NWS Practical Test

A security intern is reviewing the corporate network topology diagrams before participating in a security review. Which network topology would commonly have a large number of wired desktop computers? cloud SOHO CAN data center

CAN

Which network type uses high-speed Nexus switches to connect an off-site facility to the corporate site? SOHO CAN Data Center Cloud

Data Center

A threat actor constructs IP packets that appear to come from a valid source within the corporate network. What type of attack is this? eavesdropping password-based MiTM IP address spoofing

IP address spoofing

The data plane is responsible for which of the following features? (Choose three.) routing protocol authentication blocking unwanted traffic or users logs and accounts for all access port security route processor traffic mitigating spoof attacks role-based access control password policy AutoSecure

blocking unwanted traffic or users port security mitigating spoof attacks

What name is given to an amateur hacker? script kiddie black hat red hat blue team

script kiddie

Which two characteristics describe a worm? (Choose two.) travels to new computers without any intervention or knowledge of the user is self-replicating hides in a dormant state until needed by an attacker executes when software is run on a computer infects computers by attaching to software code

travels to new computers without any intervention or knowledge of the user is self-replicating

What is an example of a local exploit? A threat actor tries to gain the user password of a remote host by using a keyboard capture software installed on it by a Trojan. A buffer overflow attack is launched against an online shopping website and causes the server crash. Port scanning is used to determine if the Telnet service is running on a remote server. A threat actor performs a brute force attack on an enterprise edge router to gain illegal access.

A threat actor tries to gain the user password of a remote host by using a keyboard capture software installed on it by a Trojan.

In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services? address spoofing session hijacking DoS MITM

DoS

What type of attack prevents the normal use of a computer or network by valid users? DoS password-based MiTM IP address spoofing

DoS

Which statement accurately characterizes the evolution of threats to network security? Internal threats can cause even greater damage than external threats. Threats have become less sophisticated while the technical knowledge needed by an attacker has grown. Early Internet users often engaged in activities that would harm other users. Internet architects planned for network security from the beginning.

Internal threats can cause even greater damage than external threats.

Which network type includes a consumer grade router with basic security features to protect inside assets from outside attackers?' SOHO CAN WAN Cloud

SOHO

In what way are zombies used in security attacks? They probe a group of machines for open ports to learn which services are running. They target specific individuals to gain corporate or personal information. They are maliciously formed code segments used to replace legitimate applications. They are infected machines that carry out a DDoS attack.

They are infected machines that carry out a DDoS attack.

Which security technology is commonly used by a teleworker when accessing resources on the main corporate office network? IPS VPN SecureX biometric access

VPN

In the video that describes the anatomy of an attack, a threat actor was able to gain access through a network device, download data, and destroy it. Which flaw allowed the threat actor to do this? a flat network with no subnets or VLANs open ports on the firewall improper physical security to gain access to the building lack of a strong password policy

a flat network with no subnets or VLANs

What is the weakest link in network security? reconnaissance access DoS social engineering

access

What type of attack is tailgating? reconnaissance access DoS social engineering

social engineering

What is hyperjacking? adding outdated security software to a virtual machine to gain access to a data center server overclocking the mesh network which connects the data center servers using processors from multiple computers to increase data processing power taking over a virtual machine hypervisor as part of a data center attack

taking over a virtual machine hypervisor as part of a data center attack

Why would a rootkit be used by a hacker? to gain access to a device without being detected to reverse engineer binary files to do reconnaissance to try to guess a password

to gain access to a device without being detected

Which statement describes the term attack surface? It is the network interface where attacks originate. It is the group of hosts that experiences the same attack. It is the total sum of vulnerabilities in a system that is accessible to an attacker. It is the total number of attacks toward an organization within a day.

It is the total sum of vulnerabilities in a system that is accessible to an attacker.

Which technology is used to secure, monitor, and manage mobile devices? MDM VPN rootkit ASA firewall

MDM

Threat actors have positioned themselves between a source and destination to monitor, capture, and control communications without the knowledge of network users. What type of attack is this? MiTM eavesdropping DoS IP address spoofing

MiTM

Which two statements describe access attacks? (Choose two.) Trust exploitation attacks often involve the use of a laptop to act as a rogue access point to capture and copy all network traffic in a public location, such as a wireless hotspot. Password attacks can be implemented by the use of brute-force attack methods, Trojan horses, or packet sniffers. Port redirection attacks use a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN. Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or to exploit systems to execute malicious code. To detect listening services, port scanning attacks scan a range of TCP or UDP port numbers on a host.

Password attacks can be implemented by the use of brute-force attack methods, Trojan horses, or packet sniffers. Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or to exploit systems to execute malicious code.

What type of malware typically displays annoying pop-ups to generate revenue for its author? adware ransomware scareware phishing

adware

Which resource is affected due to weak security settings for a device owned by the company, but housed in another location? removable media cloud storage device social networking hard copy

cloud storage device

A threat actor has gained access to encryption keys that will permit them to read confidential information. What type of attack is this? eavesdropping man-in-the-middle password-based compromised key

compromised key

Which security measure is typically found both inside and outside a data center facility? exit sensors security traps a gate biometrics access continuous video surveillance

continuous video surveillance

Which NFP plane uses CoPP? control plane management plane data plane

control plane

When considering network security, what is the most valuable asset of an organization? data personnel customers financial resources

data

Which type of network commonly makes use of redundant air conditioning and a security trap? data center cloud CAN WAN

data center

In what type of attack can threat actors change the data in packets without the knowledge of the sender or receiver? eavesdropping denial of service data modification IP address spoofing

data modification

Which NFP plane is responsible for applying access control lists (ACLs)? control plane management plane data plane

data plane

In what type of attack does a threat attacker attach to the network and read communications from network users? data modification eavesdropping denial of service password-based

eavesdropping

The management plane is responsible for which of the following features? (Choose three.) routing protocol authentication blocking unwanted traffic or users logs and accounts for all access port security route processor traffic mitigating spoof attacks role-based access control password policy AutoSecure

logs and accounts for all access password policy AutoSecure

Which NFP plane would typically use out-of-band (OOB) access? control plane management plane data plane

management plane

Hackers have gained access to account information and can now login into a system with the same rights as authorized users. What type of attack is this? compromised key password-based DoS social engineering

password-based

What is the weakest link in network security? routers people TCP/IP social engineering

people

What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source? phishing backdoor vishing Trojan

phishing

What type of malware attempts to convince people to divulge their personally identifable information (PII)? phishing rootkit ransomware trojan horse

phishing

Which evasion method describes the situation that after gaining access to the administrator password on a compromised host, a threat actor is attempting to login to another host using the same credentials? traffic substitution pivoting resource exhaustion protocol-level misinterpretation

pivoting

What type of malware encrypts all data on a drive and demands payment in Bitcoin cryptocurrence to unencrypt the files? phishing scareware ransomware virus

ransomware

What type of attack is port scanning? reconnaissance access DoS social engineering

reconnaissance

Which risk management plan involves discontinuing an activity that creates a risk? risk reduction risk avoidance risk retention risk sharing

risk avoidance

The control plane is responsible for which of the following features? (Choose three.) routing protocol authentication blocking unwanted traffic or users logs and accounts for all access port security route processor traffic mitigating spoof attacks role-based access control password policy AutoSecure

routing protocol authentication route processor traffic AutoSecure

A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent? spam social engineering DDoS anonymous keylogging

social engineering

What type of malware executes arbitrary code and installs copies of itself in the memory of the infected computer? The main purpose of this malware is to automatically replicate from system to system across the network. trojan horse adware ransomware worm

worm