exam 3
The use of certificate authorities to associate public keys with certain users is known by what term? a. public-key organization b. symmetric identification c. certified infrastructure d. public-key infrastructure
public key infrastructure
A spoofed DNS record spreads to other DNS servers. What is this attack called? ARP poisoning DHCP snooping MitM attack DNS poisoning
DNS poisoning
What is the formula for determining the number of possible hosts on a network? 2n = Y 2n - 2 = Y 2h = Z 2h - 2 = Z
2h - 2 = Z
A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this? Principle of least privilege Insider Threat Vulnerability Denial of service
Insider threat
A subnet of 255.255.248.0 can be represented by what CIDR notation? a. /20 b. /18 c. /29 d. /21
/21
A network with 10 bits remaining for the host portion will have how many usable host addresses? a. 4192 b. 2046 c. 1022 d. 510
1022
y default, when using classful addressing, how many bits exist in the host portion of a Class A address? a. 24 b. 8 c. 32 d. 16
24
How many bits of a Class A IP address are used for host information? 8 bits 16 bits 24 bits 32 bits
24 bits
What subnet mask can be used to segment the 172.16.0.0 network to allow for a minimum of 6 subnets while maximizing the number of hosts per subnet? a. 255.255.248.0 b. 255.255.128.0 c. 255.255.224.0 d. 255.255.192.0
255.255.224.0
A network with a CIDR notation of /26 would have what subnet mask? a. 255.255.255.0 b. 255.255.255.240 c. 255.255.255.224 d. 255.255.255.192
255.255.255.192
How many /64 subnets can be created within a /56 prefix? a. 1024 b. 2048 c. 256 d. 512
256
In an IPv6 address, what do the first four blocks or 64 bits of the address represent? a. The usable host portion of the network. b. The broadcast domain for the configured host ID. c. The MAC address of the router assigning the host ID. d. The site prefix or global routing prefix.
The site prefix or global routing prefix
Which of the following is NOT a task that a VPN concentrator is responsible for? A VPN concentrator authenticates VPN clients. A VPN concentrator establishes tunnels for VPN connections. A VPN concentrator shuts down established connections with malicious traffic occurs. A VPN concentrator manages encryption for VPN transmissions.
A VPN concentrator shuts down established connections with malicious traffic occurs.
What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model? a. An organization needs to have a hosted virtual network infrastructure for their services, which are run on virtual machines. b. A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides. c. A small organization needs to have high availability for their web server. d. An organization wishes to gain access to applications through an online user interface, while maintaining compatibility across operating systems.
A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.
A variant of BYOD, what does CYOD allow employees or students to do? a. They can use whatever devices they wish to bring. b. They can supply their choice of cloud application or storage. c. They can supply their own software on a computer or mobile device. d. They can choose a device from a limited number of options.
They can choose a device from a limited number of options.
By default, the native VLAN is the same as the default VLAN. True False
True
Which of the following virtualization products is an example of a bare-metal hypervisor? a. VMware Player b. VirtualBox c. Citrix XenServer d. Linux KVM
Citrix
The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field? a. FCS b. priority c. FEC d. encryption
FCS
All that is needed to provide communication between two VLANs is a DHCP relay agent. True False
False
An unmanaged switch can still support the creation of VLANs, provided there is an interface for configuration. True False
False
Network segmentation decreases both performance and security on a network. True False
False
The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80. True False
False
Which command can be used on a Windows system to create a hash of a file? a. md5 b. Compute-FileHash c. shasum d. Get-FileHash
Get-FileHash
While designing your network's VLAN topology, your team has decided to use a centrally managed DHCP server rather than creating a separate DHCP server for each VLAN. What software will you need in order to make the central DHCP server accessible across VLANs? DHCP relay agent DHCP server Hypervisor Virtual router
DHCP relay agent
Which type of DoS attack orchestrates an attack using uninfected computers? DDoS (Distributed DoS) attack Spoofing attack DRDoS (Distributed Reflection DoS) attack PDoS (Permanent DoS) attack
DRDos
Which of the following suggestions can help prevent VLAN hopping attacks on a network? a. Use MAC address filtering. b. Disable auto trunking and move native VLANs to unused VLANs. c. Install an additional switch to isolate traffic. d. Install a router to process the untagged traffic on the VLAN.
Disable auto trunking and move native VLANs to unused VLANs.
Which tunneling protocol is a component of the IPsec protocol suite? L2TP OpenVPN PPTP IKEv2
IKEv2
Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate? a. VNC is faster than Remote Desktop, and requires less network bandwidth. b. VNC uses the Remote Desktop Protocol (RDP). c. VNC is a standard developed by Microsoft and used by Windows Remote Desktop. d. VNC is open source, allowing companies to develop their own software based on VNC.
VNC is open source, allowing companies to develop their own software based on VNC
With VTP, where is the VLAN database stored? a. On the router responsible for maintaining the VTP database. b. On the switch that is known as the stack master. c. On the switch that is configured as the trunk root. d. On the designated VLAN server for the network.
On the switch that is known as the stack master.
What is NOT one of the ways in which networks are commonly segmented? a. by device manufacturer b. by departmental boundaries c. by geographic location d. by device types
by device manufacturer
A hacker, in the original sense of the word, is someone with technical skill and malicious intent. True False
false
Different types of organizations have similar levels of network security risks. true false
false
If multiple honeypots are connected to form a larger network, what term is used to describe the network? a. combolure b. honeycomb c. honeynet d. lurenet
honeynet
The combination of a public key and a private key are known by what term below? key tie key set key team key pair
key pair
A /24 CIDR block is equivalent to a 255.255.255.0 subnet mask. True False
true
An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models. true false
true
Current research indicates that a long, random string of words, such as correct horse battery staple is more secure than a random series of letters, numbers, and symbols that is short enough to be remembered. True False
true
IPv6 addressing does not utilize classful addressing, therefore every IPv6 address is classless. True False
true
Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both potential symptoms of a viral infection. True False
true
The term malware is derived from a combination of the words malicious and software. true false
true
Which port mode on a switch enables that port to manage traffic for multiple VLANs? Console Ethernet Access Trunk
trunk
If the EUI-64 standard is used, what part of an IPv6 address is affected? a. The first four blocks of the address. b. All blocks of the address are affected. c. The last four blocks of the address. d. The middle four blocks of the address.
the last four of the address
Which of the following statements describes a worm? a. A process that runs automatically, without requiring a person to start or stop it. b. A program that disguises itself as something useful but actually harms your system. c. A program that runs independently of other software and travels between computers and across networks. d. A program that locks a user's data or computer system until a ransom is paid.
A program that runs independently of other software and travels between computers and across networks.
An RFID label on a box is an example of what type of physical security detection method? a. motion detection technology b. video surveillance via CCTV c. asset tracking tagging d. tamper detection
Asset tracking tagging
When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect? a. In the /etc/ssh/keys folder. b. In the /var/run/ssh/public folder. c. In an authorization file on the host where the SSH server is. d. In an authorization file under your home directory on your computer.
In an authorization file on the host where the SSH server is.
What software allows you to define VMs and manage resource allocation and sharing among them on a host computer? Hypervisor NFV (Network Functions Virtualization) SDN (software-defined networking) Terminal emulation
Hypervisor
Which of the following statements correctly describes the malware characteristic of polymorphism? Polymorphic malware utilizes encryption to prevent detection. Polymorphic malware is designed to activate on a particular date, remaining harmless until that time. Polymorphic malware is software that disguises itself as a legitimate program, or replaces a legitimate program's code with destructive code. Polymorphic malware can change its characteristics every time it is transferred to a new system.
Polymorphic malware can change its characteristics every time it is transferred to a new system.
Which of the following statements correctly describes the malware characteristic of polymorphism? a. Polymorphic malware is designed to activate on a particular date, remaining harmless until that time. b. Polymorphic malware utilizes encryption to prevent detection. c. Polymorphic malware can change its characteristics every time it is transferred to a new system. d. Polymorphic malware is software that disguises itself as a legitimate program, or replaces a legitimate program's code with destructive code.
Polymorphic malware can change its characteristics every time it is transferred to a new system.
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? XaaS SaaS IaaS PaaS
SaaS
Office 365 is an example of an SaaS implementation with a subscription model. True False
True
Over a long-distance connection, using SSH keys is more secure than using passwords. True False
True
What term is used to describe a space that is rented at a data center facility by a service provider? a. central service point (CSP) b. service location (SL) c. point of presence (PoP) d. locally exchanged data point (ledp)
pop
Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct in order to make recommendations for the upgrade priorities? Data breach Security audit Exploitation Posture assessment
posture assessment
What document addresses the specific concerns related to special access given to administrators and certain support staff? privileged user agreement password policy non-disclosure agreement acceptable use policy
privileged user agreement
When using IPv6, what would a /64 network likely be assigned to? a. A very large organization. b. A large Internet service provider. c. A smaller organization or business. d. A regional Internet registry.
A smaller organization or business
Why is the telnet utility a poor choice for remote access to a device? a. It provides poor authentication and no encryption. b. It provides no mechanism for authentication. c. It does not allow for control of a computer remotely. d. It cannot be used over a public WAN connection.
It provides poor authentication and no encryption.
By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM? a. NAT mode b. host-only mode c. lockdown mode d. bridged mode
NAT mode
Which remote access protocol is used over an Ethernet network? PPPoE RAS PPP SLIP
PPPoE
What is NOT a potential disadvantage of utilizing virtualization? a. Increased complexity and administrative burden can result from the use of virtual machines. b. Multiple virtual machines contending for finite resources can compromise performance. c. Virtualization software increases the complexity of backups, making creation of usable backups difficult. d. Licensing costs can be high due to every instance of commercial software requiring a separate license.
Virtualization software increases the complexity of backups, making creation of usable backups difficult.
What type of door access control is a physical or electronic lock that requires a code in order to open the door? a. key fob lock b. cipher lock c. biometric lock d. encrypted lock
cipher lock
Amazon and Rackspace both utilize what virtualization software below to create their cloud environments? a. Oracle VirtualBox b. Parallels c. Citrix Xen d. VMware vSphere
citrix gen
What type of an attack forces clients off a wireless network, creating a form of Wi-Fi DoS? channel hopping attack deauthentication attack man-in-the-middle attack ARP poisoning attack
deauthentication attack
If someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking place? a. phishing b. tailgating c. quid pro quo d. baiting
quid pro quo
What command will set the native VLAN on a Juniper switch port? a. switchport set native vlan b. config native vlan c. switchport trunk native vlan d. set native-vlan-id
set native-vlan-id
On a Linux based system, what command can you use to create a hash of a file using SHA-256? a. sha1sum b. md5sum c. sha256sum d. shasum -a 256
sha256sum
What virtual, logically defined device operates at the Data Link layer to pass frames between nodes? Virtual firewall Virtual switch Virtual router Virtual load balancer
virtual network switch
On a Cisco switch, what would the security association identifier be for VLAN 13? 1013 5013 100013 1000130
100013
What statement regarding denial-of-service (DoS) attacks is accurate? A denial-of-service attack occurs when a MAC address is impersonated on the network. A denial-of-service attack prevents legitimate users from accessing normal network resources. A denial-of-service attack is generally a result of a disgruntled employee. A denial-of-service attack is no longer a major concern due to the increased throughput available on most networks.
A denial-of-service attack prevents legitimate users from accessing normal network resources.
What statement regarding the different versions of the SHA hashing algorithm is accurate? a. SHA-2 only supports a 256-bit hash. b. SHA-1 supports a 128-bit hash function. c. SHA-0 is the most secure version of SHA. d. SHA-2 and SHA-3 both support the same hash lengths.
SHA-2 and SHA-3 both support the same hash lengths.
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers? . XaaS b. IaaS c. PaaS d. SaaS
Iaas
A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model? Layer 2 Layer 1 Layer 4 Layer 7
Layer 2
With which network connection type does the VM obtain IP addressing information from its host? Bridged mode Managed mode NAT mode Host-only mode
NAT mode
At what layer of the OSI model does the IPsec encryption protocol operate? a. Application layer b. Physical layer c. Transport layer d. Network layer
Network Layer
What do well-chosen subnets accomplish? IP address spaces overlap for easier management. Network documentation is easier to manage. Routing efficiency is decreased by ensuring IP address spaces are not mathematically related. Problems affect the entire network, making them more difficult to pin down.
Network documentation is easier to manage.
In the typical social engineering attack cycle, what occurs at Phase 3? a. The attacker executes an exit strategy in such a way that does not leave evidence or raise suspicion. b. The attacker researches the desired target for clues as to vulnerabilities. c. The attacker builds trust with the target and attempts to gain more information. d. The attacker exploits an action undertaken by the victim in order to gain access.
The attacker exploits an action undertaken by the victim in order to gain access.
In a red team-blue team exercise, what is the purpose of the blue team? The blue team is charged with the defense of the network. The blue team must observe the actions of the red team. The blue team consists of regulators that ensure no illegal activity is undertaken. The blue team is tasked with attacking the network.
The blue team is charged with the defense of the network.
Network segmentation at Layer 2 of the OSI model is accomplished using VLANs. True False
True
A community cloud is a service shared between multiple organizations, but not available publicly. True False
True
A drop ceiling could be used by an intruder to gain access to a secured room. True False
True
How large is the 802.1Q tag that is added to an Ethernet frame when using VLANs? 20 bytes 8 bytes 4 bytes 12 bytes
4 bytes
How often should you require users to change their passwords? Selected Answer: a. every 30 days b. every 90 days c. every 60 days d. every 120 days
60 days
What is the maximum number of host IP addresses that can exist in a Class B network? a. 32,766 b. 65,534 c. 8190 d. 1022
65,534
How many subnets can a /48 site prefix support? a. 16384 subnets b. 131,072 subnets c. 65,536 subnets d. 256 subnets
65,536
What is the least number of bits you would need to borrow from the network portion of a Class B subnet mask to get at least 130 hosts per subnet? 8 n/a 9 10
8
Which statement regarding the IKEv2 tunneling protocol is accurate? IKEv2 offers fast throughput and good stability when moving between wireless hotspots. IKEv2 is an older, Layer 2 protocol developed by Microsoft that encapsulates VPN data frames. IKEv2 is an open-source VPN protocol that utilizes OpenSSL for encryption. IKEv2 is based on technology developed by Cisco and standardized by the IETF.
IKEv2 offers fast throughput and good stability when moving between wireless hotspots.
When an 802.1Q tag is added to an Ethernet frame, where is it placed? a. It is inserted between the destination and the source addresses. b. It is inserted between the preamble and the destination address. c. It is inserted between the source address and the Ethernet type field. d. It is appended to the end of the frame.
It is inserted between the source address and the Ethernet type field.
What does the VLAN Trunk Protocol (VTP) do? a. It shares VLAN database information amongst switches that participate. b. It shares trunking information amongst switches that participate. c. It is the protocol used by a trunk port for establishing a trunk with another switch. d. It is the protocol that defines how VLAN tagging is accomplished in an Ethernet network.
It shares VLAN database information amongst switches that participate.
What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked? a. Generic Routing Encapsulation (GRE) b. Layer 2 Tunneling Protocol (L2TP) c. OpenVPN d. Point-to-Point Tunneling Protocol (PPTP)
OpenVPN
Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate? a. PPP can utilize an authentication protocol, such as MS-CHAPv2 or EAP to authenticate a client. b. PPP can negotiate and establish a connection between two endpoints. c. PPP can support several Network layer protocols, such as IP, that might use the connection. d. PPP can support strong encryption, such as AH or ESP.
PPP can support strong encryption, such as AH or ESP.
Which of the following terms is commonly used to describe a VLAN configuration in which one router connects to a switch that supports multiple VLANs? router overloading router-on-a-branch branched router router-on-a-stick
Router on a stick
Which remote file access protocol is an extension of SSH? SFTP TFTP FTPS HTTPS
SFTP
Which of the following statements regarding IPv6 subnetting is NOT accurate? a. A single IPv6 subnet is capable of supplying 18,446,744,073,709,551,616 IPv6 addresses. b. The largest IPv6 subnet capable of being created is a /64. c. IPv6 does not use subnet masks. d. IPv6 addressing uses no classes, and is therefore classless.
The largest IPv6 subnet capable of being created is a /64.
Which of the following is not a good reason to segment a network? To limit access to broadcast domains To reduce the demand on bandwidth To increase the number of networking devices on a network To narrow down the location of problems on a network
To increase the number of networking devices on a network
Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both potential symptoms of a viral infection. True or False
True
The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol. True False
True
The day after Patch Tuesday is informally dubbed Exploit Wednesday. True False
True
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites? VPN transport VPN server VPN proxy VPN gateway
VPN gateway
When is it appropriate to utilize the NAT network connection type? a. Whenever the VM does not need to be access at a known address by other network nodes. b. Only if the VM is intended for VM-to-host communications. c. Only when the VM requires an IP address on the physical LAN. d. Only if the VM does not need to communicate with the host PC.
Whenever the VM does not need to be access at a known address by other network nodes.
Which of the following scenarios would necessitate the use of a non-disclosure agreement? a. Your company wishes to educate users on the proper use of the network. b. Your company would like to allow employees to bring their own devices. c. Your company needs to prevent a new contractor from sharing information with a potential competitor. d. Your company needs to impose password restrictions on new users in the network.
Your company needs to prevent a new contractor from sharing information with a potential competitor.
Where would restrictions regarding what users can and cannot do while accessing a network's resources be found? a. acceptable use policy document b. non-disclosure agreement document c. license restrictions document d. terms of service document
acceptable use policy document
An interface that manages traffic from multiple VLANs is known by what term? a. aggregation port b. egress port c. trunk port d. access port
aggregation
A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this? a. phishing b. baiting c. quid pro quo d. tailgating
d. tailgating
Utilized by China's so-called "Great Firewall", what type of attack can prevent user access to web pages, or even redirect them to illegitimate web pages? a. denial-of-service attack b. MAC address spoofing c. DNS poisoning d. rogue DHCP server
denial of service
What service in Windows Server 2016 authenticates remote users and computers to the Windows domain and its corporate network resources? Active Directory Group Policy DirectAccess RAS (Remote Access Service)
direct access
Which type of DoS attack involves an attack that is bounced off uninfected computers before being directed at the target? distributed denial-of-service attack permanent denial-of-service attack distributed reflection denial-of-service attack cached denial-of-service attack
distributed reflection denial-of-service attack
What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels? a. Dynamic Multipoint VPN b. Symmetric VPN Autodial c. Dynamic SmartVPN d. Auto Switched VPN Service
dynamic multipoint vpn
A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor. True False
false
After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel. True False
false
Only Class B and Class C networks can be subnetted. True False
false
The original version of the Secure Hash Algorithm was developed by MIT. True False
false
It is ideal to use the same password for multiple different applications, provided the password is complex enough. True False
fasle
Which hexadecimal block in an IPv6 address is used for the Subnet ID? The first one The third one The fourth one The eighth one
fourth one
A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers in order to collect information from people who make the same typo. What kind of attack is this? Phishing Baiting Quid pro quo Tailgating
phishing
On certain Cisco products, what command can be used to create and send helper messages that support several types of UDP traffic, including DHCP, TFTP, DNS, and TACACS+? ip new helper ip helper-address ip create helper server set ip helper address
ip helper-address
A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what type of malware? a. encrypted virus b. worm c. boot sector virus d. logic bomb
logic bomb
Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this? Ransomware Logic bomb Virus Worm
logic bomb
An attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack? a. man-in-the-middle attack b. session hijacking attack c. buffer overflow d. banner-grabbing attack
man in the middle
VMware's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software? a. software defined network software b. virtual device management software c. mobile device management software d. cloud network management software
mobile device management software
Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers? a. Nessus b. Nmap c. L0phtcrack d. Metasploit
nessus
Which cloud computing services model gives software developers access to multiple operating systems for testing? IaaS PaaS SaaS XaaS
paas
What kind of attack simulation detects vulnerabilities and attempts to exploit them? Selected Answer: Incorrect Red team-blue team exercise Vulnerability scanning Security audit Penetration testing
penetrating testing
You are working on a Cisco switch and need to learn what VLANs exist on the switch. Which command will list the current VLANs recognized by the switch? a. list switch-vlans b. show vlan c. show vlandb d. get vlans
show vlan
What statement regarding the SSH (Secure Shell) collection of protocols is accurate? a. SSH does not protect against DNS spoofing. b. SSH provides a graphical view of the remote computer. c. SSH supports port forwarding. d. SSH does not protect against IP spoofing.
ssh supports port forwarding
In order to generate a public and private key for use with SSH, what command line utility should you use? key-generate gpg --ssh ssh-keygen ssh-newkey
ssh-keygen
When dealing with a Cisco switch, what is NOT one of the pre-established VLANs? a. VLAN 1 b. VLAN 1001 c. VLAN 1003 d. VLAN 1005
vlan 1001