CNA 101 | Ch. 11, Building a Small Network
modular
A feature that allows add-in capabilities/technologies to a device without the need to purchase a whole new device.
Server-Based Firewall
A firewall application that generally provides a solution that combines an SPI firewall and access control based on IP address or application. Can be less secure than dedicated, appliance-based firewalls because of the security weaknesses of the general purpose OS.
Identity Theft
A form of information theft where personal information is stolen for the purpose of taking over someone's identity.
AAA
A framework that is used to implement authentication, authorization, and accounting functions into network operations.
tracert 10.1.1.5
A network technician is investigating network connectivity from a PC to a remote host with the address 10.1.1.5. Which command, when issued on a Windows PC, will display the path to the remote hosts?
ipconfig /displaydns
A particular website does not appear to be responding on a Windows 7 computer. What command could the technician use to show any cached DNS entries for this web page?
b. Have a second router that is connected to another ISP
A small company has only one router as the exit point to its ISP. Which solution could be adopted to maintain connectivity if the router itself, or its connection to the ISP, fails? a. Activate another router interface that is connected to the ISP, so the traffic can flow through it. b. Have a second router that is connected to another ISP. c. Purchase a second least-cost link from another ISP to connect to this router. d. Add more interfaces to the router that is connected to the internal network.
virus
A type of malicious software that requires a user to spread the software through the network.
worm
A type of malicious software that uses the network to spread software and infect vulnerable systems.
Ctr+Shift+6
A user can interrupt the trace process by invoking the escape sequence, which can be triggered with _____________. In Windows, the escape sequence is invoked by pressing Ctrl+C.
vulnerability
A weakness or flaw that can allow an attacker to gain access to a system.
Password attacks
Access attack that uses brute-force, packet sniffers, or a Trojan horse.
Trust Exploitation
Access attack that uses the lack of security of one device to gain access to a more secured device.
Password attacks Trust Exploitation Port Redirection Man-in-the-middle
Access attacks can be classified into four types, what are they?
security passwords min-length
Additionally, to ensure that all configured passwords are a minimum of a specified length, use the _______________ command in global configuration mode.
show file systems
An administrator wants to backup a router configuration file to a USB drive that is connected to the router. Which command should the administrator use to verify that the USB drive is being recognized by the router?
SYN Flood
An attacker sends multiple SYN requests to a web server, and while the server attempts to complete the three-way handshake, valid users are unable to gain access.
DDoS
An attacker uses many intermediate hosts, called zombies, to launch this attack that overloads a system
True.
As helpful as CDP is, it can also be a security risk because it can provide useful network infrastructure information to attackers. True or False?
Data Loss and Manipulation
Breaking into a computer to destroy or alter data records.
Information Theft
Breaking into a computer to obtain confidential information.
Personal (Host-based) Firewall
Client-side firewalls that typically filter using SPI. Often used when a host device is connected directly to an ISP modem. These firewalls are installed on end systems.
exec-timeout
Exec timeouts can be configured on console, VTY, and aux ports using the ___________ command in line configuration mode.
nslookup whois
For reconnaissance attacks, external attackers can use Internet tools, such as the _________and _______utilities, to easily determine the IP address space assigned to a given corporation or entity.
Smurf attack
For this attack, the attacker uses an amplifier and attempts to overwhelm WAN link to destination.
trojan
Hidden or disguised software that installs with another software package that a user requested
during peak utilization times and on multiple network segments
How should traffic flow be captured in order to best understand traffic patterns in a network?
protocol analyzer
If the types of traffic are unknown, a __________ will help identify the traffic and its source.
IP telephony
In ________________, the IP phone itself performs voice-to-IP conversion.
.
Indicates a time expired while waiting for an ICMP echo reply message. Could also indicate that a connectivity problem occurred somewhere along the path.
!
Indicates receipt of an ICMP echo reply message
True
Information gathered by the protocol analyzer is evaluated based on the source and destination of the traffic, as well as the type of traffic being sent. True or False?
hackers
Intruders who gain access by modifying software or exploiting software vulnerabilities
True.
The ping of death is no longer a threat because updates to operating systems have fixed the vulnerability that it exploited. True or False?
show
The status of nearly every process or function of the router can be displayed using a _____ command.
Access attacks
The unauthorized manipulation of data, system access, or user privileges.
arp -a
The_________ command lists all devices currently in the ARP cache of the host, which includes the IPv4 address, physical address, and the type of addressing (static/dynamic), for each device.
U
This ICMP echo request response indicates that an ICMP unreachable message was received.
Ping of Death
This is when an attacker sends a malformed or very large ping packet, which could cause a system to crash.
Technological
This primary vulnerability includes TCP/IP protocol weakness, operating system weakness and equipment weakness.
Security policy
This primary vulnerability includes politics, lack of authentication continuity, logical access controls not applied, software and hardware installation and changes not following procedure, and either a weak or nonexistent disaster recovery plan.
Configuration
This primary vulnerability includes unsecured user accounts, system accounts with easily guessed passwords, misconfigured internet services, unsecured default settings within products, or misconfigured network equipment.
no cdp run.
To disable CDP globally, use the global configuration command _________.
no cdp enable
To disable CDP on an interface, use the interface command ___________.
login local transport input ssh
To enable inbound SSH sessions use the line vty commands __________ and ______________.
crypto key generate rsa
To generate the SSH key, use the ___________________ command in global configuration mode.
ping sweep
To help automate the attack process, an attacker may use a ___________ tool, such as fping or gping.
endpoints
Typically, the network devices under attack are the _________, such as servers and desktop computers.
malware
Unwanted malicious software that can harm or disrupt a system operation.
service password-encryption
Using the global configuration command __________prevents unauthorized individuals from viewing passwords in plain text in the configuration file
True.
Voice-enabled routers are not required within a network with an integrated IP telephony solution. True or False?
Electrical
Voltage spikes, insufficient supply voltage, unconditioned power, and total power loss is what type of threat?
Hardware threats Environmental threats Electrical threats Maintenance threats
What are the four classes of physical threats?
Network documentation Device inventory Budget Traffic analysis
What are the four required elements involved with scaling a network?
1. Password length of 8 or more characters (10+ preferred) 2. Complexity - Upper/lowercase, symbols, #s, & spaces 3. Avoid repetition, common words, letters/numbers sequences, family or animal names/dates etc.. 4. Deliberately misspell a password Smith=Smyth 5. Change passwords often. 6. Do not write passwords down and leave them in unsecured locations.
What are the standard guidelines we should follow to ensure a strong password is in use?
Install redundant power supplies Install UPS systems
What are two management practices for Electrical Procedure?
Control temperature and humidity Create positive air flow
What are two management practices for Environmental Procedure?
Use security cameras Lock up devices/prevent unauthorized access
What are two management practices for Hardware Procedure?
Control access to console ports Label critical cables and components
What are two management practices for Maintenance Procedure?
RouterA(config)#login block-for 30 attempts 2 within 10
What command could you issue to block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
brownout
What is another term for insufficient supply voltage?
Download security updates from the OS vendor and patch all vulnerable systems
What is considered the most effective way to mitigate a worm attack?
firewalls
What is one of the most effective security tools available for protecting users from external threats?
360-2048 bits 1024 bits
What is the range of the modulus, and what is the minimum recommend modulus length?
DHCP
What process failed if a computer cannot access the internet and received an IP address of 169.254.142.5?
Fixed configuration
What type of networking device configuration has a specific number and type of ports or interfaces?
voice
What type of traffic would most likely have the highest priority through the network?
False. Additional security configuration is required for adequate protection.
When a new operating system is installed on a device, the security settings are set to the default values. In most cases, this level of security is considered to be adequate. True or False?
network documentation
Which element of scaling a network involves identifying the physical and logical topologies?
ICMP
Which protocol is used by the traceroute command to send and receive echo-requests and echo-replies?
b. 'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.
Which statement is true about Cisco IOS ping indicators? a. '!' indicates that the ping was unsuccessful and that the device may have issues finding a DNS server. !! ! b. 'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful. c. '.' indicates that the ping was successful but the response time was longer than normal. d. A combination of '.' and '!' indicates that a router along the path did not have a route to the destination address and responded with an ICMP unreachable message.
show ip route
You and running the EIGRP routing protocol and need to know the update intervals and what active interfaces and networks are being advertised by your router. What command would you issue to accomplish this?
show version
You are on a call with the Cisco technical assistance personnel. they ask you for the switch IOS name, RAM, NVRAM, and flash available. They also ask for the hexadecimal boot location. What command would you issue to accomplish this?
ip domain-name
You can configure the IP domain name of the network using the_____________ command in global configuration mode.
username
You can create a local database username entry using the ______ global configuration command.
show ip protocols
You cannot get to the internet. You need to find out if your router has a path to the internet and which protocols are being used to provide the paths. What command would you issue to accomplish this?
show startup-config
You suspect there is a problem with the current switch configuration. You want to see the saved configuration so that you can compare it to what is currently running. What command would you issue to accomplish this?
VoIP Analog Telephone Adapter (ATA)
______ devices convert analog into digital IP packets. The device could be an ___________ that is attached between a traditional analog phone and the Ethernet switch.
Real-Time Transport Protocol (RTP) Real-Time Transport Control Protocol (RTCP)
_______ and _______ enable control and scalability of the network resources by allowing Quality of Service (QoS) mechanisms to be incorporated.
Network
_________ firewalls reside between two or more networks, control the traffic between them, and help prevent unauthorized access.
Denial of Service (DOS)
______________ attacks are the most publicized form of attack and also among the most difficult to eliminate.
Appliance-Based firewalls
Specialized computers that do not have peripherals or hard drives can use this type of firewall. They also inspect traffic faster than other firewalls and are less prone to failure.
Environmental threats
Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry) is what type of threat?
show cdp neighbors detail
The ____________________ command reveals the IP address of a neighboring device. CDP will reveal the neighbor's IP address regardless of whether or not you can ping that neighbor. This command can help determine if one of the CDP neighbors has an IP configuration error.
ping
The ____command uses the Internet Control Message Protocol (ICMP) and verifies Layer 3 connectivity.
stateful packet inspection (SPI)
The ability of a device to track TCP connections and only allow returning data to the inside connection. Can also include the capability to recognize and filter out specific types of attacks, such as denial of service (DoS).
URL filtering
The ability to filter traffic based on a web address.
application filtering.
The ability to filter traffic based on destination port numbers.
packet filtering
The ability to perform packet inspection at Layer 3 based on the source and destination IP addresses and source and destination port numbers.
arp -d*
The cache can be cleared by using the _______ command in the event the network administrator wants to repopulate the cache with updated information.
Reconnaissance attacks
The discovery and mapping of systems, services, and vulnerabilities for nefarious purposes.
redundancy
The duplication of devices, links, or technologies to increase high availability.
Technological Configuration Security policy
Name the three primary vulnerabilities or weaknesses in every network and device.
protocols
Network services use ______ to define a set of rules that govern how devices communicate and the data formats used in a network.
True.
On Cisco routers, leading spaces are ignored for passwords, but spaces after the first character are not. True or False?
Console ports vty ports
On which two interfaces or ports can security be improved by configuring executive timeouts?
show ip interface brief
One of the most frequently used commands is the _____________ command. This command displays all interfaces on the router, the IP address assigned to each interface, if any, and the operational status of the interface.
Hardware
Physical damage to servers, routers, switches, cabling plant, and workstations is what type of threat?
Maintenance
Poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling is what type of threat?
Disruption of Services
Preventing legitimate users from accessing services to which they should be entitled.