Network+ Exam 3
HealthCity Nursing Home is a newly opened hospital with many employees, doctors, nurses, and support staff. The upper management of the hospital wants to draft a security policy that outlines the guidelines, rules, restrictions, and consequences of violations, all of which help minimize the risk involved in allowing restricted access to some users. The doctors who have access to protected patient information must be informed what they can and can't do with that patient data and what special precautions they must take to protect patients' privacy. Certain checks and balances must also be maintained and defined in the policy measures in detail. Which of the following security policies should be used in this scenario?
A PUA (privileged user agreement)
Chelsea is a hacker who befriends Adele McCain over lunch at the cafeteria. Adele is the senior associate of Spandangle Ltd., a private law firm based in Alabama. Chelsea manages to successfully guess Adele's password to a sensitive database in the law firm. What kind of password attack did she use?
A brute-force attack
Darwin has purchased a laptop for the purpose of running his stock brokerage activities from home. He has contracted Navin, a network engineer, to install a software specifically for his workstation so that the software can protect the network from certain traffic. Analyze which of the following firewalls is best applicable in this scenario.
A host based firewall
You are a network engineer at BHMS Ltd. The network administrator wants you to set up a security configuration for the router so that the router can accept or decline certain packets depending on their information. Which of the following will you use in such a scenario?
ACL
A routing protocol's reliability and priority are rated by what measurement?
AD
An organization hires you to handle the security policies of the organization. In order to protect the organization's network from data breaches and potential hacks, you decide to draft a policy that will require the employees of the organization to adhere to a certain set of rules while accessing the network's resources. To ensure that these rules are followed without fail, you decide to impose certain penalties for situations where violations may occur. Which of the following will help you achieve these standards?
AUP
Which of the following is not one of the AAA services provided by RADIUS and TACACS+?
Administration
Which of the following is not a technique used in a closed-loop response to an existing congestion?
Admission policy
Which of the following criteria can a packet-filtering firewall not use to determine whether to accept or deny traffic?
Application data
The HR manager of Veep Communications notices a lot of employees waste valuable time surfing social media websites. The HR manager requests you ( a network administrator) to prevent the employees' access to those websites. Which of the following firewalls will you use in this scenario?
Application layer firewall
Youhan has been placed as the security in charge of an organization. Which of the following should he use to monitor the movement and condition of equipment, inventory, and people?
Asset tags
Which log type is used to prove who did what and when?
Audit log
Identify which of the following terms defines the process of verifying a user's credentials.
Authentication
. Which routing protocol does an edge router use to collect data to build its routing tables for paths across the Internet?
BGP
Beevan works as a network analyzer for an ISP. The network manager has asked him to use a protocol for the routers that can scan beyond the home territory and can instruct a group of routers to prefer one route over other available routes. Analyze which of the following should be used in this scenario.
BGP
Which of the following devices scans an individual's unique physical characters such as iris color patterns to verify the person's identity?
Biometrics
Donald is a schoolteacher living in Atlanta. While conducting online classes, he experienced a momentary decrease in voltage. His computer shut down and when he switched it back on, he realized that he had lost some data. He called his friend Chadwick who is a network analyst to check out what the issue was. Chadwick found that there was a power flaw caused by an overtaxed electrical system. Such voltage decreases can cause computers or applications to fail and potentially corrupt data. What kind of power flaw caused this issue in Donald's house?
Brownout
James, a network engineer, has been contracted by a company to monitor network performance. In order to know and analyze any problem in a network, James will need to understand how the network functions in a normal state. Analyze which of the following will be of use to James in this scenario.
Checking the network's performance baseline
Which type of disaster recovery site contains all the equipment you would need to get up and running again after a disaster, and yet would require several weeks to implement?
Cold site
Which bandwidth management technique adjusts the way network devices respond to indications of network performance issues caused by traffic congestion throughout a network?
Congestion control
You, as a network administrator want to have a check on the ARP vulnerabilities in your organization so that you can present a switch against possible spoofing ARP spoofing attacks and MAC flooding. Which of the following will you use in this scenario?
DAI
Which device would allow an attacker to make network clients use an illegitimate default gateway?
DHCP server
. What specifications define the standards for cable broadband?
DOCSIS
. Which type of DoS attack orchestrates an attack bounced off uninfected computers?
DRDoS (Distributed Reflection DoS) attack
. What type of attack relies on spoofing?
Deauth attack
Game Zone is a well-known games park located in Manhattan that allows gamers to engage in multiplayer competitions. The competitions function smoothly on the opening day, but on the following days, there are multiple instances of the computers getting disconnected temporarily from the wireless network. These connections however function normally when they are reconnected. Which type of attack is this most likely to be?
Deauth attack
What field in an IPv4 packet is altered to prioritize video streaming traffic over web surfing traffic?
DiffServ
You have been hired as a systems analyst by an online food delivering service. Your job requires you to keep the network congestion free during peak hours and to ensure that important traffic can survive the congestion while less sensitive frames are discarded. Which of the following techniques will you use in such a scenario?
Discarding policy
A fraudulent financial deal has just taken place in the company where you are working as a network administrator. The data of the company will be collected in such a way that it can be presented in a court of law for the purpose of prosecution. Some of the forensic data available for analysis may be damaged or destroyed if improperly handled. You have been assigned the duty to safeguard sensitive information, logged data, and other legal evidence until the first responder or incident response team can take over the collection of evidence. To prevent contamination of evidence, you have made sure that each device involved is isolated-that is, the device is disconnected from the network and secured to ensure that no one else has contact with it until the response team arrives. What is the next step that you will take in the event of such an illegal activity?
Document the scene.
Fox Agro, a small business, faces network congestion and connection failures, which affect the network. As a result, the quality of performance of the unit gets adversely affected. You are appointed as a network administrator to determine the best solution to this problem. Which type of routing path will you use to solve this problem?
Dynamic route
Which of the following technologies selectively filters or blocks traffic between networks?
Firewall
A special kind of DoS attack has attacked an AAA server with authentication requests that must all be processed and responded to. Thee network administrator has analyzed the situation and requested you, a network engineer, to use a command by which you can reclaim compromised resources in case of a similar attack in the future. Which of the following commands will you use in this scenario?
Floodguard
You are working as an executive for a cable company. A client raises a request to set up a network that uses fiber-optic cabling to connect your company's distribution center to distribution hubs and then to optical nodes near its customers. From the following network options, which one would you recommend in the given scenario?
HFC
Which of the following stands in-line comments between the attacker and the targeted network or host where it can prevent traffic from reaching that network or host?
IPS
Which policy ensures messages are discarded when they don't match a specific firewall rule?
Implicit deny
HomeLand is an organization that rescues abandoned dogs. They set up a hotline for the general public to report any street dog that they spot anywhere in the city or any dog that they feel needs to be rescued. Within 12 hours of the hotline being activated, the network starts experiencing congestion, messages are corrupted or dropped, and connected devices start resending frames to make up for the loss. These kinds of problems are overwhelming the network as a whole. This generates even more traffic, making the congestion even worse. Analyze which of the following policies HomeLand should adopt to detect congestion on the network after experiencing several missed acknowledgment messages.
Implicit signaling
A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this?
Insider threat
You are hired as a network administrator to monitor an organization's network status on an ongoing basis and to make changes to best meet the needs of your network's users. One feedback that you have received from the network engineer of the firm is that one of the modems is repeatedly power cycling to reset network activity. Which of the following KPIs will help you in getting a better understanding of the situation?
Interface statistics
You are working as a network engineer for an ISP. You have successfully set up a home Internet connection for a client. The ISP requires the network engineers to provide a document with specifications and tests that the customer can run on their own to check various aspects of their connectivity. However, in the document that you provided you forgot to mention the functionality of speedtest.net in the document. So, the client calls you with a query about the use of speedtest.net. Which of the following will be your reply to the client in this scenario?
It is used for bandwidth speed tests.
You are working as a network engineer at IBV Solutions. The network administrator tells you to prepare a report of all the bad NICs that have been retransmitted, leading to a bad network. Which of the following will you use to state this in your report?
Jabbers
Active Directory and 389 Directory Server are both compatible with which directory access protocol?
LDAP
Which of these cellular technologies offers the fastest speeds?
LTE-A
. What is the lowest layer of the OSI model at which LANs and WANs support the same protocols?
Layer 3
At what layer of the OSI model do proxy servers operate?
Layer 7
Bradley has been running a business in his garage for over a period of 10 years. He plans on expanding the business by opening up three new offices in three different cities. Since he has accumulated sufficient profits to move to a larger office space, he plans to upgrade his network connection to one with a dedicated and symmetrical bandwidth. Bradley approaches Mantle Solutions, an ISP. Which of the following options should be offered by the ISP in this scenario?
Leased lines
. Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this?
Logic Bomb
Which of the following statements about MPLS (multiprotocol label switching) is not true?
MPLS does not offer any decreased latency.
. A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project's team members. What type of document should they use?
NDA
You, as a network engineer, want to have an insight into your network's weaknesses that need attention. You want to search for devices with open ports indicating which insecure service might be used to craft an attack and identify unencrypted sensitive data. Which of the following scanning tools will you use in this scenario?
Nessus
Which of the following is used to create flow records that show relationships among various traffic types?
NetFlow
Which OSI layer is responsible for directing data from one LAN to another
Network Layer
Which of the following monitors network traffic and might receive data from monitored devices that are configured to report their statistics?
Network monitor
You are working as a network administrator, and you want to conduct simulated attacks on a network to determine its weaknesses. To do so, you want to check for open ports so that you can remote in using that port and craft an attack. Which of the following software will you use to scan for open ports in this scenario?
Nmap
Which of the following IGPs supports large networks, calculates more efficient best paths than RIPs, and uses algorithms that prevent routing loops?
OSPF
Which power backup method will continually provide power to a server if the power goes out during a thunderstorm?
Online UPS
Which of these DoS (denial-of-service) attacks damages a device's firmware beyond repair?
PDoS
A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers to collect information from people who make the same typo. What kind of attack is this?
Phishing
Bryden is a network analyst who has been recruited into Big Bay Burger's security management. Which of the following terminologies must he use to explain to the company's employees about the possibility of someone using a deception in following them into a restricted area?
Piggybacking
What port do SNMP agents listen on?
Port 161
Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct to develop your recommendations for the upgrade priorities?
Posture Assessment
Valiant is an NGO that has very strong opinions against the government. It has faced a number of legal notices and its IP address has been blocked numerous times for voicing out dissent on online forums and social media. Valiant has requested your help as a network analyst to find a way around this problem so that it won't receive any more legal notices due to IP address tracking. Which of the following methods will you use in this scenario?
Proxy server
Which authorization method allows a network administrator to receive from a user's supervisor a detailed description of the roles or jobs the user performs for the organization?
RBAC
Which of the following attack simulations detect vulnerabilities and attempt to exploit them? Choose two.
Red team-blue team exercise, Pen testing
You are the network administrator in Jolene Consultancy Pvt. Ltd., a small consultancy in Missouri. You have been assigned the task of monitoring network traffic in the systems. You must ensure that many devices can be configured to report their traffic and other statistics to a network monitor. Which of the following would you use in this scenario?
Reporting
Goldwin Enterprises has hired you as a network administrator to monitor the network and to ensure that the network functions reliably. To monitor the entire network, you will require a device that will display sensor data on your configurable dashboard. Which of the following software will you request from the management?
Room Alert Monitor by AVTECH
An ISP's headquarters is located in Philadelphia, and it has a branch office in Canada. The ISP wants to ship an edge device to the branch location where a non-technical person can plug in the device without any configuration needed on-site. Which of the following should be used in this scenario?
SD-WAN
Browski is a company that deals with SD-WAN (software-defined wide area network) units. The management of Browski wants to present an audio-video presentation at one of the network exhibitions to demonstrate its new product. As a network administrator working there, you have been asked to go through a few pointers in the presentation to verify the accuracy of the content. Analyze if any of these aspects do not apply to SD-WAN.
SD-WAN can be more expensive than leased lines.
Which of the following versions is the most recent iteration of SHA (Secure Hash Algorithm), which was developed by private designers for a public competition in 2012?
SHA-3
What command requests the next record in an SNMP log?
SNMP Get Next
. Which of the following is considered a secure protocol?
SSH
Which data link layer flow control method offers the most efficient frame transmission when sending large volumes of data?
Selective repeat sliding window
Which principle ensures auditing processes are managed by someone other than the employees whose activities are being audited?
Separation of duties
Which of the following anti-malware software will slow down your network performance considerably?
Server-based
As a network administrator, Murphy wants to add additional layers of security to prevent hackers from penetrating the network. In order to achieve this, he plans on adding additional authentication restrictions that might strengthen network security. Analyze which of the following he should do in this context.
Set a limit on consecutive login attempts
What information in a transmitted message might an IDS use to identify network threats?
Signature
What kind of device can monitor a connection at the demarc but cannot interpret data?
Smart Jack
. You need to securely store handheld radios for your network technicians to take with them when they're troubleshooting problems around your campus network. What's the best way to store these radios so all your techs can get to them and so you can track who has the radios?
Smart Locker
The managing director of Seviicco Laminates wants to secure certain financial documents that can only be accessed by him and the finance team of the organization. He wants to install a sophisticated authentication process so that the documents are extremely safe. You have been contracted as a network analyst for this project. After having an overview of the office premises, you decide to provide this security via a specific barcode that will be used as a key to access the documents. Which of the following access control technologies will you install in this scenario?
Smart locker
Which of the following is a more intelligent version of an NIU (network interface unit)?
Smartjack
Which of the following refers to a division of labor that ensures no one person can singlehandedly compromise the security of data, finances or other resources?
SoD (Separation of Duties)
Which of the following firewalls manages each incoming packet as a stand alone entity without regard to currently active connections?
Stateless firewall
You are the network engineer for Muhan Mobile Services. The network administrator has asked you to separate the authentication, auditing, and authorization process. Which of the following tools will you use in such a scenario?
TACACS+
What method does a GSM network use to separate data on a channel?
TDMA (Time Division Multiple Access)
Who is responsible for the security of hardware on which a public cloud runs?
The cloud provider
One of your coworkers downloaded several, very large video files for a special project she's working on for a new client. When you run your network monitor later this afternoon, what list will your coworker's computer likely show up on?
Top listeners
You are a network administrator at Yosaka & Associates, a private law firm. The employees have been facing various types of data errors and other transmission problems, leading to decreased productivity. You need to find an appropriate technique that will help identify locations of network bottlenecks. Which of the following techniques would you choose in such a scenario?
Traffic analysis
Your roommate has been hogging the bandwidth on your router lately. What feature should you configure on the router to limit the amount of bandwidth his computer can utilize at any one time?
Traffic shaping
Moses wants to update the interface of a router. He plans on having a check on the current running configuration file and then wants to copy the running configuration file to the startup configuration file. Analyze which CLI mode Moses must use in this scenario.
Use the privileged EXEC mode to apply the changes
Hammond Industries has appointed Gavin as the network administrator to set up a complete secured and flawless network throughout the office premises. One of the employees has come to him to fix an error message that keeps popping up every time he tries to open the web browser. He also states that this error started popping up after the external hard drive had been used to transfer some of the necessary documents to the HR's office. Analyze what kind of malware might possibly be behind this error.
Virus
Which of the following terms identifies the weakness of a system that could lead to compromised information or unauthorized access?
Vulnerability
You are working as a network analyzer for an ISP. A client has approached you to set up a network connection for a bank with offices around the state. The network needs to connect these offices with each other in order to gather transaction and account information into a central database. Which of the following connections will you provide in this scenario?
WAN
While troubleshooting a recurring problem on your network, you want to examine the TCP messages being exchanged between a server and a client. Which tool should you use on the server?
Wireshark
Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address?
access-list acl_2 permit https any any (remember https any any)
A system of documentation that makes it possible for a third party to inspect evidence later and understand the flow of events is called _____.
an audit trail
When a router can't determine a path to a message's destination, where does it send the message
gateway of last resort
Bruno is a network engineer who is tasked with adding a separate layer of protection to the control plane of a router. He wants messages with a bps (bits per second) rate below the threshold 7000 to be transmitted and the messages with a threshold above 7000 to be dropped. Analyze which of the following commands Bruno should use in pmap configuration mode in this scenario.
police 8000 conform-action transmit exceed-action drop (remember police 8000)
You are employed as a network engineer. While setting up a client's connection, the client requests you to display trunks configured on a switch. Which of the following commands will you use in this scenario?
sh int tr (only one with tr)
You are employed as a network engineer. While setting up a client's connection, the client requests you to display the concise network layer information of the device interface that is being installed. Which of the following commands will you use in this scenario?
sh ip int br (only one with br)
Which of the following commands lists a router's routing table information?
show ip route
2. What kind of route is created when a network administrator configures a router to use a specific path between nodes
static route
