Сетевая безопасность и защита инф
154. Which statement is true about Cisco IOS ping indicators?
'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.
22. Which statement is true about Cisco IOS ping indicators?
'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.
203.Refer to the exhibit. A corporate network is using NTP to synchronize the time across devices. What can be determined from the displayed output?
) Router03 is a stratum 2 device that can provide NTP service to other devices in the network.
196. Refer to the exhibit. A network administrator is configuring AAA implementation on an ASA device. What does the option link3 indicate?
) the interface name
151. The bit depth of 3DES is:
112 bits;
252. The bit depth of 3DES is:
112 bits;
227.What year and where was the SHA algorithm developed?
1993 in the USA
78. A network administrator is required to upgrade wireless access to end users in a building. To provide data rates up to 1.3 Gb/s and still be backward compatible with older devices, which wireless standard should be implemented?
802.11ac
105. Which access control component, implementation, or protocol is based on device roles of supplicant, authenticator, and authentication server?
802.1X
132. Which access control component, implementation, or protocol restricts LAN access through publicly accessible switch ports?
802.1X
265. Honeypot ...?
A resource that is bait for intruders
201.What is a characteristic of a role-based CLI view of router configuration?
A single CLI view can be shared within multiple superviews.
204.When describing malware, what is a difference between a virus and a worm?
A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.
198.What is needed to allow specific traffic that is sourced on the outside network of an ASA firewall to reach an internal network?
ACL
128. Which access control component, implementation, or protocol audits what users actions are performed on the network?
Accounting
197.What provides both secure segmentation and threat defense in a Secure Data Center solution?
Adaptive Security Appliance
80. On a Cisco 3504 WLC dashboard, which option provides access to the full menu of features?
Advanced
202.What is a limitation to using OOB management on a large enterprise network?
All devices appear to be attached to a single management network.
262. Acunetix is ...?
An American company has on the market since 2004
263. Forcepoint ...?
An American multinational software development corporation, headquartered in Austin, Texas USA
213.What is the main difference between the implementation of IDS and IPS devices?
An IDS can negatively impact the packet flow, whereas an IPS can not.
296.What is the main difference between the implementation of IDS and IPS devices?
An IDS can negatively impact the packet flow, whereas an IPS can not.
92. What is the function provided by CAPWAP protocol in a corporate wireless network?
CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller.
240.The type of anti-virus programs based on the calculation of checksums for the system sector files present on the disk:
CRC scanner
79. A technician is about to install and configure a wireless network at a small branch office. What is the first security measure the technician should apply immediately upon powering up the wireless router?
Change the default user-name and password of the wireless router
98. What is an advantage of SSID cloaking?
Clients will have to manually identify the SSID to connect to the network.
274. Specter is?
Commercial low-level honeypot for Windows OS. Emulates 13 different operating systems
81. Which step is required before creating a new WLAN on a Cisco 3500 series WLC?
Create a new VLAN interface.
165. Which network service automatically assigns IP addresses to devices on the network?
DHCP
170.Which network service automatically assigns IP addresses to devices on the network?
DHCP
34. Which network service automatically assigns IP addresses to devices on the network?
DHCP
94. Which network service automatically assigns IP addresses to devices on the network?
DHCP
62. Which Layer 2 attack will result in legitimate users not getting valid IP addresses?
DHCP starvation
226.The SHA encryption algorithm is intended to be used in conjunction with the digital signature algorithm?
DSA
66. What represents a best practice concerning discovery protocols such as CDP and LLDP on network devices?
Disable both protocols on all interfaces where they are not required.
211.What is the best way to prevent a VLAN hopping attack?
Disable trunk negotiation for trunk ports and statically set nontrunk ports as access ports.
294.What is the best way to prevent a VLAN hopping attack?
Disable trunk negotiation for trunk ports and statically set nontrunk ports as access ports.
169. What is considered the most effective way to mitigate a worm attack?
Download security updates from the operating system vendor and patch all vulnerable systems.
38. What is considered the most effective way to mitigate a worm attack?
Download security updates from the operating system vendor and patch all vulnerable systems.
269. HoneyWeb is ...?
Emulates types of web services
63. What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow?
Enable port security.
163. By following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?
Establish a theory of probable causes.
31. By following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?
Establish a theory of probable causes.
239.DES and GOST 28147-89 are based on an encryption scheme?
Feistel network
37. When configuring SSH on a router to implement secure network management, a network engineer has issued the login local and transport input ssh line vty commands. What additional configuration action have to be performed to complete the SSH configuration?
Generate the asymmetric RSA keys.
231.To "compress" an arbitrary message, used for...?
Hash functions
271. What is the BackOfficer Friendly system?
Honeypot for Windows OS, can be used as HIPS
287. HIDS defines:
Host-based intrusion detection systems
228.You receive an e-mail from your bank with a request to confirm your last purchases within a week by going to the corresponding page of the bank's website. Your actions?
I will be vigilant - I will clarify the authenticity of the letter in the bank, I will not click on any links in the letter and I will check my account by manually typing the desired address in the address bar of the browser
152. Which method is used to send a ping message specifying the source address for the ping?
Issue the ping command without specifying a destination IP address.
20. Which method is used to send a ping message specifying the source address for the ping?
Issue the ping command without specifying a destination IP address.
126. A network administrator is configuring DAI on a switch with the command iparp inspection validate src-mac . What is the purpose of this configuration command?
It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.
71. A network administrator is configuring DAI on a switch with the command iparp inspection validate src-mac. What is the purpose of this configuration command?
It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.
156. A network technician issues the C:\>tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?
It forces the trace to use IPv6.
24. A network technician issues the C:\>tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?
It forces the trace to use IPv6.
264. GFI LanGuard ...?
It is a cybersecurity tool for using the continuously monitor networks, search for vulnerabilities and apply patches where possible
260. OSSEC is ...?
It is an open source cybersecurity tool for detecting network intrusions
258. Argus is...?
It is an open source cybersecurity tool, one of the most widely system for network traffic analysis
176. An administrator decides to use "5$7*4#033!" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it contains 10 numbers and special characters.
43. An administrator decides to use "5$7*4#033!" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it contains 10 numbers and special characters.
175. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a minimum of 10 numbers, letters and special characters.
177. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a minimum of 10 numbers, letters and special characters.
42. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a minimum of 10 numbers, letters and special characters.
44. An administrator decides to use "pR3s!d7n&0" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a minimum of 10 numbers, letters and special characters.
174. An administrator decides to use "WhatAreyouwaiting4" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a passphrase.
41. An administrator decides to use "WhatAreyouwaiting4" as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a passphrase.
83. A network administrator is configuring a RADIUS server connection on a Cisco 3500 series WLC. The configuration requires a shared secret password. What is the purpose for the shared secret password?
It is used to encrypt the messages between the WLC and the RADIUS server.
181. An administrator decides to use "password" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it is a commonly used password.
48. An administrator decides to use "password" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it is a commonly used password.
179. An administrator decides to use "admin" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it is often the default password on new devices.
46. An administrator decides to use "admin" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it is often the default password on new devices.
178. An administrator decides to use "12345678!" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses a series of numbers or letters.
45. An administrator decides to use "12345678!" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses a series of numbers or letters.
180. An administrator decides to use "Feb121978" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses easily found personal information.
183. An administrator decides to use "Elizabeth" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses easily found personal information.
47. An administrator decides to use "Feb121978" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses easily found personal information.
50. An administrator decides to use "Elizabeth" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses easily found personal information.
182. An administrator decides to use "RobErT" as the password on a newly installed router. Which statement applies to the password choice?
It is weak since it uses easily found personal information.
49. An administrator decides to use "RobErT" as the password on a newly installed router. Which statement applies to the password choice?
It is weak since it uses easily found personal information.
68. Which statement describes the behavior of a switch when the MAC address table is full?
It treats frames as unknown unicast and floods all incoming frames to all ports within the local VLAN.
199.Which statement describes a characteristic of the IKE protocol?
It uses UDP port 500 to exchange IKE information between the security gateways.
93. What is the result of a DHCP starvation attack?
Legitimate clients are unable to lease IP addresses.
223. How does a Caesar cipher work on a message?
Letters of the message are replaced by another letter that is a set number of places away in the alphabet.
278. The main risks of information security are:
Loss, distortion, leakage of information
272. Honeyd is?
Low-level honeypot for Linux, capable of emulating hundreds of OS
110. A network administrator is working to improve WLAN performance on a dual-band wireless router. What is a simple way to achieve a split-the-traffic result?
Make sure that different SSIDs are used for the 2.4 GHz and 5 GHz bands.
103. A network administrator deploys a wireless router in a small law firm. Employee laptops join the WLAN and receive IP addresses in the 10.0.10.0/24 network. Which service is used on the wireless router to allow the employee laptops to access the internet?
NAT
267. Honeynet is ...?
Network from honeypot
206.Consider the access list command applied outbound on a router serial interface.
No traffic will be allowed outbound on the serial interface.
289.Consider the access list command applied outbound on a router serial interface.
No traffic will be allowed outbound on the serial interface.
23. A user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?
Nothing can be determined for sure at this point
155. A user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?
Nothing can be determined for sure at this point.
208.What technology has a function of using trusted third-party protocols to issue credentials that are accepted as an authoritative identity?
PKI certificates
291.What technology has a function of using trusted third-party protocols to issue credentials that are accepted as an authoritative identity?
PKI certificates
259. Nagios is ...?
Provides security experts with the ability to monitor networks, connected hosts and systems in real time
104. Which service can be used on a wireless router to prioritize network traffic among different types of applications so that voice and video data are prioritized over email and web data?
QoS
87.A network administrator of a college is configuring the WLAN user authentication process. Wireless users are required to enter username and password credentials that will be verified by a server. Which server would provide such service?
RADIUS
215. What function is provided by the RADIUS protocol?
RADIUS provides separate ports for authorization and accounting.
298. What function is provided by the RADIUS protocol?
RADIUS provides separate ports for authorization and accounting.
135. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
RouterA(config) # login block-for 30 attempts 2 within 10
2. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
RouterA(config) # login block-for 30 attempts 2 within 10
72. Which command can be used to enable BPDU guard on a switch?
S1(config) # spanning-tree portfastbpduguard default
253.An algorithm for use in conjunction with the DSA digital signature algorithm:
SHA
221. What network security testing tool has the ability to provide details on the source of suspicious network activity?
SIEM
102. Which protocol can be used to monitor the network?
SNMP
173. A technician is to document the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would be best to use to securely access the network devices?
SSH
40. A technician is to document the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would be best to use to securely access the network devices?
SSH
67. Which protocol should be used to mitigate the vulnerability of using Telnet to remotely manage network devices?
SSH
85.Which protocol should be used to mitigate the vulnerability of using Telnet to remotely manage network devices?
SSH
13. What is the advantage of using SSH over Telnet?
SSH provides secure communications to access hosts.
133. What is the advantage of using SSH over Telnet?
SSH provides secure communications to access hosts.
146. What is the advantage of using SSH over Telnet?
SSH provides secure communications to access hosts.
101. A company has recently implemented an 802.11n wireless network. Some users are complaining that the wireless network is too slow. Which solution is the best method to enhance the performance of the wireless network?
Split the traffic between the 2.4 GHz and 5 GHz frequency bands.
90. A technician is troubleshooting a slow WLAN that consists of 802.11b and 802.11g devices . A new 802.11n/ac dual-band router has been deployed on the network to replace the old 802.11g router. What can the technician do to address the slow wireless speed?
Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.
82. A network engineer is troubleshooting a newly deployed wireless network that is using the latest 802.11 standards. When users access high bandwidth services such as streaming video, the wireless network performance is poor. To improve performance the network engineer decides to configure a 5 Ghz frequency band SSID and train users to use that SSID for streaming media services. Why might this solution improve the wireless network performance for that type of service?
The 5 GHz band has more channels and is less crowded than the 2.4 GHz band, which makes it more suited to streaming multimedia.
33. An employee complains that a Windows PC cannot connect to the Internet. A network technician issues the ipconfig command on the PC and is shown an IP address of 169.254.10.3. Which conclusion can be drawn?
The PC cannot contact a DHCP server.
261. Snort is ...?
The application is an open source network intrusion detection and prevention system tool
158. A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?
The network administrator wants to verify Layer 2 connectivity.
26. A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?
The network administrator wants to verify Layer 2 connectivity.
268. The main problems of the Honeypot funds are:
The possibility of disclosure of the Honeypot
217.How does a firewall handle traffic when it is originating from the private network and traveling to the DMZ network?
The traffic is selectively permitted and inspected.
300.How does a firewall handle traffic when it is originating from the private network and traveling to the DMZ network?
The traffic is selectively permitted and inspected.
270. Deception Toolkit is ...?
The very first open-source honeypot
266. Padded Cell ...?
This is a kind of "sandbox" type bait
195. Which statement describes a difference between the Cisco ASA IOS CLI feature and the router IOS CLI feature?
To use a show command in a general configuration mode, ASA can use the command directly whereas a router will need to enter the do command before issuing the show command.
172. Which statement describes the ping and tracert commands?
Tracert shows each hop, while ping shows a destination reply only.
39. Which statement describes the ping and tracert commands?
Tracert shows each hop, while ping shows a destination reply only.
219. What network testing tool would an administrator use to assess and validate system configurations against security policies and compliance standards?
Tripwire
194. What is a characteristic of UDP?
UDP reassembles the received datagrams in the order they were received.
61. What is a characteristic of UDP?
UDP reassembles the received datagrams in the order they were received.
222. How do modern cryptographers defend against brute-force attacks?
Use a keyspace large enough that it takes too much money and too much time to conduct a successful attack.
167. Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?
VLAN double-tagging
70. Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?
VLAN double-tagging
113. On a Cisco 3504 WLC Summary page ( Advanced> Summary ) , which tab allows a network administrator to access and configure a WLAN for a specific security option such as WPA2?
WLANs
64. Which Cisco product focus on endpoint security solutions?
Web Security Appliance
139. What is the difference between a virus and a worm?
Worms self-replicate but viruses do not.
6. What is the difference between a virus and a worm?
Worms self-replicate but viruses do not.
209.Which protocol is an IETF standard that defines the PKI digital certificate format?
X.509
292.Which protocol is an IETF standard that defines the PKI digital certificate format?
X.509
286. A sniffer is:
a program or device for intercepting and analyzing network traffic
243. A keylogger is
a program that uses the technique of injecting into the kernel of the operating system to hide the presence in the system and intercepts all keystrokes
283. DoS attack is:
a set of malicious actions aimed at blocking or slowing down the operation of individual services or an entire information system
91. The company handbook states that employees cannot have microwave ovens in their offices. Instead, all employees must use the microwave ovens located in the employee cafeteria. What wireless security risk is the company trying to avoid?
accidental interference
116. Which access control component, implementation, or protocol logs EXEC and configuration commands configured by a user?
accounting
127. Which access control component, implementation, or protocol collects and reports usage data?
accounting
96. Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources?
accounting
77. While attending a conference, participants are using laptops for network connectivity. When a guest speaker attempts to connect to the network, the laptop fails to display any available wireless networks. The access point must be operating in which mode?
active
279. The SSH key is:
an application-level network protocol that allows remote control of the operating system and tunneling of TCP connections
277. Password attacks are:
an attempt to select the password of a legal user to log in to the network
153. A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?
an increase in host-to-host ping response times
21. A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?
an increase in host-to-host ping response times
118. Which access control component, implementation, or protocol controls who is permitted to access a network?
authentication
131. Which access control component, implementation, or protocol is implemented either locally or as a server-based solution?
authentication
84. Which access control component, implementation, or protocol is based upon usernames and passwords?
authentication
254. Determination by an authorized recipient (receiver) of the fact that a received message was sent by an authorized sender (transmitter) is called:
authentication;
108. Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform?
authorization
111. Which access control component, implementation, or protocol controls what users can do on the network?
authorization
124. Which access control component, implementation, or protocol indicates success or failure of a client-requested service with a PASS or FAIL message?
authorization
99. Which access control component, implementation, or protocol controls what users can do on the network?
authorization
74. Which type of management frame may regularly be broadcast by an AP?
beacon
229.Select the type of anti-virus programs that intercept "virus-dangerous" situations and inform the user about it...?
blocker
276. Honeypot technologies provide analysts with some advantages. What are they?
collecting meaningful information
282. Honeypot technologies provide analysts with some advantages. What are they?
collecting meaningful information
275. Meaning of the wordHoneypot Manager?
commercial honeypot. Emulates a server with an Oracle DBMS installed.
36. On which interface or port can security be improved by configuring executive timeouts?
console ports
187. A student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the task?
copy running-config startup-config
54. A student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the task?
copy running-config startup-config
236.The science of mathematical methods of ensuring confidentiality and authenticity, integrity and authenticity of information authorship.
cryptography
250. The science of ensuring the secrecy and / or authenticity (authenticity) of transmitted messages:
cryptography;
149. What is an accurate description of redundancy?
designing a network to use multiple paths between switches to ensure there is no single point of failure
16. What is an accurate description of redundancy?
designing a network to use multiple paths between switches to ensure there is no single point of failure
14. What is the role of an IPS?
detecting and blocking of attacks in real time
147. What is the role of an IPS?
detecting and blocking of attacks in real time
281. Man-in-the-Middle is:
direct access to packets transmitted over the network
100. What is a wireless security mode that requires a RADIUS server to authenticate wireless users?
enterprise
244. The RSA algorithm is based on an intractable problem
factorization of numbers
1. Which component is designed to protect against unauthorized communications to and from a computer?
firewall
134. Which component is designed to protect against unauthorized communications to and from a computer?
firewall
88.Which component is designed to protect against unauthorized communications to and from a computer?
firewall
248. What is Kerberos used for?
for symmetric authentication;
247. Origin of the term "cryptography":
from the word "secret writing";
284. The main disadvantages of authentication using smart cards:
high price
285. The main advantages and disadvantages of biometric authentication:
high reliability
255.Establishing the authenticity of an object or subject by the identifier presented by him
identification
232.To protect the encrypted communication system from the imposition of false data?
imitoprotection
241.The kind of backup that takes less time?
incremental
121. Which wireless network topology would be used by network engineers to provide a wireless network for an entire college building?
infrastructure
220. What type of network security test can detect and report changes made to network systems?
integrity checking
210.A network administrator is configuring DAI on a switch. Which command should be used on the uplink interface that connects to a router?
iparp inspection trust
293.A network administrator is configuring DAI on a switch. Which command should be used on the uplink interface that connects to a router?
iparp inspection trust
186. A user wants to know the IP address of the PC. What is the best command to use to accomplish the task?
ipconfig
190. A teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?
ipconfig
53. A user wants to know the IP address of the PC. What is the best command to use to accomplish the task?
ipconfig
57. A teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?
ipconfig
188. A support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to use to accomplish the task?
ipconfiggetifaddr en0
55. A support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to use to accomplish the task?
ipconfiggetifaddr en0
207.Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so that the router filters traffic prior to accessing the routing table?
ipv6 traffic-filter ENG_ACL in
290.Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so that the router filters traffic prior to accessing the routing table?
ipv6 traffic-filter ENG_ACL in
230.Select the password that most closely matches the requirements of the standard from the list.
l # derk!
148. A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?
layered
15. A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?
layered
65. Which authentication method stores usernames and passwords in the router and is ideal for small networks?
local AAA
11. When applied to a router, which command would help mitigate brute-force password attacks against the router?
login block-for 60 attempts 5 within 60
144. When applied to a router, which command would help mitigate brute-force password attacks against the router?
login block-for 60 attempts 5 within 60
12. What feature of SSH makes it more secure than Telnet for a device management connection?
login information and data encryption
145. What feature of SSH makes it more secure than Telnet for a device management connection?
login information and data encryption
138. Which example of malicious code would be classified as a Trojan horse?
malware that was written to look like a video game
5. Which example of malicious code would be classified as a Trojan horse?
malware that was written to look like a video game
140. Which attack involves a compromise of data that occurs between two end points?
man-in-the-middle attack
7. Which attack involves a compromise of data that occurs between two end points?
man-in-the-middle attack
171. The imitation of the message is?
masking
235. The imitation of the message is?
masking
256.Security mechanisms for information processed in distributed computing systems and networks
network security services
164. Users are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?
nslookup
19. An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?
nslookup
192. An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?
nslookup
32. Users are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?
nslookup
59. An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?
nslookup
114. What type of wireless antenna is best suited for providing coverage in large open spaces, such as hallways or large conference rooms?
omnidirectional
273. Bubblegum Proxypot is?
open-source honeypot, used to combat spammers
246. Difficult to detect viruses that do not have signatures, do not contain a single constant piece of code - these are
polymorphic viruses
115. What security benefit is gained from enabling BPDU guard on PortFast enabled interfaces?
preventing rogue switches from being added to the network
120.Which command raises the privilege level of the ping command to 7?
privilege exec level 7 ping
200.Which command raises the privilege level of the ping command to 7?
privilege exec level 7 ping
109. A network administrator is configuring port security on a Cisco switch. The company security policy specifies that when a violation occurs, packets with unknown source addresses should be dropped and no notification should be sent. Which violation mode should be configured on the interfaces?
protect
75. What is the method that used by a wireless NIC to discover an AP?
receiving a broadcast beacon frame
141. Which type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?
reconnaissance
8. Which type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?
reconnaissance
137. What type of attack may involve the use of tools such as nslookup and fping?
reconnaissance attack
4. What type of attack may involve the use of tools such as nslookup and fping?
reconnaissance attack
251. Replacement of characters from plain text with corresponding characters of the cryptotext alphabet is called:
replacement cipher;
205. Which type of packet is unable to be filtered by an outbound ACL?
router-generated packet
288. Which type of packet is unable to be filtered by an outbound ACL?
router-generated packet
129. Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?
self zone
216.Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?
self zone
299.Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?
self zone
159. A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?
show cdp neighbors detail
185. Students who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to use to accomplish the task?
show interfaces
52. Students who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to use to accomplish the task?
show interfaces
168. Which command can an administrator execute to determine what interface a router will use to reach remote networks?
show ip route
189. A network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to accomplish the task?
show ipv6 interface
56. A network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to accomplish the task?
show ipv6 interface
191. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?
show running-config
193. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?
show running-config
58. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?
show running-config
60. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?
show running-config
27. A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?
showcdp neighbors detail
184. A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?
showip interface brief
51. A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?
showip interface brief
35. Which command can an administrator execute to determine what interface a router will use to reach remote networks?
showip route
89. Which command can an administrator execute to determine what interface a router will use to reach remote networks?
showip route
97. An IT security specialist enables port security on a switch port of a Cisco switch. What is the default violation mode in use until the switch port is configured to use a different violation mode?
shutdown
212.What would be the primary reason an attacker would launch a MAC address overflow attack?
so that the switch stops forwarding traffic
295.What would be the primary reason an attacker would launch a MAC address overflow attack?
so that the switch stops forwarding traffic
245. The main types of viruses
software, boot, macro viruses
10. Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?
stateful packet inspection
143. Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?
stateful packet inspection
218.Which type of firewall is supported by most routers and is the easiest to implement?
stateless firewall
73. As part of the new security policy, all switches on the network are configured to automatically learn MAC addresses for each port. All running configurations are saved at the start and close of every business day. A severe thunderstorm causes an extended power outage several hours after the close of business. When the switches are brought back online, the dynamically learned MAC addresses are retained. Which port security configuration enabled this?
sticky secure MAC addresses
161. Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?
terminal monitor
162. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?
terminal monitor
166. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?
terminal monitor
29. Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?
terminal monitor
30. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?
terminal monitor
107. Which feature on a switch makes it vulnerable to VLAN hopping attacks?
the automatic trunking port feature enabled for all ports by default
69. What device is considered a supplicant during the 802.1X authentication process?
the client that is requesting authentication
95. Which feature or configuration on a switch makes it vulnerable to VLAN double-tagging attacks?
the native VLAN of the trunking port being
257.Digital certificate contains:
the private key of the certification authority
280. Security is:
the state of protection from external and internal threats
160. What information about a Cisco router can be verified using the show version command?
the value of the configuration register
28. What information about a Cisco router can be verified using the show version command?
the value of the configuration register
249. What is MDC Data Manipulation Detection Code?
there is the result of the action of the hash function;
76. A technician is configuring the channel on a wireless router to either 1, 6, or 11. What is the purpose of adjusting the channel?
to avoid interference from nearby wireless devices
150. What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?
to document and analyze network traffic requirements on each network segment
18. What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?
to document and analyze network traffic requirements on each network segment
225.Security updates are required -?
to eliminate detected defects in operating systems
157. Why would a network administrator use the tracert utility?
to identify where a packet was lost or delayed on a network
25. Why would a network administrator use the tracert utility?
to identify where a packet was lost or delayed on a network
136. What is the purpose of the network security accounting function?
to keep track of the actions of a user
3. What is the purpose of the network security accounting function?
to keep track of the actions of a user
233.What is the Diffie-Hellman algorithm used for?
to obtain a shared secret key when communicating via an unsecured communication channel
142. What is the purpose of the network security authentication function?
to require users to prove who they are
9. What is the purpose of the network security authentication function?
to require users to prove who they are
234 Identification and Authentication Applied?
to restrict access of random and illegal subjects to the information system
224.Virus masks are used for ...?
to search for known viruses
238.The electronic signature is encrypted?
using a special program, two keys are created: private and public
17. A network administrator is upgrading a small business network to give high priority to real-time applications traffic. What two type of network service is the network administrator trying to accommodate?
voice
123. Which type of wireless network is suitable for use in a home or office?
wireless local-area network
86. Which type of wireless network is based on the 802.11 standard and a 2.4-GHz or 5-GHz radio frequency?
wireless local-area network
112. Which type of wireless network is suitable for providing wireless access to a city or district?
wireless metropolitan-area network
122. Which type of wireless network uses transmitters to provide wireless service over a large urban region?
wireless metropolitan-area network
125. Which type of wireless network often makes use of devices mounted on buildings?
wireless metropolitan-area network
119.Which type of wireless network uses low powered transmitters for a short-range network, usually 20 to 30 ft. (6 to 9 meters) ?
wireless personal-area network
130. Which type of wireless network commonly uses Bluetooth or ZigBee devices?
wireless personal-area network
106. Which type of wireless network is suitable for national and global communications?
wireless wide-area network
117. Which type of wireless network uses transmitters to provide coverage over an extensive geographic area?
wireless wide-area network
237.To reduce your computers exposure to malicious the code?
work under an account with limited rights
242. The best variant describing the possible consequences of a botnet infection:
your PC will act as a server, obeying the hacker's remote commands;
214.Which attack is defined as an attempt to exploit software vulnerabilities that are unknown or undisclosed by the vendor?
zero-day
297.Which attack is defined as an attempt to exploit software vulnerabilities that are unknown or undisclosed by the vendor?
zero-day
