Modules 10-13
Which of the following encryption methods uses CCMP to recognize if the encrypted and non-encrypted bits have been altered?
AES AES uses the Counter Cipher Mode with Block Chaining Message Authentication Code Protocol (CCMP) that allows destination hosts to recognize if the encrypted and non-encrypted bits have been altered.
In an 802.1X implementation, which device is responsible for relaying responses?
Authenticator. In 802.1X, the authenticator, which is typically a switch or wireless access point, is responsible for relaying messages between the supplicant (client) and authentication server.
Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this?
Authorization. One of the components in AAA is authorization. After a user is authenticated through AAA, authorization services determine which resources the user can access and which operations the user is allowed to perform.
What UDP ports and IP protocols are used by CAPWAP for IPv4? (Choose three.)
CAPWAP for IPv4 uses IP protocol 17 in the frame header and UDP ports 5246 and 5247.
What UDP ports and IP protocols are used by CAPWAP for IPv6? (Choose three.)
CAPWAP for IPv6 uses IP protocol 136 in the frame header and UDP ports 5246 and 5247.
Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack?
CDP (Cisco Discovery Protocol)
A threat actor discovers the IOS version and IP addresses of the local switch. What type of attack is this?
CDP reconnaissance
A network administrator is configuring DAI on a switch with the command ip arp inspection validate dst-mac. What is the purpose of this configuration command?
Checks the destination MAC address in the Ethernet header against the target MAC address in the ARP body.
Which of the following mitigation techniques prevents ARP spoofing and ARP poisoning attacks?
DAI (Dynamic ARP Inspection)
Which of the following mitigation techniques prevents DHCP starvation and DHCP spoofing attacks?
DHCP snooping
Which of the following modulation techniques spreads a signal over a larger frequency band?
Direct-Sequence Spread Spectrum (DSSS) is a modulation technique designed to spread a signal over a larger frequency band.
Which device monitors SMTP traffic to block threats and encrypt outgoing messages to prevent data loss?
ESA (Email Security Appliance)
True or False: DTLS is enabled by default on the control and data CAPWAP tunnels.
False DTLS must be configured on the CAPWAP data tunnels, but is enabled by default on the CAPWAP control tunnel.
True or False: A rogue AP is a misconfigured AP connected to the network and a possible source of DoS attacks.
False: A rogue AP is an AP or wireless router that has been connected to a corporate network without explicit authorization and against corporate policy.
Which of the following modulation techniques rapidly switches a signal among frequency channels?
Frequency-Hopping Spread Spectrum (FHSS) transmits radio signals by rapidly switching a carrier signal among many frequency channels.
Which of the following mitigation techniques prevents MAC and IP address spoofing?
IPSG (IP Source Guard) IPSG prevents MAC and IP address spoofing.
What is the term for an AP that does not send a beacon, but waits for clients to send probes?
In active mode, wireless clients initiate the process by broadcasting a probe request frame with the SSID on multiple channels. APs configured with the SSID will send a probe response that includes the SSID, supported standards, and security settings.
What is the term for an AP that openly advertises its service periodically?
In passive mode, the AP openly advertises its service by periodically sending broadcast beacon frames containing the SSID, supported standards, and security settings.
Which of the following authentication methods does not use a password shared between the wireless client and the AP?
Open
What mitigation technique must be implemented to prevent MAC address overflow attacks?
Port security
In a server-based AAA implementation, which protocol will allow the router to successfully communicate with the AAA server?
RADIUS (Remote Authentication Dial-In User) With a server-based method, the router accesses a central AAA server using either the Remote Authentication Dial-In User (RADIUS) or Terminal Access Controller Access Control System (TACACS+) protocol. SSH is a protocol used for remote login. 802.1x is a protocol used in port-based authentication. TACACS is a legacy protocol and is no longer used.
Which encryption method is used by the original 802.11 specification?
RC4
Which of the following is most likely NOT the source of a wireless DoS attack?
Rogue AP Improperly configured devices, malicious users, and accidental interference are likely sources for a wireless DoS attack.
Which standards organization is responsible for allocating radio frequencies?
The ITU-R standards organization is responsible for allocating radio frequencies.
Which of the following modulation techniques is used in the new 802.11ax standard?
The new 802.11ax uses a variation of OFDM called Orthogonal frequency-division multiaccess (OFDMA).
What is the behavior of a switch as a result of a successful MAC address table attack?
The switch will forward all received frames to all other ports within the VLAN
How many channels are available for the 2.4 GHz band in Europe?
There are 13 channels in the 2.4 GHz band in Europe (11 channels in North America and 14 bands in Japan).
How many channels are available for the 5 GHz band?
There are 24 channels in the 5 GHz band.
True or False: An ESS is created when two or more BSSs need to be joined to support roaming clients.
True
A threat actor configures a host with the 802.1Q protocol and forms a trunk with the connected switch. What type of attack is this?
VLAN hopping A threat actor can effectively hop VLANs if the threat actor's device belongs to the native VLAN and trunks with the switch.
Which device monitors HTTP traffic to block access to risky sites and encrypt outgoing messages?
WSA (Web Security Appliance)
How many address fields are in the 802.11 wireless frame?
When two or more BSSs need to support roaming clients, they can be joined together to create an ESS. Basic Service Set (BSS) Extended Service Set (ESS)
How many address fields are in the 802.11 wireless frame?
4
What is involved in an IP address spoofing attack?
A legitimate network IP address is hijacked by a rogue node.
A network administrator is configuring DAI on a switch. Which command should be used on the uplink interface that connects to a router?
ip arp inspection trust In general, a router serves as the default gateway for the LAN or VLAN on the switch. Therefore, the uplink interface that connects to a router should be a trusted port for forwarding ARP requests.
Which devices are specifically designed for network security? (Choose three)
1. (VPN) enabled router, 2. A next-generation firewall (NGFW) 3. A network access control (NAC)
Which 802.11 standards exclusively use the 5 GHz radio frequency? (Choose 2)
1. 802.11a 2. 802.11ac
In the split MAC architecture for CAPWAP, which of the following are the responsibility of the WLC? (Choose four.)
1. Authentication 2. Association and re-association of roaming clients 3. Termination of 802.11 traffic on a wired interface 4. Frame translation to other protocols
What are the best ways to secure WLANs?
1. Authentication 2. Encryption
Which of the following statements are true about modes of operation for a FlexConnect AP? (Choose two.)
1. In standalone mode, the WLC is unreachable and the AP switches local traffic and performs client authentication locally. 2. In connect mode, the WLC is reachable and performs all its CAPWAP functions.
In the split MAC architecture for CAPWAP, which of the following are the responsibility of the AP? (Choose four.)
1. Packet acknowledgments and retransmissions 2. Beacons and probe responses 3. MAC layer data encryption and decryption 4. Frame queueing and packet prioritization
Which of the following mitigation techniques are used to protect Layer 3 through Layer 7 of the OSI Model? (Choose three.)
1. VPN 2. Firewall 3. IPS devices
Which of the following authentication methods has the user enter a pre-shared password? (Choose two)
1. WPA Personal 2. WPA2 Personal
Why is authentication with AAA preferred over a local database method?
It provides a fallback authentication method if the administrator forgets the username or password. The local database method of authentication does not provide a fallback authentication method if an administrator forgets the username or password. Password recovery will be the only option. When authentication with AAA is used, a fallback method can be configured to allow an administrator to use one of many possible backup authentication methods.
On what switch ports should PortFast be enabled to enhance STP stability?
all end-user ports PortFast will immediately bring an interface configured as an access or trunk port to the forwarding state from a blocking state, bypassing the listening and learning states. If configured on a trunk link, immediately transitioning to the forwarding state could lead to the formation of Layer 2 loops.