part of the CIA Triad is affected? A. Confidentiality B. Availability C. Integrity D. Authorization
A. Confidentiality
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use? A. Stateful Inspection B. Application-level C. Packet filtering D. VPN concentrator
A. Stateful Inspection
Brian would like to secure his website. Which one of the following protocols is the best choice for encrypting communication between a website and its users? A. TLS B. AES C. 3DES D. TKIP
A. TLS (Transport Layer Security)
Which statement correctly differentiates a Smurf attack from a Ping flood attack? A. A Smurf attack uses TCP packets, while a Ping flood uses ICMP packets. B. A Smurf attack amplifies traffic by using the broadcast address, while a Ping flood directly floods the target with echo requests. C. A Smurf attack can only be originated from a single machine, whereas a Ping Flood uses multiple machines. D. A Smurf attack is less disruptive than a Ping flood.
B. A Smurf attack amplifies traffic by using the broadcast address, while a Ping flood directly floods the target with echo requests.
In the context of IT security, wiretapping is considered: A. A physical security measure B. A type of passive attack C. A form of active attack D. A legal method of network monitoring
B. A type of passive attack
What type of attack involves modifying network tables to associate the attacker's MAC address with the IP address of a legitimate user? A. DNS spoofing B. ARP Poisoning C. IP spoofing D. SQL injection
B. ARP Poisoning
Bob receives a message with a signature. He wants to verify that the message really comes from Alice. What should he use? A. Alice's private key B. Alice's public key C. Bob's private key D. Bob's public key
B. Alice's Public Key
Gary is participating in a cybersecurity exercise. His job is to defend the network against attack. What role is Gary playing? A. Red Team B. Blue Team C. Black Team D. White Team
B. Blue Team
A type of network connecting computers within a small geographical area such as a building or group of buildings is called: A. PAN B. CAN C. MAN D. WAN
B. CAN (Campus Area Network)
What is an example of a UTP cable? A. Fiber optic B. CAT 6 Cable C. Coaxial Cable D. InfiniBand
B. CAT 6 Cable
Configuration in client/server architecture is: A. Handled exclusively by the client for simplicity B. Centralized configuration, where the configuration is done on a central server and pushed to all other devices C. Not necessary due to the inherent centralization of the architecture D. Decentralized configuration, where the configuration must be done on all devices individually
B. Centralized configuration, where the configuration is done on a central server and pushed to all other devices.
An organization is deploying a sophisticated firewall that examines both individual packets and their collective grouping. What type of access control does this represent? A. Attribute-based B. Context-based C. Rule-based D. Discretionary
B. Context based
Which type of network topology provides the highest level of redundancy? A. Ring B. Mesh C. Bus D. Star
B. Mesh
Which type of Firewall inspects the source and destination IP address and Port address (contained in the packet header) for every single packet that enters and leaves the network? A. Stateful Firewall B. Packet Filtering Firewall C. Circuit Level Gateway D. Application Firewall
B. Packet Filtering Firewall
In which topology do data packets travel from one device to another, until the data packet arrives at the intended destination? A. Bus B. Ring C. Star D. Mesh
B. Ring
In the OSI model, what is the primary function of the Network layer? A. Allows applications to establish, use, and end a connection B. Routes data between networks C. Transmits data frames D. Ensures that packets are delivered with no loss or duplication
B. Routes data between networks
The Presentation layer of the OSI model: A. Deals with networking protocols, like HTTP and FTP B. Segments the data and adds source and destination port numbers C. Data encryption, decryption, and formatting D. Establishes, manages, and terminates connections with a remote device
B. Segments the data and adds source and destination port numbers.
Which of the following network topologies is most commonly used in contemporary Ethernet LANs? A. Bus topology B. Star topology C. Ring topology D. Mesh topology
B. Star Topology
What is the primary function of a router in a network? A. To amplify the wireless signal strength B. To connect multiple networks and route data packets between them C. To provide a physical connection between a LAN and the Internet D. To filter incoming and outgoing traffic based on a set of rules
B. To connect multiple networks and route data packets between them
A type of network consisting of computers and peripheral devices that use high-frequency radio waves to communicate with each other is called: A. MAN B. WLAN C. LAN D. VLAN
B. WLAN (Wireless Local Area Network)
A cybersecurity expert is legally hired by a corporation to find vulnerabilities in its network and strengthen its defenses. This expert is known as a: A. Black Hat Hacker B. White Hat Hacker C. Grey Hat Hacker D. Script Kiddie
B. White hat hacker
What is a proxy server? A. A server that uses a packet filtering type of firewall B. A server that uses packet inspection to prevent attacks C. A server that authenticates and makes request on behalf of another system on the network D. A server that manages mobile devices when connected to the network
C. A server that authenticates and makes request on behalf of another system on the network
A stateful firewall uses Stateful Packet Inspection to protect the network. How does this type of firewall operate? A. A stateful firewall inspects the network traffic's payload to prevent attacks B. A stateful firewall makes requests on behalf of other systems on a Network C. A stateful firewall that compares all inbound traffic to ensure there is a prior outbound request. D. A stateful firewall compares IP addresses to a to a set of static rules
C. A stateful firewall that compares all inbound traffic to ensure there is a prior outbound request.
A hacker uses a script that automatically injects SQL commands into web forms to steal data from a database. This script is an example of: A. A vulnerability B. A risk C. An exploit D. A threat actor
C. An exploit
Someone who breaks into digital systems with the intention of creating and spreading malware for financial gain would be considered a: A. White Hat Hacker B. Grey Hat Hacker C. Black Hat Hacker D. Script Kiddie
C. Black hat hacker
Which of the following is a key benefit of SaaS? A. Full control over software customization B. Direct management of underlying infrastructure C. Elimination of the need for installations and updates on individual computers D. Unlimited data storage capacity for all users
C. Elimination of the need for installations and updates on individual computers.
A person who enjoys the challenge of breaching networks and bypassing security measures for the thrill, without malicious intent and sometimes pointing out flaws to the affected parties, can be termed a: A. Black Hat Hacker B. White Hat Hacker C. Grey Hat Hacker D. Script Kiddie
C. Grey hat hacker
The MAC (Media Access Control) Address operates at which layer of the OSI model? A. Layer 4 - Transport B. Layer 3 - Network Layer C. Layer 2 - Data Link Layer D. Layer 1 - Physical Layer
C. Layer 2 - Data Link Layer
A hospital's patient record system encounters an unexpected error. According to the fail-safe principle, what should the system do? A. Continue to operate without any restrictions B. Notify the nearest technician C. Lock down access to patient records D. Automatically back up recent changes
C. Lock down access to patient records
What does IaaS provide to the consumer? A. Development tools and environment for building applications. B. Software applications over the internet C. Physical computing resources, virtualized and delivered over the internet D. Networking equipment only
C. Physical computing resources, virtualized and delivered over the internet.
What type of deployment is most likely to use dedicated hardware for cloud services? A. Public Cloud B. Hybrid Cloud C. Private Cloud D. Community Cloud
C. Private Cloud
Which of the following is a simple network device that amplifies a received signal so it can be transmitted over greater distance without loss of quality? A. Patch panel B. Multiplexer C. Repeater D. Passive hub
C. Repeater
In a scenario where a user is logging into a secure website, which encryption technique ensures the password is transmitted safely? A. Symmetric encryption B. Asymmetric encryption C. SSL/TLS using hybrid encryption D. Hashing
C. SSL/TLS using hybrid encryption
Which device improves network performance by dividing a given network segment into separate collision domains? A. Hub B. Repeater C. Switch D. Router
C. Switch
What is the primary purpose of the Personal Information Protection and Electronic Documents Act (PIPEDA)? A. To regulate electronic documents B. To oversee internet communication C. To govern the collection, use, and disclosure of personal information D. To enforce cybersecurity measures
C. To govern the collection, use, and disclosure of personal information
Two or more computers connected together over a wide geographical area (e.g. county, country, globe). What type of network is this? A. LAN B. School Network C. WAN D. The Internet
C. WAN (Wide Area Network)
Which device is commonly used to provide wireless connectivity to devices in a local area network (LAN)? A. Modem B. Router C. WAP D. Switch
C. WAP
Which network command displays the IP Address to MAC Address mapping on a Windows computer? A. ipconfig B. nslookup C. arp D. netstat
C. arp
If a network admin needs to see if a TCP connection is active on a Windows computer, what command should they use? A. nslookup B. ipconfig C. netstat D. nmap
C. netstat
The restrictions most commonly implemented in packet-filtering firewalls are based on ____. A. IP source and destination address B. Direction (inbound or outbound) C. TCP or UDP source and destination port requests D. All of the above
D. All the above
Sue is inspecting her application logs and finds log records that indicate attackers may be attempting to use SQL injection attacks to access the database underlying her application. What is the most effective security control that Sue can apply to address this risk? A. Stateful firewall B. Input validation C. Network firewall D. Application Layer firewall
D. Application Layer Firewall
A healthcare provider is implementing a system to ensure that different levels of data, from public health advice to patient records, are handled according to their sensitivity and criticality to the organization's services. Which type of policy is most appropriate for defining how this data should be categorized and protected? A. Acceptable Use Policy B. Security Awareness Policy C. Asset Management Policy D. Asset Classification Policy
D. Asset Classification Policy
What is the best choice that describes the difference between IDS and IPS. A. IPS can only detect intrusions and IDS can detect and stop malicious network attacks. B. IDS operates at the network layer, while IPS operates at the application layer. C. IDS is only used for web servers; IPS can be used in all environments D. IDS can only detect intrusions and IPS can detect and stop malicious network attacks.
D. IDS can only detect intrusions and IPS can detect and stop malicious network attacks.
What is the key characteristic of a hybrid cloud deployment model in the context of IT asset location? A. All IT assets are located on-premises B. IT assets are exclusively located in the cloud C. IT assets are rented or leased and not owned D. IT assets are distributed between on-premises infrastructure and cloud services
D. IT assets are distributed between on-premises infrastructure and cloud services.
Which wireless infrastructure mode uses a central wireless device, such as a wireless router or wireless access point? A. Ad hoc B. Peer-to-Peer C. Client-Server D. Infrastructure
D. Infrastructure
In what type of attack does the attacker attempt to send unauthorized commands to a back-end database through a web application? A. Pass-the-hash B. Buffer overflow C. CSRF D. SQL Injection
D. SQL Injection
Which Windows network command displays the path a packet takes from source to destination? A. ping B. traceroute C. netstat D. tracert
D. tracert
What type of attack floods a network with ICMP echo request packets, amplifying the attack by using a large number of hosts?
Smurf Attack
