Exam 1 Study Guide
What is the primary means for mitigating virus and Trojan horse attacks?
Antivirus Software.
With the evolution of borderless networks, which vegetable is now used to describe a defense-in-depth approach?
Artichoke.
How does BYOD change the way in which businesses implement networks?
BYOD devices provide flexibility in where and how users can access network resources.
Refer to the exhibit. An IT security manager is planning security updates on this particular network. Which type of network is displayed in the exhibit and is being considered for updates?
CAN.
Which resource is affected due to weak security settings for a device owned by the company, but housed in another location?
Cloud Storage Device.
What three items are components of the CIA triad? (Choose three.)
Confidentiality Availability Integrity
Which type of network commonly makes use of redundant air conditioning and a security trap?
Data center.
When considering network security, what is the most valuable asset of an organization?
Data.
Which statement describes the term attack surface?
It is the total sum of vulnerabilities in a system that is accessible to an attacker
A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?
Social Engineering
What is hyperjacking?
Taking over a virtual machine hypervisor as part of a data center attack.
Which two characteristics describe a worm? (Choose two.)
travels to new computers without any intervention or knowledge of the user is self-replicating
Which evasion method describes the situation that after gaining access to the administrator password on a compromised host, a threat actor is attempting to login to another host using the same credentials?
Pivoting
Which risk management plan involves discontinuing an activity that creates a risk?
Risk Avoidance
Which security implementation will provide control plane protection for a network device?
Routing Protocol Authentication.
What name is given to an amateur hacker?
Script Kiddie
What threat intelligence group provides blogs and podcasts to help network security professionals remain effective and up-to-date?
Talos
In what way are zombies used in security attacks?
They are infected machines that carry out a DDoS attack.
What is the primary function of SANS?
To maintain the Internet Storm Center.
What worm mitigation phase involves actively disinfecting infected systems?
Treatment.
Why would a rootkit be used by a hacker?
to gain access to a device without being detected
In the video that describes the anatomy of an attack, a threat actor was able to gain access through a network device, download data, and destroy it. Which flaw allowed the threat actor to do this?
A flat network with no subnets or VLANs.
What method can be used to mitigate ping sweeps?
Blocking ICMP echo and echo-replies at the network edge.
A security intern is reviewing the corporate network topology diagrams before participating in a security review. Which network topology would commonly have a large number of wired desktop computers?
CAN
Which section of a security policy is used to specify that only authorized individuals should have access to enterprise data?
Identification and authentication policy.
Which security technology is commonly used by a teleworker when accessing resources on the main corporate office network?
VPN
What is an example of a local exploit?
A threat actor tries to gain the user password of a remote host by using a keyboard capture installed by a Trojan.
What functional area of the Cisco Network Foundation Protection framework uses protocols such as Telnet and SSH to manage network devices?
Management plane.
Which two statements describe access attacks? (Choose two.)
Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or to exploit systems to execute malicious code. Password attacks can be implemented by the use of brute-force attack methods, Trojan horses, or packet sniffers.
Which security measure is typically found both inside and outside a data center facility?
Continuous video surveillance
In what type of attack is a cybercriminal attempting to prevent legitimate users from accessing network services?
DoS
Which statement accurately characterizes the evolution of threats to network security?
Internal threats can cause even greater damage than external threats.
What security tool allows a threat actor to hack into a wireless network and detect security vulnerabilities?
KisMac.
Which technology is used to secure, monitor, and manage mobile devices?
MDM
