Ch. 14 Networking Hardening/ Ch. 15 Network Management/ Ch. 16 Network Optimization
You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: A 4U redundant power supply A 4U server A 4U switch A 2U router Which of the following equipment will also fit in this rack along with the above equipment?
2U UPS
Consider the following log message generated on a router: *Aug 8 11:18:12.081: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down What facility generated this message?
%LINEPROTO
Match the class of service (COS) priority on the left with its corresponding value on the right.
0--Background 1--Best effort 2--Excellent effort 3--Critical applications 4--Video (< 100ms latency) 5--Voice (< 10ms latency) 6--Internetwork control 7--Network control
Which Class of Service (COS) priority value should be assigned to a video conference call?
4
Match the port security MAC address type on the left with its description on the right.
A MAC address manually identified as an allowed address.----SecureConfigured A MAC address that has been learned and allowed by the switch.---SecureDynamic A MAC address that is manually configured or dynamically learned that is saved in the config file.---SecureSticky
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario?
Active fingerprinting
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60%, and the temperature is 80 degrees. What should you do to help reduce problems?
Add a separate A/C unit in the server room.
What actions can a typical passive intrusion detection system (IDS) take when it detects an attack? (Select two.)
An alert is generated and delivered via email, the console, or an SNMP trap. The IDS logs all pertinent data about the intrusion.
Which of the following components do switches use to optimize network performance by performing switching operations in hardware rather than using the CPU and software?
An application-specific integrated circuit
You are concerned about protecting your network from network-based attacks from the internet. Specifically, you are concerned about zero day attacks (attacks that have not yet been identified or that do not have prescribed protections). Which type of device should you use?
Anomaly-based IDS
What does a tarpit specifically do to detect and prevent intrusion into your network?
Answers connection requests in such a way that the attacking computer is stuck for a period of time.
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
Application log
Which of the following is the best recommendation for applying hotfixes to your servers?
Apply only the hotfixes that apply to software running on your systems.
Which of the following activities are typically associated with a penetration test? (Select two.)
Attempting social engineering Running a port scanner
You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card for access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with the username admin and the password admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)
Change the default administrative user name and password. Use an SSH client to access the router configuration.
Your organization uses a time-keeping application that only runs on Windows 2000 and does not run on newer OS versions. Because of this, there are several Windows 2000 workstations on your network. Last week you noticed unusual activity on your network coming from the Windows 2000 workstations. After further examination, you discover that the Windows 2000 workstations were the victim of a malicious attack and were being used to infiltrate the network. You find out that the attackers were able to gain access to the workstations because of the legacy operating system being used. The organization still needs to use the Windows 2000 workstations, which need to be connected to the internet, but you want to make sure the network is protected from future events. Which solution should you implement to protect the network while also allowing operations to continue as normal?
Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN.
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings . What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
Configure and apply security policy settings in a mobile device management system. Enroll the devices in a mobile device management system.
You are the network administrator for a city library. Throughout the library, there are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do to fix this problem?
Configure port security on the switch.
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage and a single connection to your ISP. You want to provide redundancy so that a failure in a single component does not cause the website to become unavailable. What should you add to your configuration to accomplish this?
Connect one server to the internet through a different ISP .
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your web content. The device should be able to distribute requests between the various web servers using specialized hardware, and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create the SSL sessions. Which type of device should you choose?
Content switch
A user reports that she can't connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?
Create an action plan.
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?
DHCP snooping
Users report that the network is down. As a help desk technician, you investigate and determine that a specific router is configured so that a routing loop exists. What should you do next?
Determine if escalation is needed.
A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?
Determine what has changed.
Which of the following functions can a port scanner provide?
Determining which ports are open on a network.
Which of the following actions should you take to reduce the attack surface of a server?
Disable unused services.
A network switch is configured to perform the following validation checks on its ports: All ARP requests and responses are intercepted. Each intercepted request is verified to ensure that it has a valid IP-to-MAC address binding. If the packet has a valid binding, the switch forwards the packet to the appropriate destination. If the packet has an invalid binding, the switch drops the ARP packet. Which security feature was enabled on the switch to accomplish this task?
Dynamic ARP Inspection
You are a network administrator for your company. A frantic user calls you one morning exclaiming that nothing is working. What should you do next in your troubleshooting strategy?
Establish the symptoms.
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two.)
Encryption of SNMP messages Authentication for agents and managers
Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is a part of a complete solution.)
Enroll the devices in a mobile device management system. Configure and apply security policy settings in a mobile device management system.
A web server on your network hosts the public website for your company. You want to make sure that a failure of the NIC in the server does not prevent the website from being accessible on the internet. Which solution should you implement?
Ethernet bonding
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies You now need to apply those security policies to the end users' mobile devices. What should you do? (Select two. Each response is a part of the complete solution.
Enroll the devices with the Intune service. Enroll the devices with the Intune service.
You manage a firewall that connects your private network to the internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?
Event log
Which of the following media types can you save backup files on? (Select two.)
External hard drives Network attached storage (NAS)
You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log should you monitor?
Firewall
Match the network access protection (NAP) component on the left with its description on the right.
Generates a statement of health (SoH) that reports the client configuration for health requirements.--NAP client Runs the System Health Validator (SHV) program.--NAP server Is clients' connection point to the network.--Enforcement server (ES) Contain resources accessible to non-compliant computers on the limited-access network.--Remediation server
What security mechanism can be used to detect attacks originating on the internet or from within an internal trusted subnet?
IDS
As a security precaution, you have implemented IPsec between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Host-based IDS
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a short-term, periodic basis (typically monthly)?
Hotfix
Drag the broadcast domain property on the left to the appropriate network device(s) on the right. Each property can be used more than once.
Hub--Single broadcast domain Unmanaged switch--Single broadcast domain 802.11n wireless access point--Single broadcast domain Router--Multiple broadcast domains Bridge--Single broadcast domain Repeater--Single broadcast domain Layer 3 switch--Multiple broadcast domains
You are concerned about attacks directed at your network firewall. You want to be able to identify attacks and be notified of attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use?
IPS
Which of the following are security devices that perform stateful inspection of packet data, looking for patterns that indicate malicious code? (Select two.)
IPS IDS
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 of SNMP.
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research, you find that the most likely cause of the problem is a bug in the router software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?
Identify possible effects of the solution.
A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next?
Identify the affected areas of the network.
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?
Identify the results and effects of the solution.
Which of the following are reasons to use a protocol analyzer? (Select two.)
Identify users that are connecting to unauthorized websites. Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS.
Match each network enumeration technique on the left with its corresponding description on the right.
Identifying phone numbers with modems--War dialing Scanning for wireless access points--Wardriving Identifying operating system type and version number--Banner grabbing Identifying services that can pass through a firewall--Firewalking
Your organization has recently purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (Select two. Each response is a separate solution.)
Implement storage segmentation. Enable device encryption.
You have been hired by a startup company to install a new data center. The company is small, so they have elected to use an unused employee break room as the data center. You are concerned about the physical security of the servers that will be installed in the data center. What should you do? (Select two.)
Install racks with locking doors. Install a biometric lock on the data center door.
You have decided to perform a double-blind penetration test. Which of the following actions should you perform first?
Inform senior management.
Your company leases a very fast internet connection and pays for it based on usage. You have been asked by the company president to reduce internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection without decreasing performance. What is the best way to do this?
Install a proxy server.
You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. The solar panel array captures sunlight, converts it into direct current (DC), and stores it in large batteries. The power supplies in the servers, switches, and routers in your data center require alternating current (AC) to operate. Which electrical device should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center?
Inverter
Which of the following statements is true? A system image backup:
Is saved as a .vhd file.
Which of the following activities are considered passive in regards to the function of an intrusion detection system? (Select two.)
Listening to network traffic Monitoring the audit trails on a server
Which of the following devices accepts incoming client requests and distributes those requests to specific servers?
Load balancer
You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use?
Load tester
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device that is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you see frames addressed to the four workstations, but not to the router. Which feature should you configure?
Mirroring
Most mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate.
Most accurate--GPS More accurate--Wi-Fi triangulation Less accurate--Cell phone tower triangulation Least accurate--IP address resolution
Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
NAC
Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?
Multilayer switch
You are in the process of implementing a network access protection (NAP) infrastructure to increase your network's security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. The remediation network needs to be isolated from the secure network. Which technology should you implement to accomplish this task?
Network segmentation
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through UTP cable that will run across the floor of the data center. To protect equipment from power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
No. You should not run a cable across the floor of the data center.
Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environment monitoring device within the rack. Currently, the device shows that the temperature within the rack is 70 degrees Fahrenheit (21 degrees Celsius). What should you do?
Nothing. The temperature within the rack is within acceptable limits.
Creating fake resources such as honeypots, honeynets, and tarpits fulfills which of the following main intrusion detection and prevention goals? (Select two.)
Offers attackers a target that occupies their time and attention while distracting them from valid resources. Reveals information about an attacker's methods and gathers evidence for identification or prosecution purposes.
Consider the following output generated by the show interface fa0/0 command generated on a router: FastEthernet0/0 is up, line protocol is up [...] Auto-duplex, 100Mb/s, 100BaseTX/FX [...] Input queue: 0/75/1771/0 (size/max/drops/flushes); Total output drops: 0 [...] 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 15387 packets input, 1736263 bytes, 0 no buffer Received 15241 broadcasts, 0 runts, 0 giants 0 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast 0 input packets with dribble condition detected 607 packets output, 6141 bytes, 0 underruns 4 output errors, 10 collisions, 3 interface resets, 0 restarts 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Which of the following statements are true about the fa0/0 interface? (Select three.)
One cyclic redundancy check error has occurred. The interface is dropping incoming packets. Several collisions have occurred.
Consider the network diagram shown below. Click on the item in the diagram that does not follow a standardized labeling scheme.
PC2
You are concerned about attacks directed at the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use?
Packet sniffer
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
Packet sniffer
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario?
Passive fingerprinting
Which of the following uses hacking techniques to proactively discover internal vulnerabilities?
Penetration testing
An active IDS system often performs which of the following actions? (Select two.)
Perform reverse lookups to identify an intruder. Update filters to block suspect traffic.
You suspect that your web server has been the target of a denial-of-service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
Performance
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful for maintaining a secure environment?
Periodic reviews must be conducted to detect malicious activity or policy violations.
You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers into the free network jacks and connect to the network, but you want employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
Port scanner
Which type of security uses MAC addresses to identity devices that are allowed or denied a connection to a switch?
Port security
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement?
Positive pressure system
A network utilizes a network access control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?
Posture assessment
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation, not other devices. Which feature should you configure?
Promiscuous mode
Beside protecting a computer from under-voltages, a typical UPS also performs which two actions?
Protects from over-voltages Conditions the power signal
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
Protocol analyzer
What is the purpose of using Ethernet bonding? (Select two.)
Provides a failover solution for network adapters. Increases network performance.
Which of the following protocols or services would you associate with Window's Remote Desktop Services network traffic?
RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?
RDP
In addition to performing regular backups, what must you do to protect your system from data loss?
Regularly test restoration procedures.
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)
Remediation servers 802.1x authentication
A smart phone was lost at the airport. There is no way to recover the device. Which if the following will ensure data confidentiality on the device?
Remote wipe
A new assistant network administrator was recently hired by your organization to relieve some of your workload. You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit. What should you do? (Choose two. Each response is a complete solution.)
Remove the patch cable connecting the first switch to the third switch. Enable STP on each switch.
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?
Run the packet sniffer application on Host B.
Because of an unexplained slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze the data from a central network host. Which protocol will the software use to detect the problem?
SNMP
Which protocol uses traps to send notifications from network devices?
SNMP
Which of the following mobile device security consideration disables the ability to use the device after a short period of inactivity?
Screen lock
You are considering using Wi-Fi triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system?
Signal strength
Which of the following is the most common detection method used by an IDS?
Signature
What is the primary purpose of penetration testing?
Test the effectiveness of your security perimeter.
When troubleshooting network issues, it's important to carry out tasks in a specific order. Drag the trouble shooting task on the left to the correct step on the right.
Step 1--Identify the problem. Step 2--Establish a theory of probable cause. Step 3--Test the theory to determine the cause. Step 4--Establish a plan of action. Step 5--Implement the solution or escalate. Step 6--Verify full system functionality. Step 7--Document findings, actions, and outcomes.
Your organization's security policy specifies that, regardless of ownership, any mobile device that connects to your internal network must have remote wipe enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Which of the following should you implement to ensure organizational data can be remote wiped while preserving personal data?
Storage segmentation
Which of the following is the least effective power loss protection for computer systems?
Surge protector
Which of the following devices is used on a LAN and offers guaranteed bandwidth to each port?
Switch
Which of the following is a standard for sending log messages to a central logging server?
Syslog
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?
Terminate the intruder's session.
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix?
Test the hotfix, then apply it to all servers.
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wires in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?
Test the solution.
Match each troubleshooting command on the left with its function on the right. Each utility may be used once, more than once, or not at all.
Tests connectivity between two network hosts by sending IPv4 ICMP Echo Request packets without modifying the TTL parameter.--ping Computes lost/sent packet statistics for each hop in the route between two hosts.--pathping Used on Linux systems to identify the route between two IPv6 hosts.--traceroute6 Used on Windows systems to identify the route between two IPv4 hosts.--tracert Tests connectivity between two network hosts by sending IPv6 ICMP Echo Request packets without modifying the TTL parameter.--ping -6
Which of the following statements about DSCP are true? (Select two.)
The DiffServ field is used to add precedence values. Classification occurs at Layer 3.
Which of the following are not reasons to remote wipe a mobile device?
The device is inactive for a period of time.
You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configuration? (Select two.)
The rear of your servers should face the hot aisle. The front of your servers should face the cold aisle.
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?
Throughput tester
Why should you store backup media off site?
To prevent the same disaster from affecting both the network and the backup media.
You have just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis?
Update the signature files.
You are the network administrator for a growing business. When you were hired, the organization was small, and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. The organization has grown considerably in recent months. Now you manage eight individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?
Use syslog to implement centralized logging.
Match each bring your own device (BYOD) security concern on the right with a possible remedy on the left. Each remedy may be used once, more than once, or not at all.
Users take pictures of proprietary processes and procedures.--Specify where and when mobile devices can be possessed in your acceptable use policy. Devices with a data plan can email stolen data.--Specify where and when mobile devices can be possessed in your acceptable use policy. Devices have no PIN or password configured.--Enroll devices in a mobile device management system. Anti-malware software is not installed.--Implement a network access control (NAC) solution. A device containing sensitive data may be lost.--Enroll devices in a mobile device management system.
Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
VLAN
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have resolved the problem, but you would like to be able to manage the server remotely just in case more issues occur. Which of the following protocols would you use for remote management? (Select two.)
VNC ICA
What is the main difference between vulnerability scanning and penetration testing?
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.
White box test--The tester has detailed information about the target system prior to starting the test. Grey box test--The tester has the same amount of information that would be available to a typical insider in the organization. Black box test--The tester has no prior knowledge of the target system. Single-blind test--Either the attacker has prior knowledge about the target system or the administrator knows that the test is being performed. Double-blind test--The tester does not have prior information about the system, and the administrator has no knowledge that the test is being performed.
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for file storage and a database server. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over UTP plenum cable that will run through the suspended tile ceiling of the data center. To provide power for the new devices, you had an electrician install several new 20-amp wall outlets near the new rack. Each device in the rack will be plugged directly into one of these new wall outlets. What is wrong with this configuration? (Select two.)
You should implement redundant power supplies for the network devices. You should implement a UPS between the wall outlet and the network devices.
In which of the following situations would you use port security?
You want to restrict the devices that could connect through a switch port.
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?
Zero knowledge team
You provide IT support for a dentist's office. The office has a limited number of wireless clients, so a simple wireless router is used to provide Wi-Fi access. On your latest visit, you check the manufacturer's website and discover that an update has been released by the wireless router manufacturer. You decide to download and install the update. Click the option you should use in the wireless router's configuration interface to prepare the device for the update.
backup
Each of the following are tools used to check the health of a network. Which of these is typically used for managing and sending messages from one computer system to another?
syslog