Network pro 2022
Listen to simulation instructions You have a single switch with a DHCP server connected to Fa0/24. The DHCP snooping feature is already enabled on SwitchA. Now you want to configure DHCP snooping and dynamic ARP inspection on the switch. In this lab, your task is to: Enable DHCP snooping globally on SwitchA. Enable DHCP snooping for VLAN 1. Use the Fa0/24 interface. Configure the port that the DHCP server is connected to as a trusted interface for DHCP snooping. Enable dynamic ARP inspection for VLAN 1. Save the changes to the startup-config file.
Enable DHCP snooping globally on SwitchA. Select SwitchA. In the terminal, press Enter to get started. At the SwitchA> prompt, type enable and press Enter. At the SwitchA# prompt, type config t and press Enter. At the SwitchA(config)# prompt, type ip dhcp snooping and press Enter. Enable DHCP snooping for VLAN1. At the SwitchA(config)# prompt, type ip dhcp snooping vlan 1 and press Enter. At the SwitchA(config)# prompt, type int fa0/24 and press Enter. Configure the port that the DHCP server is connected to as a trusted interface for DHCP snooping. At the SwitchA(config-if)# prompt, type ip dhcp snooping trust and press Enter. At the SwitchA(config-if)# prompt, type exit and press Enter. Enable dynamic ARP inspection for VLAN1. At the SwitchA(config)# prompt, type ip arp inspection vlan 1 and press Enter. Press Ctrl + Z. Save the changes to the startup-config file. At the SwitchA# prompt, type copy run start and press Enter. Press Enter to begin building the configuration.
Besides entering a URL to go directly to a website, what else can you enter in a browser address bar to explore the internet?
Enter one or more search terms for a topic.
Dumpster diving is a low-tech way of gathering information that may be useful for gaining unauthorized access or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?
Establish and enforce a document destruction policy.
What is the primary benefit of CCTV?
Expands the area visible to security guards.
Which option should you choose to send an email you've received to a new person?
Forward
You want to make sure that a set of servers only accepts traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers do not accept packets sent to those services. Which tool should you use?
Port scanner
Telnet is inherently unsecure because its communication is in plaintext and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
SSH
Which of the following protocols can you use to securely manage a network device from a remote connection?
SSH
Which protocol does HTTPS use to offer greater security for web transactions?
SSL
You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations, including airports, hotels, and public access points (like coffee shops and libraries). As such, you won't be able to configure the firewalls that might be controlling access to the internet in these locations. Which of the following protocols is MOST likely to be allowed through the widest number of firewalls?
SSL
Which of the following is a secure doorway that can be used with a mantrap to allow an easy exit but actively prevents re-entrance through the exit portal?
Turnstiles
What should you try first if your antivirus software does not detect and remove a virus?
Update your virus detection software.
Which of the following Security Orchestration, Automation, and Response (SOAR) system components helps to document the processes and procedures that are to be used by a human during a manual intervention?
Playbook
Which of the following is an example of an internal threat?
A user accidentally deletes the new product designs.
Match each source on the left to its source type on the right. A catalog of all the mayor's speeches and news articles about the
A catalog of all the mayor's speeches and news articles about them - Tertiary source The transcript of a speech by the mayor - Primary source A news article about the mayor's speech - Secondary source
Which of the following describes an on-path attack?
A false server intercepts communications from a client by impersonating the intended server.
What is the main difference between a worm and a virus?
A worm can replicate itself, while a virus requires a host for distribution.
Which of the following BEST describes an inside attacker?
An unintentional threat actor (the most common threat).
Which of the following is the term used to describe what happens when an attacker sends falsified messages to link their MAC address with the IP address of a legitimate computer or server on the network?
ARP poisoning
Which of the following attacks can also be used to perform denial of service (DoS) attacks?
ARP spoofing
Which of the following is most likely to have peer-reviewed material written by an expert in the field?
Academic journal
You are inadvertently using comparable wording or sentence structure. Which form of plagiarism are you engaging in?
Accidental
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses Nmap to probe various network hosts to see which operating system they are running. Which process did the administrator use for the penetration test in this scenario?
Active fingerprinting
While browsing the internet, you notice that the browser displays ads linked to recent keyword searches you performed. Which attack type is this an example of?Adware
Adware
You use Google Chrome as your web browser on the desktop computer in your dorm room. Because you're concerned about privacy and security while surfing the Web, you decide to block pop-ups from banner ad companies. However, you still want the computer to accept pop-ups from legitimate sites, such as your bank's website. You also want to block location tracking and third-party cookies in the browser. Your task in this lab is to configure the content settings in Google Chrome as follows: Configure the pop-up blocker to block all pop-ups and redirects. Remove the doctorevilskeylogger.com site that is currently allowed to use pop-ups. Configure a new exception to allow pop-ups from mybank.com. Block all location tracking in the browser. Block third-party websites from saving and reading cookie data. Block the virusclickjacking4u.org and darkwebphishing.org sites that are currently allowed to use cookies. Start Lab
At the bottom of the screen, click the Google Chrome icon. To configure the Pop-up Blocker settings: In the upper-right corner of the window, click the kebab icon and select Settings. In the upper-left corner of the window, click the hamburger icon. Click Advanced. Click Privacy and security. Click Site settings. Select Pop-ups and redirects. Toggle the Allowed option to Blocked (recommended). At the right of http://www.doctorevilskeylogger.com, click the kebab icon, then select Remove. In the Allow section, click the Add button. In the Add a site pop-up window, enter mybank.com and click Add. Click the back arrow next to Pop-ups and redirects. To block location tracking: Select Location. Toggle the Ask before accessing (recommended) option to Blocked. Click the back arrow next to Location. To block third-party cookies: Select Cookies. Select the toggle button next to Block third-party cookies. At the right of http://www.virusclickjacking4u.org, click the kebab icon, then select Block. At the right of http://www.darkwebphishing.org, click the kebab icon, then select Block. Click the back arrow next to Cookies.
Which of the following BEST describes the key difference between DoS and DDoS?
Attackers use numerous computers and connections.
An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. Which type of social engineering is this individual engaging in?
Authority
What is the primary countermeasure to social engineering?
Awareness
You are using a password attack that tests every possible keystroke for each single key in a password until the correct one is found. Which of the following technical password attacks are you using?
Brute force attack
Martin just purchased a new computer and wants to surf the web. He is afraid his new computer may get infected by automatically installing viruses. What should he do to protect his computer?
Change browser settings to notify before downloading.
What is spoofing?
Changing or falsifying information in order to mislead or re-direct traffic.
A service that lets you store data in a remote location over the Internet is called _____________.
Cloud storage
Which SIEM component is responsible for gathering all event logs from configured devices and securely sending them to the SIEM system?
Collectors
Match each switch management method on the left with its corresponding characteristics on the right. Each method may be used once, more than once, or not at all.
Competes with normal network traffic for bandwidth. - In-band management Uses a dedicated communication channel.- Out-of-band management Must be encrypted to protect communications from sniffing. - In-band management Does not compete with normal network traffic for bandwidth. - Out-of-band management Affected by network outages. - In-band management
Which of the following are considered asynchronous technologies? (Select two.)
Email message boards
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following:
Control access to the work area with locking doors and card readers. Relocate the switch to the locked server closet.
You are the IT security administrator for a small corporate network. You have received a zip file that contains sensitive password-protected files. You need to access these files. The zip file is located in the home directory. In this lab, your task is to use John the Ripper to: Crack the root password on Support. Crack the password of the protected.zip file in the home directory on IT-Laptop.
Crack the root password on Support. From the Favorites bar, select Terminal. At the prompt, type cd /usr/share/john and press Enter to change directories to the folder containing the John the Ripper password file. Type ls and press Enter to list the files in the directory. Type cat password.lst and press Enter to view the password list. This is an abbreviated list. Type cd and press Enter to go back to root. Type john /etc/shadow and press Enter to crack the Linux passwords. Notice that the root password of 1worm4b8 was cracked. Type john /etc/shadow and press Enter to attempt to crack the Linux passwords again. Notice that it does not attempt to crack the password again. The cracked password is already stored in the john.pot file. Type cat ./.john/john.pot and press Enter to view the contents of the john.pot file. Type john /etc/shadow --show and press Enter as an alternate method of viewing the previously cracked password. From the top right, select Answer Questions. Answer Question 1. Crack the password of the protected.zip file. From the top left, select Floor 1 Overview. Under IT Administration, select IT-Laptop. From the Favorites bar, select Terminal. At the prompt, type ls and press Enter to view the contents of the home directory. Notice the protected.zip file you wish to crack. Type zip2john protected.zip > ziphash.txt and press Enter to copy the hashes to a text file. Type cat ziphash.txt and press Enter to confirm that the hashes have been copied. Type john --format=pkzip ziphash.txt and press Enter to crack the password. Type john ziphash.txt --show and press Enter to show the password. From the top right, select Answer Questions. Answer Question 2. Select Score Lab. 1worm4b8 p@ssw0rd
A security administrator logs on to a Windows server on her organization's network. Then she runs a vulnerability scan on that server. Which type of scan did she conduct in this scenario?
Credentialed scan
Which type of denial-of-service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps hostnames to IP addresses?
DNS poisoning
Which level of the OSI model does a Layer 2 switch operate at?
Data Link layer
Which of the following is an attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Denial-of-service attack
Which of the following can you use to stop piggybacking from occurring at a front entrance where employees swipe smart cards to gain entry?
Deploy a mantrap.
On your way into the back entrance of your work building one morning, a man dressed as a plumber asks you to let him in so he can fix the restroom. What should you do?
Direct him to the front entrance and instruct him to check in with the receptionist.
You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled?
Dumpster diving
What is one of the things that has set Siri apart from other digital assistants?
Easter eggs
You are the IT security administrator for a small corporate network. As a test, you want to spoof the DNS to redirect traffic as part of an on-path (man-in-the-middle) attack. To do this, you have decided to send all DNS requests for the RMK Office Supplies coming from the Exec computer to the RUS Office Supplies site. In this lab, your task is to complete the following: From the Exec computer, view normal access to the RMK Office Supplies website. From the Support computer, view the contents of the /etc/ettercap/etter.dns file to see which entry reroutes the request to the RMK Office Supplies site to the RUS Office Supplies site. Answer Question 1. Use Ettercap to configure DNS spoofing and an on-path attack using the following information: Use unified sniffing on the enp2s0 interface. Set Exec (192.168.0.30) as the target machine. Initiate DNS spoofing using an Ettercap plug-in. Initiate ARP poisoning on remote connections. From Exec, use Google Chrome to access www.rmksupplies.com and analyze the results. Answer Question 2.
From Exec, view normal access to the RMK Office Supplies website.From the taskbar, select Google Chrome.In the URL field, type www.rmksupplies.com and press Enter.Notice that you are taken to the RMK Office Supplies website.Close Google Chrome. From Support, learn how Ettercap's DNS spoofing plug-in works by viewing the host file (etter.dns). From the top left, select Floor 1 Overview. Under Support Office, select Support. From the Favorites bar, select Terminal. From the Terminal prompt, type cd /etc/ettercap and then press Enter to change to the Ettercap directory. Type ls and then press Enter to view the current files. Type cat etter.dns and then press Enter to view the contents of the etter.dns file. At the bottom, locate the line that specifies where the RMK Office Supplies website will be redirected. From the top right, select Answer Questions. Answer Question 1. Minimize the Answer Questions dialog. Use Ettercap to begin unified sniffing on the enp2s0 interface. From the Favorites bar, select Ettercap. Select Sniff > Unified sniffing... From the Network Interface drop-down list, select enp2s0. Select OK. Set Exec (192.168.0.30) as the target machine. Select Hosts > Host list to view the hosts known to the tool. None are shown. Select Hosts > Scan for hosts to scan for hosts on the network. A list of hosts is shown. Under IP Address, select 192.168.0.30 (the Exec computer). Select Add to Target 1 to assign it as the target. Initiate DNS spoofing using the Ettercap plug-in. Select Plugins > Manage the plugins. Select the Plugins tab. Double-click dns_spoof to activate it. Initiate ARP poisoning on remote connections. Select Mitm > ARP poisoning. Select Sniff remote connections. Select OK. From Exec, attempt to access the RMK Office Supplies site to view the results of the DNS spoofing. From the top left, select Floor 1 Overview. Under Executive Office, select Exec. From the taskbar, select Google Chrome. In the URL field, type www.rmksupplies.com and press Enter. From the top right, select Answer Questions. Answer Question 2. Select Score Lab. 203.12.42.54 Queries to the rmksupplies.com site were redirected to the RUS Office Supplies site.
You are the IT security administrator for a small corporate network. You are experimenting with DHCP spoofing attacks using Ettercap. In this lab, your task is to complete the following: From IT-Laptop, use Ettercap to launch an on-path (man-in-the-middle) DHCP spoofing attack using the following parameters:
From IT-Laptop, start unified sniffing on the enp2s0 interface. From the Favorites bar, select Ettercap. Select Sniff > Unified sniffing. From the Network Interface drop-down list, select enp2s0. Select OK. Select Mitm > DHCP spoofing and then configure the Server Information as follows: Netmask: 255.255.255.0. DNS: 192.168.0.11. Select OK. Find the current default gateway for Support. From the top left, select Floor 1 Overview. Under Support Office, select Support. From the Favorites bar, select Terminal. Type route and press Enter. From the top right, select Answer Questions. Answer Question 1. Minimize the Lab Questions dialog. Start a Wireshark capture that filters for bootp packets. From the Favorites bar, select Wireshark. Under Capture, select enp2s0. Select the blue fin to begin a Wireshark capture. In the Apply a display filter field, type bootp and press Enter. Request a new IP address from the DHCP server for the enp2s0 interface. At the terminal prompt: Type ip link set enp2s0 down and press Enter to bring the interface down. Type ip link set enp2s0 up and press Enter to bring the interface back up. Maximize Wireshark for easier viewing. In Wireshark, under the Info column, notice there are two DHCP ACK packets. One is the legitimate acknowledgment (ACK) packet from the DHCP server, and the other is the spoofed ACK packet. Determine which DHCP ACK packet is the spoofed packet. Select one of the DHCP ACK packets received. In the middle panel, expand Bootstrap Protocol (ACK). Expand Option: (3) Router. Make note of the IP address used by the router. Repeat steps 5a-5c for the second ACK packet. From the top right, select Answer Questions. Answer the Questions 2 and 3. Minimize Wireshark and the Lab Questions dialog so you can see the terminal window. At the terminal prompt, type route and press Enter. Notice that the current gateway is now 192.168.0.46. This is the address of the computer performing the on-path (man-in-the-middle) attack. On Office1, view the current default gateway and the route to rmksupplies.com site. From the top left, select Floor 1 Overview. Under Office 1, select Office1. Right-click Start and select Windows PowerShell (Admin). At the PowerShell prompt, type tracert rmksupplies.com and press Enter. Notice that the first hop is 192.168.0.5. Type ipconfig and press Enter to view the IP address configuration for the computer. The configuration for Office1 is: IP address: 192.168.0.33 Default Gateway: 192.168.0.5 At the prompt, type ipconfig /release and press Enter to release the currently assigned addresses. Type ipconfig /renew and press Enter to request a new IP address from the DHCP server. Notice that the default gateway has changed to the attacker's computer, which has an IP address of 192.168.0.46. Type tracert rmksupplies.com and press Enter. Notice that the first hop is now 192.168.0.46 (the address of the attacker's computer). Using Google Chrome, log into the rmksupplies.com Employee Portal.From the taskbar, select Google Chrome.Maximize the window for easier viewing.In the URL field, enter rmksupplies.com and press Enter.At the bottom of the page, select Employee Portal and login using the following:Username: bjackson.Password: $uper$ecret1.Select Login.You are logged in as Blake Jackson. From IT-Laptop, find the captured username and password in Ettercap.From the top left, select Floor 1 Overview.Under IT Administration, select IT-Laptop.Maximize Ettercap.In Ettercap's bottom pane, find the username and password used to log in to the Employee Portal. Score the lab.From the top right, select Answer Questions to end the lab.Select Score Lab. 192.168.0.5 192.168.0.5, 192.168.0.46 Packet 4
In addition to good design sense, what else do web designers need to be proficient in?
Front-end coding languages
Which of the following is a device that can send and receive data simultaneously?
Full-duplex
Which of the following charges resources used, such as bandwidth and processing power, by the second?
Google Cloud
Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all.
Hardened carrier - Protected cable distribution Biometric authentication - Door locks Barricades - Perimeter barrier Emergency escape plans- Safety Alarmed carrier - Protected cable distribution Anti-passback system - Physical access control Emergency lighting - Safety Exterior floodlights - Perimeter barrier
Which of the following is a common social engineering attack?
Hoax virus information emails.
Which of the following intrusion detection and prevention systems uses fake resources to entice intruders by displaying a vulnerability, configuration flaw, or valuable data?
Honeypot
Which of the following is used to change traffic lights for emergency vehicles?
ITCS
As you are helping a user with a computer problem, you notice that she has written her password on a note stuck to her computer monitor. You check your company's Password Policy and find that the following settings are currently required: Minimum password length = 10 Minimum password age = 4 Maximum password age = 30 Password history = 6 Account lockout clipping level = 3 Require complex passwords that include numbers and symbols Which of the following is the best action to take to make remembering passwords easier so that the user no longer has to write their password down?
Implement end user training.
Which of the following CCTV types would you use in areas with little or no light?
Infrared
Which of the following is the MOST effective protection against IP packet spoofing on a private network?
Ingress and egress filters
Based on a review of physical security at your office, you have recommended several improvements. Your plan includes installing smart card readers, IP cameras, signs, and an access logbook. In this lab, your task is to: Implement your physical security plan by dragging the correct items from the shelf onto the various locations in the building. As you drag the items from the shelf, the possible drop locations are highlighted. To implement your plan, you must:
Install the IP security cameras: From the Shelf, expand CCTV Cameras. Drag an IP Security Camera from the shelf to the highlighted circle inside the networking closet. Drag an IP Security Camera from the shelf to the highlighted circle just outside the networking closet. Install the smart card key readers: From the Shelf, expand Door Locks. Drag a smart card reader from the shelf to the highlighted location outside the building's front door. Drag a smart card reader from the shelf to the highlighted location outside the networking closet's door. Install the Restricted Access sign: From the Shelf, expand Restricted Access Signs. Drag the Restricted Access sign from the shelf to the networking closet door. Install the visitor log: From the Shelf, expand Visitor Logs. Drag the visitor log from the shelf to the lobby desk.
Which of the following best describes spyware?
It monitors the actions you take on your machine and sends the information back to its originating source.
Which of the following is the MOST important way to prevent console access to a network switch?
Keep the switch in a room that is locked by a keypad.
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.
Known test - The tester has detailed information about the target system prior to starting the test. Partially known test - The tester has the same amount of information that would be available to a typical insider in the organization. Unknown test - The tester has no prior knowledge of the target system. Single-blind test - Either the attacker has prior knowledge about the target system or the administrator knows that the test is being performed. Double-blind test - The tester does not have prior information about the system, and the administrator has no knowledge that the test is being performed.
Which of the following controls is an example of a physical access control method?
Locks on doors
John is using synonyms to replace words while keeping the meaning of the original phrase. Which form of plagiarism is he engaging in?
Mosaic
Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless antivirus software and the latest operating system patches have been installed. Which solution should you use?
NAC
Which of the following is a category of SaaS applications?
Office tools
Which of the following attack types consists of capturing packets as they travel from one host to another with the intent of altering the contents?
On-path
Match each social engineering description on the left with the appropriate attack type on the right.
Phishing - An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling- An attacker gathers personal information about the target individual, who is a CEO. Spear phishing - An attacker gathers personal information about the target individual in an organization. Dumpster diving - An attacker searches through an organization's trash for sensitive information. Piggybacking - An attacker enters a secure building by following an authorized employee through a secure door without providing identification. Vishing - An attacker uses a telephone to convince target individuals to reveal their credit card information.
A network utilizes a network access control (NAC) solution to defend against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?
Posture assessment
Which method should be used to search for an exact phrase?
Put the search terms in "quotes"
When analyzing assets, which analysis method assigns financial values to assets?
Quantitative
Which of the following is a disadvantage of a VoIP system?
Relies fully on a stable internet connection
As a sales associate at RMK Supplies, you have several new messages in your Outlook Inbox. Use the following instructions to respond to two messages with proper email etiquette: Respond to Gladys Grant's Project Proposal email:Reply to the sender and all other users who received the message.Enter the following text in the body of your reply:Meeting over lunch works well for me!Just below your reply, insert the My Name signature.After including all of the above information, send the email.
Respond to Gladys Grant's Project Proposal email In the Inbox message list, right-click the Project Proposal message and select Reply All. In the message body, on the top line, type: Meeting over lunch works well for me! Place the cursor at the end of your one-line reply and press Enter. On the Message tab, in the Include group, click Signature and select My Name. Click Send. Respond to Laticia Washington's Important HR Info email In the Inbox message list, select the Important HR Info message. In the Reading Pane, click the down arrow next to the file attachment and select Save As. In the Save Attachment dialog box, in the left folder pane, select Documents. Click Save. In the Inbox message list, right-click the Important HR Info message and select Reply. In the Cc... box, begin typing James Jordan, then either select the full name or press Enter. In the message body, on the top line, type: Hi Laticia, Thanks for the information! Will our FSA plan change? Ima Person Click Send.
Creating fake resources such as honeypots, honeynets, and tarpits fulfills which of the following main intrusion detection and prevention goals? (Select two.)
Reveals information about an attacker's methods and gathers evidence for identification or prosecution purposes. Offers attackers a target that occupies their time and attention while distracting them from valid resources.
What is the term for delivering an application over the internet called?
SaaS
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?
Security guards
Which of the following are examples of social engineering attacks? (Select two.)
Shoulder surfing Dumpster diving
Some IP-enabled devices are not considered IoT devices. Which of the following is considered an IoT device?
Smart door lock
Your network administrator is configuring settings so the switch shuts down a port when the max number of MAC addresses is reached. What is the network administrator taking countermeasures against?
Sniffing
What is the definition of any attack involving human interaction of some kind?
Social engineering
A router on the border of your network detects a packet with a source address from an internal client, but the packet was received on the internet-facing interface. Which attack form is this an example of?
Spoofing
Which type of activity changes or falsifies information in order to mislead or re-direct traffic?
Spoofing
Which of the following protocols are often added to other protocols to provide secure data transmission? (Select two.)
TLS SSL
Wikipedia is considered which of the following sources?
Tertiary
Which of the following are primary sources? (Select two.)
The United States Constitution Jane Austen's Pride and Prejudice
Which of the following is the MOST important skill an internet service technician can possess?
The ability to quickly troubleshoot and fix any issues that may arise from customers
What is a web designer responsible for?
The look and feel of a website
When you stream video, the server doesn't verify that your computer received the files correctly. It just sends a continuous stream of data. This type of transmission has advantages and disadvantages. What issue can this potentially cause?
The video may become glitchy.
You are the IT security administrator for a small corporate network. You believe a hacker has penetrated your network and is infiltrating it using ARP poisoning. In this lab, your task is to discover whether ARP poisoning is taking place as follows: Use Wireshark to capture packets on the enp2s0 interface for five seconds. Analyze the Wireshark packets to determine whether ARP poisoning is taking place. Use the 192.168.0.2 IP address to help make your determination. Answer the questions. Start Lab
Use Wireshark to capture packets on the enp2s0 interface for five seconds. From the Favorites bar, select Wireshark. Maximize the window for easier viewing. Under Capture, select enp2s0. Select the blue fin to begin a Wireshark capture. After capturing packets for five seconds, select the red box to stop the Wireshark capture. Analyze the Wireshark packets to determine whether ARP poisoning is taking place. In the Apply a display filter field, type arp and press Enter to only show ARP packets. In the Info column, look for lines containing the 192.168.0.2 IP address. From the top right, select Answer Questions. Answer the questions. Select Score Lab. 00:00:1B:11:22:33 00:00:1B:33:22:11
Five salespeople work out of your office. They frequently leave their laptops on the desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST way to address your concerns?
Use cable locks to chain the laptops to the desks.
Using sniffers has become one way for an attacker to view and gather network traffic. If an attacker overcomes your defenses and obtains network traffic, which of the following is the BEST countermeasure for securing the captured network traffic?
Use encryption for all sensitive traffic.
You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you need enter your username and password in a new website so you can manage your email and spam using the new service. What should you do?
Verify that the email was sent by the administrator and that this new service is legitimate.
Which of the following are considered private technologies? (Select two.)
Video conferencing Instant messaging
You want to be able to identify the services running on a set of servers on your network. Which tool would BEST give you the information you need?
Vulnerability scanner
What is the main difference between vulnerability scanning and penetration testing?
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
A senior executive reports that she received a suspicious email concerning a sensitive internal project that is behind production. The email was sent from someone she doesn't know, and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of attack BEST describes the scenario?
Whaling
Which of the following is a text file that a website stores on a client's hard drive to track and record information about the user?
cookie
Small files that a website saves on your computer to remember your preferences are called ______________.
cookies
Which of the following lines will initiate an Internet search from the address bar of a web browser?
microsoft gov