CIT270 Unit 2 Exam: Chapter 5,6,7, and
An administrator needs to examine FTP commands that are being passed to a server. What port should the administrator be monitoring?
21
What vendor neutral protocol implements support for VLAN tagging?
802.1Q
Which type of log can provide details regarding requests for specific files on a system?
Access log
What type of privileges to access hardware and software resources are granted to users or devices?
Access rights
Where does the supplicant send identity information?
Authenticator
What encryption protocol is used for WPA2?
CCMP
Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to first agree to an Acceptable Use Policy (AUP) before continuing. What type of AP has he encountered?
Captive portal
What plane is used to allow SDN to virtualize parts of the physical network so that it can be more quickly and easily reconfigured?
Data plane
Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?
EAP-FAST
A private cloud is one in which the services and infrastructure are offered to all users with access provided remotely through the Internet.
False
An agent may be a permanent NAC agent and reside on end devices until uninstalled, but it cannot be a dissolvable NAC agent.
False
In a bluesnooping attack, the attacker copies emails, calendars, contact lists, cell phone pictures, or videos by connecting to the Bluetooth device without the owner's knowledge or permission.
False
One use of data loss prevention (DLP) is blocking the copying of files to a USB flash drive.
False
RFID is commonly used to transmit information between networked computers.
False
Securing web applications is easier than protecting other systems.
False
The MAC address is a unique 64-bit number that is "burned" into the network interface card adapter when it is manufactured.
False
The OSI model breaks networking steps down into a series of six layers.
False
The most popular implementation of DNS is the Unix Internet Name Domain.
False
Olivia was asked to protect the system from a DNS poisoning attack. What are the locations she would need to protect?
Host table and external DNS server
Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs?
Host-based intrusion detection system
Which device is easiest for an attacker to take advantage of to capture and analyze packets?
Hub
Which of the following TCP/IP protocols do not relate to security?
IP
What specific ways can a session token be transmitted?
In the header of the HTTP requisition && in the URL
In what type of cloud computing does the customer have some control over the operating systems, storage, and their installed applications?
Infrastructure as a Service
Which of the following is NOT a wireless peripheral protection option?
Install a network sensor to detect an attack
Which function does an Internet content filter NOT perform?
Intrusion detection
How does network address translation (NAT) improve security?
It discards unsolicited packets
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is transparent to the end users?
Load balancing
Which of these is a vulnerability of MAC address filtering?
MAC addresses are initially exchanged unencrypted
Which device watches for attacks and sounds an alert only when one occurs?
Network intrusion detection system (NIDS)
What is NOT a risk when a home wireless router is not securely configured?
Only a small percentage of the total traffic can be encrypted
Which EAP protocol creates an encrypted channel between the client authentication server and the client, and uses Microsoft Windows logins and passwords?
PEAP
Bluetooth is an example of what type of technology below?
Personal Area Network
Which of the following adds new functionality to the web browser so that users can play music, view videos, or display special graphical images within the browser?
Plug-ins
Catriona needed to monitor network traffic. She did not have the resources to install an additional device on the network. Which of the following solutions would meet her needs?
Port mirroring
Which action cannot be performed through a successful SQL injection attack?
Reformat the web application server's hard drive
Which of these is the most secure protocol for transferring files?
SFTP
Which of the following protocols is used to manage network equipment and is supported by most network equipment manufacturers?
SNMP
Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer?
Smurf attack
Which is the most secure type of firewall?
Stateful packet filtering
What is the name of an instruction that interrupts a program being executed and requests a service from the operating system?
System call
What is a correct statement regarding why traditional network security devices cannot be used to block web application attacks?
Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.
A DNS amplification attack floods an unsuspecting victim by redirecting valid responses to it.
True
A correlation engine aggregates and correlates content from different sources to uncover an attack.
True
A security advantage of VLANs is that they can be used to prevent direct communication between servers.
True
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
True
File integrity check (FIC) is a service that can monitor any changes made to computer files, such as operating system files.
True
In ad hoc mode, devices can only communicate between themselves and cannot connect to another network.
True
In an integer overflow attack, an attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow.
True
JavaScript cannot create separate stand-alone applications.
True
RF signals can be picked up from an open or mis-configured AP.
True
TCP/IP uses its own four-layer architecture that includes the Network Interface, Internet, Transport, and Application layers
True
XSS is like a phishing attack but without needing to trick the user into visiting a malicious website.
True
Which type of hypervisor does not run on an underlying operating system?
Type I
Select the technology that can be used to examine content through application-level filtering.
Web security gateway
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
Whatever' AND email is NULL; --
A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as which of the following terms?
Bluesnarfing
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
DNS Poisoning
What secure protocol is recommended for time synchronization?
NTP
Which of these is not a DoS attack?
Push flood