Practice Final Exam

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Based on the command output shown, which file permission or permissions have been assigned to the other user group for the data.txt file?

-rwxrw-r-- sales staff 1028 May 28 15:50 data.txt read only

What is the prefix length notation for the subnet mask 255.255.255.224?

27

Which three algorithms are designed to generate and verify digital signatures? (Choose three.)

3DES DSA ECDSA

After complaints from users, a technician identifies that the college web server is running very slowly. A check of the server reveals that there are an unusually large number of TCP requests coming from multiple locations on the Internet. What is the source of the problem?

A DDoS attack is in progress.

What is the goal of an attack in the installation phase of the Cyber Kill Chain?

Create a back door in the target system to allow for future access.

An attacker is redirecting traffic to a false default gateway in an attempt to intercept the data traffic of a switched network. What type of attack could achieve this?

DHCP spoofing

How is the event ID assigned in Sguil?

Each event in the series of correlated events is assigned a unique ID.

What are two differences between HTTP and HTTP/2? (Choose two.)

HTTP/2 uses a compressed header to reduce bandwidth requirements. HTTP/2 uses multiplexing to support multiple streams and enhance efficiency

What kind of ICMP message can be used by threat actors to perform network reconnaissance and scanning attacks?

ICMP unreachable

Why is DHCP preferred for use on large networks?

It is a more efficient way to manage IP addresses than static address assignment.

Which two actions can be taken when configuring Windows Firewall? (Choose two.)

Manually open ports that are required for specific applications. Allow a different software firewall to control access.

What is indicated by a true negative security alert classification?

Normal traffic is correctly ignored, and erroneous alerts are not being issued.

Which two statements describe access attacks? (Choose two.)

Password attacks can be implemented by the use of brute-force attack methods, Trojan horses, or packet sniffers Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or to exploit systems to execute malicious code.

Which two types of network traffic are from protocols that generate a lot of routine traffic? (Choose two.)

STP traffic and routing traffic updates

A flood of packets with invalid source IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of attack has occurred?

TCP SYN flood

Which two protocols are associated with the transport layer? (Choose two.)

TCP and UDP

What are two problems that can be caused by a large number of ARP request and reply messages? (Choose two.)

The ARP request is sent as a broadcast, and will flood the entire subnet. All ARP request messages must be processed by all nodes on the local network.

If the default gateway is configured incorrectly on the host, what is the impact on communications?

The host is unable to communicate with hosts on remote networks.

Which statement describes a typical security policy for a DMZ firewall configuration?

Traffic that originates from the DMZ interface is selectively permitted to the outside interface.

When a connectionless protocol is in use at a lower layer of the OSI model, how is missing data detected and retransmitted if necessary?

Upper-layer connection-oriented protocols keep track of the data received and can request retransmission from the upper-level protocols on the sending host.

Which network monitoring tool saves captured network frames in PCAP files?

Wireshark

What three services are offered by FireEye? (Choose three.)

blocks attacks across the web creates firewall rules dynamically identifies and stops email threat vectors

what are two shared characteristics of IDS and IPS

both are deployed as sensors, and both use signatures to detect malicious network traffic

In an attempt to prevent network attacks, cyber analysts share unique identifiable attributes of known attacks with colleagues. What three types of attributes or indicators of compromise are helpful to share? (Choose three.)

changes made to end system software features of malware files IP addresses of attack servers

What are the three impact metrics contained in the CVSS 3.0 Base Metric Group? (Choose three.)

confidentiality integrity availability

Which type of evidence supports an assertion based on previously obtained evidence?

corroborating evidence

A network security specialist is tasked to implement a security measure that monitors the status of critical files in the data center and sends an immediate alert if any file is modified. Which aspect of secure communications is addressed by this security measure?

data integrity

What are the two important components of a public key infrastructure (PKI) used in network security? (Choose two.)

digital certificates and certificate authority

A network administrator is configuring an AAA server to manage TACACS+ authentication. What are two attributes of TACACS+ authentication? (Choose two.)

encryption for all communication and separate processes for authentication and authorization

What are two elements that form the PRI value in a syslog message? (Choose two.)

facility and severity

Which section of a security policy is used to specify that only authorized individuals should have access to enterprise data?

identification and authentication policy

Which two types of messages are used in place of ARP for address resolution in IPv6? (Choose two.)

neighbor solicitation neighbor advertisement

Which protocol is used by the traceroute command to send and receive echo-requests and echo-replies?

neighbor solicitation and router advertisement

At which OSI layer is a source IP address added to a PDU during the encapsulation process?

network layer

Users report that a database file on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?

ransomeware

What is the TCP mechanism used in congestion avoidance

sliding window

What is the TCP mechanism used in congestion avoidance?

sliding window

which three pieces of information are found in session data

source and destination port number source and destination IP address Layer 4 protocol

What are two monitoring tools that capture network traffic and forward it to network monitoring devices? (Choose two.)

span and network tap

A network administrator is creating a network profile to generate a network baseline. What is included in the critical asset address space element?

the IP addresses or the logical location of essential systems or data

What are three benefits of using symbolic links over hard links in Linux? (Choose three.)

they can link to a directory they can link to a file in a different file system they can show the location of the original file

Which statement describes the state of the administrator and guest accounts after a user installs Windows desktop version to a new computer?

to check if the DNS service is running

What is the most common goal of search engine optimization (SEO) poisoning?

to increase web traffic to malicious sites

Which network monitoring tool is in the category of network protocol analyzers?

wireshark


संबंधित स्टडी सेट्स

Chapter 8 Financial Accounting Quiz

View Set

Lesson 9: Supporting Print Devices

View Set

Personal Finance: chapter 8 pt.2

View Set

Chapter 10: Occupational Safety and Health

View Set

Safety: Nursing Care of the Perioperative Patient

View Set