CIS 440

When setting up port forwarding on an external firewall to pass HTTP traffic from the Internet to an internal web server, the external address and port are 208.40.235.38:8081. What is the internal IP address and port, assuming the most common port for that protocol?

192.168.5.74:80

While the design of a hardware firewall requires it to filter all inbound and outbound traffic, it can also act as a bottleneck for that traffic if the wire speed it filters at is too slow. For a 1 gigabits per second (Gbps) network, what filtering wire speed should the firewall possess?

2.5 Gbps or higher

Which of the following can affect the confidentiality of documents stored on a server?

A server breach

Which of the following best describes a network chokepoint?

A specialized kind of gateway that focuses on traffic to a single concentrated pathway to streamline the process of filtering

Which network device concentrates communications signals, accepts only basic commands, and provides statistics such as throughput measures and uptime percentages?

Active hub

In preserving the confidentiality of users on a corporate network, which party is responsible for setting up security policies to guarantee users' privacy?

Administrator

Estefan is a network professional for an e-commerce company. The chief information officer (CIO) wants the customer web portal downtime to be reduced from 5 minutes per year to 30 seconds per year. The change should occur over the next 6 months. Which security objective must Estefan employ to accomplish this goal?

Availability

Rupesh is a network technician who has been tasked by his supervisor to configure the edge firewall of an office branch. His task is to focus on outbound traffic based on several factors, such as domain name, URL, file extension, and certain keywords. What is he configuring the firewall to perform?

Content filtering

Temika is the IT security officer for her company. The CIO has told her that network security success is not about preventing all possible attacks or compromises. Of the following, what goal or accomplishment should she work toward?

Continually improving the state of security so that, as time passes, the network is better protected than it was in the past

Brianna is an IT technician. She is studying a threat that holds the communication channel open when a TCP handshake does not conclude. What kind of attack does this involve?

Denial of service (DoS) attack

Which of the following is a common firewall philosophy?

Deny by default

Which of the following is a firewall implementation best practice?

Different firewall products should be used depending on firewall placement, such as different products for border firewalls versus internal host firewalls

Alejandro is a cybersecurity contractor. He was hired by a Fortune 500 company to redesign its network security system, which was originally implemented when the company was a much smaller organization. The company's current solution is to use multiple firewall platforms from different vendors to protect internal resources. Alejandro proposes an infrastructure security method that, in addition to firewalls, adds tools such as an intrusion detection system (IDS), antivirus, strong authentication, virtual private network (VPN) support, and granular access control. What is this solution called?

Diversity of defense

In intrusion detection, anomaly-based detection looks for differences from normal traffic based on a recording of real-world traffic that establishes a baseline.

False

Network switches provide network segmentation through logical addressing.

False

The less complex a solution, the more room there is for mistakes, bugs, flaws, or oversights by security administrators.

False

Wireless networks are more secure than wired networks.

False

With multifactor authentication, facial geometry is an example of something you know.

False

Malika is a network engineer who is configuring firewalls separating both the Accounting and HR departments from the rest of the business divisions on the local area network (LAN). She wants to allow only certain traffic into those subnets from both internal employees and those working from home. The traffic may include email, chat, and video conferencing. She wants to prevent access to the company intranets to protect confidential employee and financial data. How has she configured these firewalls?

Filter

Delmar is a consultant configuring a small firewall for a client who uses a small office/home office (SOHO) network. He is permitting the common protocols on the outbound connection, but he can only forward rather than block incoming protocols. If he forwards common protocols such as FTP, Telnet, and NetBIOS, how can this protect the network from anyone who may maliciously use these ports?

Forward to a nonexistent port where no device is listening

Which of the following can be described as putting each resource on a dedicated subnet behind a demilitarized zone (DMZ) and separating it from the internal local area network (LAN)?

N-tier deployment

Jae is a network consultant hired by a small business client. He has been asked to recommend a firewall solution. Given the relatively small size of the infrastructure, he suggests a firewall that provides integrated intrusion detection system/intrusion prevention system (IDS/IPS) functionality because a single device offering multiple functions is cost- and space-effective. What is the solution?

Next-generation firewall (NGFW)

What does a digital signature provide?

Nonrepudiation

Which fragmentation attack results in full or partial overwriting of datagram components?

Overlap

A firewall is a filtering device that watches for traffic that fails to comply with rules defined by the firewall administrator. What does the firewall inspect?

Packet header

Israel is a network technician who has just deployed a new firewall. Before putting it in production, he wants to test the firewall's ability to filter traffic according to its rule set, without risking the internal network. What is the best solution?

Place the firewall in a virtual network environment and simulate traffic.

The design of firewall placement and configuration in a network infrastructure has many aspects. Which of the following concerns is most likely related to an upper management decision that does NOT conform with existing security policy?

Political

Which of the following network zones has the lowest risk and the highest trust?

Private network

Which operating system (OS) for a bastion host runs on most appliance firewalls as well as many Internet service provider (ISP) connection devices?

Proprietary OS

Manuela has researched a third-party software firewall she wants to install on her PC since she believes it is a better quality than the operating system's onboard firewall. She has read the installation instructions. The firewall is compatible with her operating system and has gotten good customer reviews. After performing the installation last week, she notices that numerous malicious exploits are successfully hacking her computer. What went wrong?

She forgot to disable the native firewall when she installed the third-party firewall.

Landon is a network contractor. He has been hired to design security for the network of a small company. The company has a limited budget. Landon is asked to create a system that will protect the company's workstations and servers without undo expense. Landon decides to deploy one hardware firewall between the Internet and the local area network (LAN). What is this solution called?

Single defense

Mei is working from home and speaking with her department manager on a Voice over IP (VoIP) phone connection. This technology allows telephone conversations to be routed over the Internet. During a VoIP conversation, Mei loses a few moments of what the manager has said to her. What is the problem?

The OSI model Transport Layer was unable to guarantee reliable packet delivery.

Shamika is a networking student who has just moved into a small house with two other roommates. She has purchased a new DSL modem and is planning on configuring the built-in firewall. She needs to change the default username and password for the device first. What is her concern?

The default username and password are likely available on the Internet and anyone could use those credentials to hack into the modem and access the home network.

Rachel is a network technician. She is writing a proposal that recommends which firewall type to purchase to replace an aging and failing unit. She wants to be able to protect two separate internal network segments with one hardware firewall. What is her recommendation?

Triple-homed

A best practice when troubleshooting issues is to make one change at a time, and then test the change before making any other changes.

True

A buffer overflow is an attack against poor programming techniques and a lack of quality control.

True

A virtual firewall can protect physical networks as well as virtual clients and servers.

True

An active threat is one that takes some type of initiative to seek out a target to compromise.

True

An intrusion detection system (IDS) serves as a companion mechanism to a firewall.

True

Authentication is the proof or verification of a user's identity before granting access to a secured area.

True

Firewalls can provide port-forwarding services.

True

Hardware failures are a primary cause of unexpected downtime.

True

If a server has a public IP address, it is a potential target for hacker attacks.

True

In a full connection mesh topology, all devices on a network are connected to all other devices.

True

In terms of an attack, scanning is the activity of using various tools to confirm information learned during reconnaissance and to discover new details.

True

Information leakage often stems from malicious employees.

True

Spoofing tricks a user or a host into believing a communication originated from somewhere other than its real source.

True

The WAN Domain of an IT infrastructure includes networks owned by a telco or a carrier network company that leases access to corporations.

True

Whitelisting blocks the execution of any program not on the approved list.

True

Windows Defender Firewall is an example of a native firewall.

True

With diversity of defense, most layers use a different security mechanism.

True

Which of the following is described as "confidence in your expectation that others will act in your best interest"?

Trust

Dhruv is the lead network engineer for his three-year-old company. He is writing a proposal that recommends the network protocol to use in several branch offices. Based on the age of the networking equipment, what is his recommendation to the chief information officer (CIO)?

Upgrade to IPv6

What is an example of security through obscurity?

Using a nonstandard operating system for workstations such as FreeBSD

A small office/home office (SOHO) firewall may include intrusion detection.

true

Determining who or what is trustworthy on a network is an ongoing activity.

true

Firewall implementation documentation should include every action taken from the moment the firewall arrives on site through the point of enabling the filtering of production traffic.

true

Firewall logging helps to ensure that defined filters or rules are sufficient and functioning as expected.

true

Including photos of configuration screens in firewall procedures can speed up restoration after a network incident

true

TCP/IP is a suite of two communication protocols.

true

A first-year student in a computer networking class is studying different addressing types and attempting to identify them. Which of the following does she determine is a Media Access Control (MAC) address?

00-14-22-01-23-45

Thirty years ago, a major corporation purchased and still owns IP addresses within the IPv4 Class A range. The corporation uses these addresses to connect to the Internet. To which IPv4 address range do they belong?

1.0.0.1 to 126.255.255.254

Tonya is a student. She is working through a network addressing scheme example for a class. She has read that the 128-bit address 2001:0f58:0000:0000:0000:0000:1986:62af can be shortened but is trying to understand how. What is the correct solution?

2001:0f58::1986:62af

A major U.S. online retailer has discovered that thousands of purchases have been paid for by stolen credit card numbers. An initial analysis of the location of the buyers reveals IP addresses from within the United States. Upon further investigation, it is found that the actual origin point of the fraudulent buyer is a series of IP addresses located in Asia. What technology is the fraudster using?

A Proxy Server

A networking instructor is demonstrating the use of a device that, when making a connection to the Internet, issues a series of alternating tones, and is used to translate the digital signals from computers to the analog signals used on traditional telephone lines. Although the name is familiar to the students, this particular device is no longer in common use. What is the instructor demonstrating?

A modem

Which of the following is a feature of NTFS that allows complete additional files to successfully hide beneath any normal file object and be almost undetectable?

Alternate Data Streams (ADS)

Mario is the network security engineer for his company. He discovered that, periodically, a remote user working from home accesses certain resources on the network that are not part of her regular duties. Mario has questioned the user and her supervisor, and has accessed the user's workstation. Mario believes the user is not the source of these intrusions and strongly suspects a malicious source is responsible. What is the most likely explanation?

An external hacker has gained access to the user's authentication and is accessing confidential company resources.

The IT security officer for a large company has spent the past year upgrading security for the corporate network. Employees working from home have personal firewalls running on their computers. They use a virtual private network (VPN) to connect to the corporate network. The corporate network utilizes the latest devices and techniques, including an intrusion detection system/intrusion prevention system (IDS/IPS), anti-malware protection, and firewalls. What security threat most likely still needs to be addressed?

An internal threat, such as a disgruntled employee or contractor

In executing the processes of risk assessment and risk management, which statistic calculates the potential number of times the threat could be a realized attack in a year's time?

Annualized rate of occurrence

Although it is not recommended, a company chief information officer (CIO) wants to configure and use the ff02::1 group on his new IPv6 network to send traffic to every node in the infrastructure. What group must he enable?

Anycast

Which of the following roles is most commonly responsible for observing system and user activity, looking for violations, trends toward bottlenecks, and attempts to perform violations?

Auditor

Which OSI model layer deals with frames?

Data Link Layer

Devaki is an engineer who is designing network security for her company's infrastructure. She is incorporating protections for programming flaws, default settings, maximum values, processing capabilities, and memory capacities on devices, as well as malicious code and social engineering. What is this type of protection called?

Defense in depth

Which type of boundary network hosts resource servers for the public Internet?

Demilitarized zone (DMZ)

Which network index technology allows users to locate resources on a private network, keeps track of which servers and clients are online, and identifies the resources that network hosts share?

Directory services

Agents, bots, and zombies are part of which type of attack?

Distributed denial of service (DDoS) attack

The network engineer of a mid-size company needs to have all servers, network printers, and other online resources possess the same IPv4 address over time. The engineer does not want to perform manual address assignments on all of these resources. Additionally, she wants to prevent any rogue device from having an IPv4 address dynamically assigned just by making the request. What is her solution?

Dynamic Host Configuration Protocol (DHCP) reservation

A backdoor acts like a device driver, positioning itself between the kernel (the core program of an operating system) and the hardware.

False

A host software firewall should never be installed on a server if a dedicated firewall appliance is deployed on the same network.

False

A router has only two ports because the device connects only two local area networks (LANs).

False

Bump-in-the-wire is a software firewall implementation.

False

Eavesdropping occurs over wireless connections, not wired connections.

False

In any organization, network administrators have the ultimate and final responsibility for security.

False

In terms of networking, permission is the abilities granted on the network.

False

One technique for hardening a system is to remove all protocols.

False

Recreational hackers are criminals whose sole career objective is to compromise IT infrastructures.

False

Subnetting and VLANing are methods used to create physical networks.

False

Which form of firewall filtering is NOT as clear or distinct as other types

Filtering on whether an address is real or spoofed

A chief financial officer's (CFO's) business account has been leaked onto the Internet, including the CFO's username, password, and financial data. The firm's security manager scanned the CFO's computer for viruses, which was clean. However, the manager is still convinced that the CFO's computer is somehow compromised, allowing whatever is typed to be disclosed. The manager recalls that six weeks ago, the CFO's assistant was caught illicitly accessing secure financial files and was subsequently dismissed. What is the likely problem?

Hardware keystroke logger

A chief information officer (CIO) works for a mid-sized company located on the California coast. The CIO is developing a disaster plan for the IT infrastructure in the event of an earthquake powerful enough to damage or destroy network and computing equipment, including the database servers. What can she do to protect valuable company data even under the worst circumstances?

Have the data regularly backed up and stored in a secure, off-site facility not prone to such environmental dangers.

Which form of addressing uses 32 bits and subnetting, but suffers from a lack of integrated security?

Internet Protocol version 4 (IPv4)

Mohammad is presenting IPv6 cryptographic security features to his networking class. A student asks him to explain data origin authentication. How does he answer this question?

It uses a checksum that incorporates a shared encryption key so that the receiver can verify that the data was actually sent by the apparent sender.

Which network security technology can block or restrict access if a computer does NOT have the latest antivirus update, a certain security patch, or a host firewall?

Network access control (NAC)

Which of the following is considered a node?

Networked printer

Thuan is a new network engineer. He is increasing the security of end-user computers. Which of the following is a security feature every client computer needs?

Password-protected screen saver

As part of the bring your own device (BYOD) program, the company CIO is encouraging employees to use their personal devices for business purposes. However, an attacker with the right kind of antenna can access the wireless network from a great distance, putting internal assets at risk. Of the following, what is the best solution?

Physically isolate wireless access from the wired network.

Which type of hacker is a criminal whose career objective is to compromise IT infrastructures?

Professional

The chief information officer (CIO) is working with the chief financial officer (CFO) on next year's budget for new networking equipment. The CIO is explaining that lowest-cost equipment is not the sole deciding factor. The hardware must conform to high security standards to prevent a malicious person from hacking into the network and accessing valuable company data. Which of the following considerations does not specifically require a hacker to have physical access to the equipment?

Remote connection

Several times this week, the IT infrastructure chief of a small company has suspected that wireless communications sessions have been intercepted. After investigating, he believes some form of insertion attack is happening. He is considering encrypted communications and preconfigured network access as a defense. What type of insertion attack is suspected?

Rogue device insertion

Every morning when James logs into his computer and attempts to access Microsoft 365, he is asked to enter his password. After that, he is sent a text on his mobile phone with a six-digit code he must enter. In terms of multifactor authentication, his password is something he knows. What is the text message?

Something he has

A company has discovered that confidential business information has been repeatedly acquired by a competitor over the past six months. The IT security team has been unable to find the leaks. The team suspects a form of side-channel eavesdropping may be involved. What is the suspected hacking method?

The competitor is using a phreaking attack.

The chief information officer (CIO) is negotiating lease prices with several telecommunications providers. She wants a service that offers circuits that will link to various physical buildings and branches, including a connection to the physical demarcation point. For what network infrastructure will this service be used?

Wide area network (WAN)

Vivienne has been commissioned to design a workgroup network infrastructure for a small office that includes five workstations, three laptops, and a printer. Given that some of the nodes are stationary and others are mobile, what is the best solution for interconnectivity?

Wireless access point (WAP) and wired switch

A combination of intrusion detection and prevention, as well as logging and monitoring, provides the best defense against what kind of attack?

Zero-day exploit

Logical topologies are primarily about:

connections

In which form of social engineering does the malicious person physically go through trash cans and other refuse looking for valuable information about a network such as IP addresses, usernames, and passwords?

dumpster diving

A mid-sized company's IT security engineer is attempting to make it more difficult for the company's wireless network to be compromised. She is using techniques such as random challenge-response dialogue for authentication, timestamps on authentication exchanges, and one-time pad or session-based encryption. What form of wireless attack is she defending against?

replay

IT infrastructure growth can be expected, unexpected, gradual, or abrupt.

true

In a risk assessment, the asset value (AV) includes both tangible and intangible costs.

true

Network router security is primarily about preventing unauthorized access.

true

Nonrepudiation is the security principle that prevents a user from being able to deny having performed an action.

true

One contingency for growth is to build additional capacity into the current infrastructure.

true

Outbound network traffic should be subjected to the same investigations and analysis as inbound network traffic.

true

You are setting up a small home network. You want all devices to communicate with each other. You assign IPv4 addresses between 192.168.0.1 and 192.168.0.6 to the devices. What processes must still be configured so that these nodes can communicate with the Internet?

Both network address translation (NAT) and port address translation (PAT) must be enabled to allow private network addresses to be translated to a random external port and public IP address.

Isaac is designing a network infrastructure as a class project. He determines that one device he requires must have the capacity to act as a repeater, operate at the Data Link Layer of the OSI model, be able to filter packets based on their MAC address, and allow communication between two local area networks (LANs). Which device will fulfill these specifications?

Bridge

A bank's online infrastructure has been under attack by hackers. In addition to standard security methods, the bank's IT security manager has requested website code to be examined and modified, where necessary, to address possible arbitrary code execution. What will the code modifications prevent?

Buffer overflows

Miles is an IT consultant. He is given the specifications of a networking project for the new campus of a multinational corporation. Among the requirements, switches and wireless access points (WAPs) must interconnect all nodes, the network must use hardware firewalls, and it must support single sign-on (SSO). Which network infrastructure does he select that fulfills these requirements?

Client/server

Which form of attack is described as throttling the bandwidth consumption on an Internet link at a specific interval as a method of transmitting small communication streams such as user credentials?

Covert channels

Static packet filtering uses a static or fixed set of rules to filter network traffic.

True

Nahla is a network engineer charged with maintaining the routine operations of equipment in her company's server room. She is aware that fluctuations in electrical power flow can damage delicate circuitry. While configuring redundancy into a number of systems, which component does she choose that offers both redundancy and power conditioning?

Uninterruptable power supply (UPS)

Logical networks limit access to data and resources by allowing only those individuals and devices that require such access permission to access them.

True

Networked systems that are no longer used or monitored can become network entry points for hackers.

True

One of the improvements of IPv6 versus IPv4 is better security.

True

Passive threats are those you must seek out to be harmed, such as visiting a malicious website.

True

A fallback attack is defined as an attack that a hacker might try after an unsuccessful breach attempt against a target.

True

A gateway is a device that connects two networks that use dissimilar protocols for communication.

True

A good practice is to trust no network traffic until it is proved to comply with security policy.

True

A hardware firewall is a dedicated hardware device specifically built and hardened to support the functions of firewall software.

True

A network switch avoids collisions by reviewing the Media Access Control (MAC) address to determine where each data packet is meant to go.

True

A next-generation firewall (NGFW) is a device that offers additional capabilities beyond traditional firewall functionality.

True

A wireless network topology uses some wire.

True

A wrapper is a specialized tool used by hackers to build Trojan horses.

True

Fragmentation attacks involve an abuse of the fragmentation offset feature of IP packets.

True

In the context of networks, the term "topology" refers to the order and arrangement of the elements of a communications network.

True

RFC 1918 addresses are for use only in private networks.

True