Lan security concepts Chapter 10
Which devices are specifically designed for network security? (Choose three)
Vpn-enabled router NGFW NAC
What three services are provided by the AAA framework? (Choose three.)
accounting authorization authentication
A threat actor changes the MAC address of the threat actor's device to the MAC address of the default gateway. What type of attack is this?
address spoofing
Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this?
authorization
What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow?
enable port security
Which Cisco solution helps prevent MAC and IP address spoofing attacks?
ip source guard
Why is authentication with AAA preferred over a local database method?
it provides a fallback authentication method if the administator forgets the username or password
When security is a concern, which OSI Layer is considered to be the weakest link in a network system?
layer 2
In a server-based AAA implementation, which protocol will allow the router to successfully communicate with the AAA server?
radius
Which attack encrypts the data on hosts in an attempt to extract a monetary payment from the victim?
ransomware
A threat actor configures a host with the 802.1Q protocol and forms a trunk with the connected switch. What type of attack is this?
VLAN hopping
Which of the following mitigation techniques are used to protect Layer 3 through Layer 7 of the OSI Model? (Choose three.)
Vpn Firewalls IPS devices
Which device monitors HTTP traffic to block access to risky sites and encrypt outgoing messages?
WSA
A threat actor sends a message that causes all other devices to believe the MAC address of the threat actor's device is the default gateway. What type of attack is this?
ARP spoofing
Which AAA component is responsible for controlling who is permitted to access the network?
Authenication
In an 802.1X implementation, which device is responsible for relaying responses?
Authenticator
Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack?
CDP
A threat actor discovers the IOS version and IP addresses of the local switch. What type of attack is this?
CDP reconnaissance
Which device monitors SMTP traffic to block threats and encrypt outgoing messages to prevent data loss?
ESA
Which of the following mitigation techniques prevents MAC and IP address spoofing?
IPSG
Which Layer 2 attack will result in a switch flooding incoming frames to all ports?
Mac address flooding
Which three Cisco products focus on endpoint security solutions? (Choose three.)
NAC appliance email security appliance web securtiy appliance
Which of the following mitigation techniques prevents many types of attacks including MAC address table overflow and DHCP starvation attacks?
Port Security
What mitigation technique must be implemented to prevent MAC address overflow attacks?
Port security
What two protocols are supported on Cisco devices for AAA communications? (Choose two.)
Radius TACACS+
What is involved in an IP address spoofing attack?
a legitimate network ip address is hacked by a rouge node
Which AAA component is responsible for collecting and reporting usage data for auditing and billing purposes?
accounting
A threat actor sends a BPDU message with priority 0. What type of attack is this?
Stp attack
What would be the primary reason a threat actor would launch a MAC address overflow attack?
so that the threat actor can see frames that are destined for other devices
What is the behavior of a switch as a result of a successful MAC address table attack?
the switch will forward all received frames to all other ports within the vlan
What is the purpose of AAA accounting?
to collect and report application usage
True or False?In the 802.1X standard, the client attempting to access the network is referred to as the supplicant.
true
Which AAA component is responsible for determining what the user can access?
Authorization
Which of the following mitigation techniques prevents ARP spoofing and ARP poisoning attacks?
DAI
Which of the following mitigation techniques prevents DHCP starvation and DHCP spoofing attacks?
DHCP snooping
A threat actor leases all the available IP addresses on a subnet. What type of attack is this?
DHCP starvation
Which Layer 2 attack will result in legitimate users not getting valid IP addresses?
DHCP starvation
