Neti 104 M7
How many digits are used in a security PIN? Choose all that apply] 4 8 2 6
4 6
You have configured a new DHCP server and connected it to the network. There is connectivity to the server, but the clients in the network are unable to obtain IP addresses from the server. Which of the following enabled feature on the switch can cause this issue? Port-security IPv6 RA Guard DHCP Snooping Dynamic ARP Inspection
DHCP Snooping
Which of the following versions of SNMP are considered unsecure? [Choose all that apply] SNMPv4 SNMPv1 SNMPv3 SNMPv2c
SNMPv1 and SNMPv2c
Active Directory and 389 Directory Server are both compatible with which directory access protocol? a. AD DS b. LDAP c. RADIUS d. Kerberos
b. LDAP
Where in a network segment will the DMZ be located? On the internal network On an external network Between the internal and external network On a different segment of the internal network
Between the internal and external network
What does the acronym CIA stand for in relation to network security? [Choose all that apply] Availability Authorization Integrity Confidentiality Integration Clarification
Integrity Confidentiality Availability
Which of the following is NOT considered a prevention method? Mantrap Employee training Motion detection Locking racks
Motion detection
You have empty ports on your switches, that is, no connected hosts. Which of the following are best practices to ensure that the empty ports are secure? Keep the ports up and running but move it to a new VLAN that is not used for production Leave the ports in VLAN1 but disable them Move the ports from the default VLAN to a new, unused VLAN and then disable them Keep the ports up and running in default VLAN (VLAN 1)
Move the ports from the default VLAN to a new, unused VLAN and then disable them
Which principle ensures auditing processes are managed by someone other than the employees whose activities are being audited? a. Principle of least privilege b. Shared responsibility model c. Separation of duties d. Defense in depth
Separation of duties
Which employee training method uses a Learning Management System (LMS)? Demonstrations Training Videos Classroom Training Awareness Events
Training Videos
You have a complex network environment and have issues related to the routing of network traffic between hosts. Which of the following command will you use to troubleshoot this issue and verify how the packets are routed? show arp netstat -a route print traceroute ping
traceroute
You have a complex network environment and have issues related to the routing of network traffic between hosts. Which of the following command will you use to troubleshoot this issue and verify how the packets are routed? traceroute ping route print show arp netstat -a
traceroute
Which threat actor will have prior knowledge of the network layout to perform a malicious attack? Receptionist Sales executive Disgruntled network administrator Penetration tester A family member of an employee
Disgruntled network administrator
Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address? a. access-list acl_2 deny tcp any any b. access-list acl_2 permit https any any c. access-list acl_2 deny tcp host 2.2.2.2 host 3.3.3.3 eq www d. access-list acl_2 permit icmp any any
b. access-list acl_2 permit https any any
Which of the following is not one of the AAA services provided by RADIUS and TACACS+? a. Authorization b. Accounting c. Administration d. Authentication
c. Administration
Which of the following can be used for multi-factor authentication? [Choose all that apply] Server room key Employee contract Smart Card Username and Password Manager's contact details
Smart Card Username and Password
You have configured a new web server in your network, which will be used only from the local network. You published the website on TCP port 8443 but are unable to access the website on that port from a client device. You are able to ping the server IP address and also have access to the server using a Remote Desktop Connection. What could be the cause of this issue? There is no static route pointing to the server on the router Server is placed in the wrong VLAN Windows firewall is enabled, and port 8443 is not allowing traffic NAT is not configured correctly Microsoft Edge browser is configured incorrectly on the client device
Windows firewall is enabled, and port 8443 is not allowing traffic
Which type of camera records the entry and exit of each individual through the door? Fixed IP-based CCTV Pan-Tilt-Zoom (PTZ)
Fixed
You have implemented your network with new managed switches. A user is experiencing periodical interruptions on the network. While pinging the main server, you notice that there is periodical packet loss. What could cause this problem? Routing loop Problem with Internet access Broadcast storm Collisions Asymmetric routing
Broadcast storm
Motion detection sensors can perform all tasks except: Light up the area Send notification to security control room systems Send an SMS to someone Call a user Record video Raise an alarm
Call a user
You have implemented your network with new managed switches. A user is experiencing periodical interruptions on the network. While pinging the main server, you notice that there is periodical packet loss. What could cause this problem? Asymmetric routing Problem with Internet access Broadcast storm Collisions Routing loop
Broadcast storm
Which device would allow an attacker to make network clients use an illegitimate default gateway? a. RA guard b. DHCP server c. Network-based firewall d. Proxy server
b. DHCP server
At what layer of the OSI model do proxy servers operate? a. Layer 3 b. Layer 4 c. Layer 7 d. Layer 2
c. Layer 7
What information in a transmitted message might an IDS use to identify network threats? a. Port mirroring b. FIM c. Signature d. ACL
c. Signature
Which policy ensures messages are discarded when they don't match a specific firewall rule? a. Explicit allow b. Implicit deny c. Implicit allow d. Explicit deny
b. Implicit deny
You work in an organization as a network administrator. One of your new clients owns a hotel and has asked you to provide a single Internet connection for every room, but also ensure that the users are not visible to each other. Which technology on the switch will you use to meet the requirements stated in the scenario? Create a separate VLAN for every room Use Promiscuous ports Create one VLAN and connect all rooms to that VLAN Create Private VLANs
Create Private VLANs
What is the purpose of Role-based Access Control (RABC)? Users only have access to specific resources according to their job role Users can access resources only at a specific time Users can only access specific devices Users can only access their local device
Users only have access to specific resources according to their job role
You have configured a new web server in your network, which will be used only from the local network. You published the website on TCP port 8443 but are unable to access the website on that port from a client device. You are able to ping the server IP address and also have access to the server using a Remote Desktop Connection. What could be the cause of this issue? There is no static route pointing to the server on the router Windows firewall is enabled, and port 8443 is not allowing traffic NAT is not configured correctly Server is placed in the wrong VLAN Microsoft Edge browser is configured incorrectly on the client device
Windows firewall is enabled, and port 8443 is not allowing traffic
You have two users who work on the same floor and belong to the same department. The organization has strict rules implemented for printer access. One of the users is unable to access the printer but has access to the Internet. What should you check on your switch? VLAN assignment Access lists LAN interface status MAC address table
VLAN assignment
You have two users who work on the same floor and belong to the same department. The organization has strict rules implemented for printer access. One of the users is unable to access the printer but has access to the Internet. What should you check on your switch? Access lists VLAN assignment LAN interface status MAC address table
VLAN assignment
You work as a network administrator in an organization. The company has three locations. A user is unable to access a shared folder located on a desktop in another location. You try to ping the IP address of the desktop, but it fails. You are unable to ping any IP address from that subnet. What is the next step you should perform on your router? Verify the WAN interface status Verify the LAN interface status Check the IP routing table Check the MAC address table Check the ARP cache
Check the IP routing table
You work as a network administrator in an organization. The company has three locations. A user is unable to access a shared folder located on a desktop in another location. You try to ping the IP address of the desktop, but it fails. You are unable to ping any IP address from that subnet. What is the next step you should perform on your router? Verify the WAN interface status Verify the LAN interface status Check the MAC address table Check the ARP cache Check the IP routing table
Check the IP routing table
Who is responsible for the security of hardware on which a public cloud runs? a. It depends b. The cloud customer c. Both the cloud customer and the cloud provider d. The cloud provider
d. The cloud provider
You need to create an access list on your router to filter specific IP addresses and ports. You created entries with permit statements and deny statements. But you forget to add one specific deny statement to filter traffic from host A. How will this traffic be treated? Host A traffic will be permitted because, at the end of every access list, there is an implicit permit statement Host A traffic will be denied because, at the end of every access list, there is an implicit deny statement Host A traffic will be permitted because, at the end of every access list, there is an explicit permit statement Host A traffic will not be processed by this access list at all, so if nothing else is denying it, it will be permitted
Host A traffic will be denied because, at the end of every access list, there is an implicit deny statement
