Network Auth & Security Chapter 1
Which statement describes phone freaking? Question options: A hacker uses password-cracking programs to gain access to a computer via a dialup account. A hacker gains unauthorized access to networks via wireless access points. A hacker mimics a tone using a whistle to make free long-distance calls on an analog telephone network. A hacker uses a program that automatically scans telephone numbers within a local area, dialing each one in search of computers, bulletin board systems, and fax machines. You must be 21 years or older to answer this question
A hacker mimics a tone using a whistle to make free long-distance calls on an analog telephone network.
Users report to the helpdesk that icons usually seen on the menu bar are randomly appearing on their computer screens. What could be a reason that computers are displaying these random graphics? An access attack has occurred. A virus has infected the computers. A DoS attack has been launched against the network. The computers are subject to a reconnaissance attack. The user purchased an over the counter virus control product
A virus has infected the computers.
What is a significant characteristic of virus malware? Question options: A virus is triggered by an event on the host system. Once installed on a host system, a virus will automatically propagate itself to other systems. A virus can execute independently of the host system. Virus malware is only distributed over the Internet. Malware does not really exist
A virus is triggered by an event on the host system.
Which two statements are characteristics of a virus? (Choose two.) Question options: A virus typically requires end-user activation. A virus has an enabling vulnerability, a propagation mechanism, and a payload. A virus replicates itself by independently exploiting vulnerabilities in networks. A virus provides the attacker with sensitive data, such as passwords. A virus can be dormant and then activate at a specific time or date.
A virus typically requires end-user activation. A virus can be dormant and then activate at a specific time or date.
What is the meaning of the principle of minimum trust when used to design network security? Question options: All network and internetwork data communications should be encrypted. Accounts should be disabled after a specific number of unsuccessful logins. Devices in networks should not access and use one another unnecessarily and unconditionally. Encrypted and one-time passwords should be used at all times. Network access should be controlled by multifactor authentication.
Devices in networks should not access and use one another unnecessarily and unconditionally.
Antivirus software can prevent viruses from entering the network. Question options: True False
False
Which statement accurately characterizes the evolution of network security? Question options: Internal threats can cause even greater damage than external threats. Internet architects planned for network security from the beginning. Early Internet users often engaged in activities that would harm other users. Threats have become less sophisticated while the technical knowledge needed by an attacker has grown.
Internal threats can cause even greater damage than external threats.
Which two statements describe access attacks? (Choose two.) Question options: Port redirection attacks use a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN. Password attacks can be implemented using brute-force attack methods, Trojan Horses, or packet sniffers. Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or exploit systems to execute malicious code. Port scanning attacks scan a range of TCP or UDP port numbers on a host to detect listening services. Trust exploitation attacks can use a laptop acting as a rogue access point to capture and copy all network traffic in a public location on a wireless hotspot.
Password attacks can be implemented using brute-force attack methods, Trojan Horses, or packet sniffers. Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or exploit systems to execute malicious code.
Which Cisco network security tool is a cloud-based service that provides alerts to network professionals about current network attacks? IPS Snort IDS Security Intelligence Operations zone-based policy firewall
Security Intelligence Operations
Which three options describe the phases of worm mitigation? (Choose three.) Question options: The containment phase requires the use of incoming and outgoing ACLs on routers and firewalls. The containment phase tracks down and identifies the infected machines within the contained areas. The inoculation phase disconnects, blocks, or removes infected machines. The inoculation phase patches uninfected systems with the appropriate vendor patch for the vulnerability. The quarantine phase terminates the worm process, removes modified files or system settings, and patches the vulnerability the worm used to exploit the system. The treatment phase disinfects actively infected systems.
The containment phase requires the use of incoming and outgoing ACLs on routers and firewalls. The inoculation phase disconnects, blocks, or removes infected machines. The treatment phase disinfects actively infected systems.
Which two are characteristics of DoS attacks? (Choose two.) Question options: They always precede access attacks. They attempt to compromise the availability of a network, host, or application. They are difficult to conduct and are initiated only by very skilled attackers. They are commonly launched with a tool called L0phtCrack. Examples include smurf attacks and ping of death attacks.
They attempt to compromise the availability of a network, host, or application. Examples include smurf attacks and ping of death attacks.
Which two network security solutions can be used to mitigate DoS attacks? (Choose two.) Question options: virus scanning data encryption anti-spoofing technologies intrusion protection systems applying user authentication
anti-spoofing technologies intrusion protection systems
What is the primary means for mitigating virus and Trojan horse attacks? Question options: antivirus software encryption antisniffer software blocking ICMP echo and echo-replies Helen of Troy anti-Trojan software package
antivirus software
How does a DoS attack take advantage of the stateful condition of target systems? by executing code that corrupts or deletes system files by continuously sending packets of unexpected size or unexpected data by using a dictionary of passwords to attempt to access the system by intercepting and analyzing or manipulating data as it is sent across the network by using IP spoofing attacks through mobile devices by using a reverse packet sniffer attack
by continuously sending packets of unexpected size or unexpected data
Which security measure is typically found both inside and outside a data center facility? Question options: a gate exit sensors security traps biometrics access continuous video surveillance
continuous video surveillance
The Cisco Network Foundation Protection framework has three functional areas. The ________ plane of a router is responsible for routing packets correctly.
data
What functional area of the Cisco Network Foundation Protection framework uses protocols such as Telnet and SSH to manage network devices? Question options: data plane management plane control plane forwarding plane secure data plane
management plane
What is considered a valid method of securing the control plane in the Cisco NFP framework? Question options: authorization of actions DHCP snooping dynamic ARP inspection login and password policy routing protocol authentication role-based access control
routing protocol authentication
What is hyperjacking? Question options: taking over a virtual machine hypervisor as part of a data center attack overclocking the mesh network which connects the data center servers adding outdated security software to a virtual machine to gain access to a data center server using processors from multiple computers to increase data processing power
taking over a virtual machine hypervisor as part of a data center attack
What are two reasons for securing the data plane in the Cisco NFP framework? (Choose two.) Question options: to protect against DoS attacks to provide bandwidth control to force technicians to use SSH and HTTPS when managing devices to provide a record of who accessed the device, what occurred, and when it occurred to allow users to control the flow of traffic that is managed by the route processor of their network devices
to protect against DoS attacks to provide bandwidth control
What is a main purpose of launching an access attack on network systems? Question options: to prevent other users from accessing the system to gather information about the network to scan for accessible networks to retrieve data to give access to legitimate users
to retrieve data
What are two purposes of launching a reconnaissance attack on a network? (Choose two.) Question options: to retrieve and modify data to scan for accessibility to escalate access privileges to gather information about the network and devices to prevent other users from accessing the system propagation mechanism
to scan for accessibility to gather information about the network and devices
Which type of security threat can be described as software that attaches to another program to execute a specific unwanted function? Question options: virus worm proxy Trojan Horse Denial of Service Trojan Horse
virus
What type of malware has the primary objective of spreading across the network? Question options: worm virus Trojan horse botnet shape shifter
worm
