5.6 - 5.12 Joel Hughes

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which 802.1Q priority is IP phone traffic on a voice VLAN tagged with by default?

5

Which of the following is an appropriate definition of a VLAN?

A logical grouping of devices based on service need, protocol, or other criteria.

In an effort to increase the security of your organization, programmers have been informed they can no longer bypass security during development. Which vulnerability are you attempting to prevent?

Backdoor

Which of the following is considered a major problem with instant messaging applications?

Loss of productivity

You are part of a committee that is meeting to define how Network Access Control (NAC) should be implemented in the organization. Which step in the NAC process is this?

Plan

When configuring VLANs on a switch, which type of switch ports are members of all VLANs defined on the switch?

Trunk ports

You are adding switches to your network to support additional VLANs. Unfortunately, the new switches are from a different vendor than the current switches. Which standard do you need to ensure that the switches are supported?

802.1Q

Which of the following switch attacks associates the attacker's MAC address with the IP address of the victim's devices?

ARP spoofing/poisoning

You are the security analyst for your organization and have discovered evidence that someone is attempting to brute-force the root password on the web server. Which classification of attack type is this?

Active

Attempting to find the root password on a web server by brute force.

Active attack

Perpetrators attempt to compromise or affect the operations of a system.

Active attack

Which of the following NAC agent types would be used for IoT devices?

Agentless

You are investigating the use of website and URL content filtering to prevent users from visiting certain websites. Which benefits are the result of implementing this technology in your organization? (Choose two.)

An increase in bandwidth availability Enforcement of the organization's internet usage policy

As the security analyst for your organization, you have noticed an increase in emails that attempt to trick users into revealing confidential information. Which web threat solution should you implement to protect against these threats?

Anti-phishing software

What do application control solutions use to identify specific applications?

Application signatures

Which of the steps in the Network Access Control (NAC) implementation process occurs once the policies have been defined?

Apply

Which of the following defines all the prerequisites a device must meet in order to access a network?

Authentication

Which of the following applies the appropriate policies in order to provide a device with the access it's defined to receive?

Authorization

An attacker was able to gain unauthorized access to a mobile phone and install a Trojan horse so that he or she could bypass security controls and reconnect later. Which type of attack is this an example of?

Backdoor

While developing a network application, a programmer adds functionally that allows her to access the running program without authentication so she can capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. Which type of security weakness does this describe?

Backdoor

Which of the following are functions of gateway email spam filters? (Select two.)

Blocks email from specific senders Filters messages containing specific content

Which of the following is a typical goal of MAC spoofing?

Bypass 802.1x port-based security

MAC spoofing

Can be used to hide the identity of the attacker's computer or impersonate another device on the network.

MAC flooding

Causes packets to fill up the forwarding table and consumes so much of the switch's memory that it enters a state called Fail Open Mode.

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so that only library computers are permitted connectivity to the internet. What can you do?

Configure port security on the switch.

Which of the following scenarios would typically utilize 802.1x authentication?

Controlling access through a switch

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

DDoS

Which protocol should you disable on the user access ports of a switch?

DTP

When setting up a new wireless access point, what is the first configuration change that should be made?

Default login

Which of the following best describes the concept of a virtual LAN?

Devices on the same network logically grouped as if they were on separate networks.

Which of the following NAC agent types creates a temporary connection?

Dissolvable

Which area of focus helps to identify weak network architecture or design?

Documentation

Travis is sending a highly confidential email to Craig that contains sensitive data. Which of the following should Travis implement to ensure that only Craig is able to read the email?

Encryption

Which area of focus do public-facing servers, workstations, Wi-Fi networks, and personal devices fall under?

Entry points

Unauthorized individuals try to breach a network from off-site

External attack

You are implementing a new application control solution. Prior to enforcing your application whitelist, you want to monitor user traffic for a period of time to discover user behaviors and log violations for later review. How should you configure the application control software to handle applications not contained in the whitelist?

Flag

Which of the following types of proxies would you use to remain anonymous when surfing the internet?

Forward

Which of the following are characteristics of a complex password? (Select two.)

Has a minimum of eight characters Consists of letters, numbers, and symbols

What is Cisco's Network Access Control (NAC) solution called?

Identity Services Engine (ISE)

Which of the following is susceptible to social engineering exploits?

Instant messaging

In which of the following zones would a web server most likely be placed?

Low-trust zone

Which of the following attacks, if successful, causes a switch to function like a hub?

MAC flooding

You are configuring the security settings for your network. You have decided to configure a policy that requires any computer connecting to the network to run at least Windows 10 version 2004. Which of the following have you configured?

NAC

Your network devices are categorized into the following zone types: No-trust zone Low-trust zone Medium-trust zone High-trust zone Your network architecture employs multiple VLANs for each of these network zones. Each zone is separated by a firewall that ensures only specific traffic is allowed. Which of the following is the secure architecture concept that is being used on this network?

Network segmentation

The IT manager has asked you to create four new VLANs for a new department. As you are going through the VLAN configurations, you find some VLANs numbered 1002-1005. However, they are not in use. What should you do with these VLANs?

Nothing. They are reserved and cannot be used or deleted.

Which of the following BEST describes zero-trust security?

Only devices that pass both authentication and authorization are trusted.

Which classification of attack type does packet sniffing fall under?

Passive

Attempting to gather information without affecting the flow of information on the network.

Passive attack

Sniffing network packets or performing a port scan.

Passive attack

An attacker has gained access to the administrator's login credentials. Which type of attack has most likely occurred?

Password cracking

Which common design feature among instant messaging clients make them less secure than other means of communicating over the internet?

Peer-to-peer networking

Which of the following methods did Microsoft introduce in Windows 10 to help distribute OS updates?

Peer-to-peer software

Which type of application allows users to share and access content without using a centralized server?

Peer-to-peer software

Which of the following NAC agent types is the most convenient agent type?

Permanent

A relatively new employee in the data entry cubical farm was assigned a user account similar to the other data entry employees' accounts. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?

Privilege escalation

An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?

Privilege escalation

Travis and Craig are both standard users on the network. Each user has a folder on the network server that only they can access. Recently, Travis has been able to access Craig's folder. This situation indicates which of the following has occurred?

Privilege escalation

Which of the following is a benefit of P2P applications?

Shared resources

Dynamic Trunking Protocol

Should be disabled on the switch's end user (access) ports before implementing the switch configuration into the network.

You are configuring web threat protection on the network and want to block emails coming from a specific sender. Which of the following should be configured?

Spam filter

You manage a single subnet with three switches. They are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?

Spanning Tree Protocol

A virtual LAN can be created using which of the following?

Switch

When configuring VLANs on a switch, what is used to identify which VLAN a device belongs to?

Switch port

You have implemented a new application control solution. After monitoring traffic and use for a while, you have noticed an application that continuously circumvents blocking. How should you configure the application control software to handle this application?

Tarpit

Drag each description on the left to the appropriate switch attack type on the right. ARP spoofing/poisoning

The source device sends frames to the attacker's MAC address instead of to the correct device.

Which of the following types of proxies can be used for web filtering?

Transparent

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer by connecting it to the console port on the router. You've configured the management interface with a username of admin and a password of password. What should you do to increase the security of this device?

Use a stronger administrative password.

You are the security analyst for your organization and have recently noticed a large amount of spim on the company mobile devices. Employees rely on the IM app to communicate with each other. Which of the following countermeasures should you implement?

Use an IM blocker.

Your organization has started receiving phishing emails. You suspect that an attacker is attempting to find an employee workstation they can compromise. You know that a workstation can be used as a pivot point to gain access to more sensitive systems. Which of the following is the MOST important aspect of maintaining network security against this type of attack?

User education and training

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?

VLAN

Which of the following is commonly created to segment a network into different zones?

VLANs

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access. Which feature should you implement?

VLANs

As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)

Virus scanner Spam filters

You are configuring web threat protection on the network and have identified a website that contains malicious content. Which of the following should you configure?

Web threat filtering

You are configuring web threat protection on the network and want to prevent users from visiting www.videosite.org. Which of the following needs to be configured?

Website filtering

The IT manager has asked you to create a separate VLAN to be used exclusively for wireless guest devices to connect to. Which of the following is the primary benefit of creating this VLAN?

You can control security by isolating wireless guest devices within this VLAN.

You are creating a VLAN for voice over IP (VoIP). Which command should you use?

switchport voice vlan [number]


Set pelajaran terkait

Health Promotion for School-Aged Children Sherpath

View Set

ANTR 350 Chapter 28 Female Reproductive System

View Set

404 Ch. 14: Nursing Management During Labor and Birth

View Set

Chapter 44 Care of the Child with a Hematologic Disorder

View Set

I've Been to the Mountaintop Study Skills

View Set