Network+ Questions that i got wrong
Which of the following are the default administrative user accounts found in Windows and Linux operating systems? (Choose all the correct answers) A.) Administrator B.) root C.) admin D.) Control
A.) Administrator B.) root
Which of the following terms refers to a type of denial-of-service attacks that bombard a target server with traffic that requires a large amount of processing? A,) Amplified B.) Reflective C.) Distributed D.) Permanent
A.) Amplified An amplified DoS attack is one in which the messages sent by the attacker require an extended amount of processing by the target servers, increasing the burden on them more than simpler messages would.
Which of the following are means of preventing unauthorized individuals from entering sensitive locations, such as datacenter? (Choose all the correct answers) A.) Biometric Scans B.) Identification Badges C.) Key Fobs D.) Motion Detection
A.) Biometric Scans B.) Identification Badges C.) Key Fobs
Which of the following types of attack require no additional hardware or software components? (Choose all the correct answers) A.) Brute force B.) Social engineering C.) Denial-of-Service D.) Phishing
A.) Brute force B.) Social engineering C.) Denial-of-Service
Which of the following are vaild reasons not to disable unused switch ports? (Choose all the correct answers) A.) The datacenter is secured from authorized access B.) The unused ports are not patched in to wall jacks C.) The unused ports are left open to faciliate the on-boarding of new users D.) The switch is configured to use a MAC-based access control list
A.) The datacenter is secured from authorized access D.) The switch is configured to use a MAC-based access control list
Which of the following types of attacks are rarely seen anymore because of the changes in device design that were specially designed to prevent them? (Choose all the correct answers) A.) VLAN hopping B.) Logic bomb C.) Phishing D.) Smurf
A.) VLAN hopping D.) Smurf Smurf attacks rely on routers to foward broadcast traffic. Routers no longer forward broadcast messages, so smurf attacks have been rendered ineffective. In the same way, VLAN hopping, which is a method for sending commands to switches to transfer a port from one VLAN to another, is rarely seen because switches are now designed to prevent them/
Which of the following devices are likely to have default credentials configured into them that attackers might know? (Choose al the correct answers) A.) Wireless access point B.) Windows servers C.) Switches D.) Routers
A.) Wireless access point C.) Switches D.) Routers Access points, switches, and routers all require authentication to access their administrative interfaces, and most have a standard username and password configured at the factory
Which of the following best describes the process of whitelisting on a wireless network? A.) Using an access control list to specify the IP addresses that are permitted to access a wireless network B.) Using port protection to specify the well-known port numbers of applications that users are permitted to run over a wireless network C.) Using MAC filtering to create a list of devices that are permitted to access a wireless network D.) Using an AAA server to create a list of users that are permitted to access a wireless network
C.) Using MAC filtering to create a list of devices that are permitted to access a wireless network .Whitelisting is the process of using MAC filtering to specify the hardware addresses of devices that are permitted to access a wireless network.
Which of the following statements best describes the difference between distributed and reflective denial-of-service attack? A.) A distributed DoS attack uses other computers to flood a target server with traffic, whereas reflective DoS attack causes a server to flood itself with loopback messages B.) A distributed DoS attack uses malware-infected computers to flood a target, whereas a reflective DoS attack takes advantage pf other servers' native functions to make them flood a target C.) A reflective DoS attack uses malware-infected computers to flood a target, whereas distributed DoS attacktakes advantage of other servers' native functions to ake them flood a target D.) A distributed DoS attack floods multiple target computers with traffic, whereas a reflective DoS attack only floods a single target
B.) A distributed DoS attack uses malware-infected computers to flood a target, whereas a reflective DoS attack takes advantage pf other servers' native functions to make them flood a target Distributed DoS attacks use hundreds or thousands of computers that have been infected with malware, called zombies, to flood a target server with traffic, in an attempt to overwhelm it and prevent it from functioning. a reflective DoS attacks is one which the attacker send requests containing the target target server's IP address to legitmate servers on the internet, such as DNS servers, causing them to send flood of responses to the target. Neither attack type causes a computer to flood itself
Which of the following is another term for a perimeter network? A.) VLAN B.) PEAP C.) TKIP D.) DMZ
D.) DMZ
Which of the following attack types is similar to a smurf attack, except that it uses a different protocol to generate traffic? A.) Phishing B.) Evil twin C.) Logic bomb D.) Fraggle
D.) Fraggle A fraggle attack is similar to a smuf attack in that is generates a large amount of spoofed broadcast traffic that appears to have been sent by the target system. All of the replies to the broadcast are then transmitted to the target. The difference between a fraggle and a smurf attack is that a fraggle attack uses UDP traffic instead of ICMP
Which of teh following IEEE standards describes an implentation of part based access control for wireless network? A.) 802.11ac B.) 802.11n C.) 802.1X D.) 802.3x
C.) 802.1X A standard that defines a port-based Network Access Control mechanis, used for authentication on wireless on other network
Which of teh following services are methods of tracking a user's activities on a network? (Choose all the correct answers) A.) Authentication B.) Authorization C.) Accounting D.) Auditing
C.) Accounting D.) Auditing Solutions: Accounting and auditing are both methods of tracking and recording a users activities ona network, such as when a user logged on and how long they remained connected
Which of the following is not one of the functions provided by TACACS+? A.) Authentication B.) Authorization C.) Administration D.) Accounting
C.) Administration
Which of the following are example of multifactor authentication? (Choose all the correct answer) A.) A system that uses an external RADIUS server for authentication B.) A system that requires two passwords for authentication C.) A system that requires a smartcard and a PIN for authentication D.) A system that requires a password anf a retinal scan for authentication
C.) Asystem that requires a smartcard and PIN for authentication D.) A system that requires a password and retinal scan for authentication
Which of teh following statements about authentication auditing are not true? A.) Auditing can disclose attemps to compromise passwords B.) Auditing can detect authentication that occur after hours C.) Auditing can identify the guess patterns used by password cracking software D.) Auditing can record unsuccessful as well as successful authentication
C.) Auditing can identify the guess patterns used by password cracking software
Which of the following are not means of detecting intruders in a network datacenter? (Choose all the correct answers) A.) Motion Detection B.) Video Surveillance C.) Biometrics D.) Smart Cards
C.) Biometrics D.) Smart cards
Which of the following statement about a public key infrastructure are true? (Choose all the correct answers) A.) Data encrypted with a public key can only be decrypted using that public key B.) Data encrypted with a private key can only be decrypted using that private key C.) Data encrypted with a public key can only be decrypted using the private key D.) Data encrypted with a private key can only be decrypted using the public key
C.) Data encrypted with a public key can only be decrypted using the private key D.) Data encrypted with a private key can only be decrypted using the public key
Which of teh following statements describes what it means when the automated lock on the door to a datacenter is configured to fail open? A.) The door remain in current state during emergency B.) The door locks during state of emergency C.) The door unlocks during state of emergency D.) The door continues to work normally during state of emergency
C.) The door unlocks during state of emergency
Despite having imposing password policies on his network, compelling users to change their passwords frequently, create passwords of a specific length, and use complex passwords, Ralph has had several reports of account penetrations. The victims of the incidents had all apparently shared a "tip" suggesting that users cycle through the names of their children, nephews, nieces, and other relatives when forced to create new passwords, changing letters to numbers as needed. Which of the folowing actions can Ralph take to remedy the situation without creating a larger problem? A.) Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc B.) Modify the password policies to force users to change passwords more frequently C.) Assign the users long passwords consisting of random-generated characters and change them often D.) Change the password policy to a value greater than the number of children in any users's family
A.) Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc There are no policies that can prevent users from creating easily guessed passwords. The only action that can help is to educate users of the fact that attackers are frequently able to guess passwords by using information such as familiar names and dates
Which of the following attack types are specifically directed at wireless networks? (Choose all the correct answerd) A.) Evil twin B.) Phishing C.) Deauthentication D.)War driving
A.) Evil twin C.) Deauthentication D.) War driving
An intruder has deployed a rogue access point on you company's wireless network and is using it to access traffic generated by users who have accidentally connected to it. Which of the following is the name for this type of attack? A.) Evil twin B.) War driving C.) Social networking D.) Spoofing
A.) Evil twin An evil twin is a fraudulent access point on a wireless network
Which of the following are common types of cameras used for video surveillance of a secure network installation? (Choose all the correct answers) A.) IP B.) LDAP C.) CCTV D.) NAC
A.) IP C.) CCTV
which of the following security protocols can authenticate users without transmitting their password over the network? A.) Kerberos B.) 802.1X C.) TKIP D.) LDAP
A.) Kerberos a sercurity protcol used by Active Directory that employs a system of tickets to authenicate users and other networkk entities without the need to transmit credentials over the network
Which of the following physical security devices can use passive RFIDs to enable an authorized user to enter a secire area? (Choose all the correct answers) A.) Key Fob B.) Keycard Lock C.) Prox Card D.) Cypher lock
A.) Key Fob C.) Prox Card
Honeypots and honeynets belong to which of the following categories of devices? A.) Mitigation techniques B.) Network attacks C.) Switch port protection types D.) Firewall filters
A.) Mitigation techniques A honeypot or honeynet is a type of mitigation technique that takes the form of a computer or network configured to function as bait for attackers, causing them to waste their time penetrating a resource that provides no significant access
Which of the following terms describes a system that prevents computers from logging on to a network unless they have the latest update and antimalware software installed? A.) NAC B.) LDAP C.) RADIUS D.) TKIP-RC4
A.) NAC Network Access Control is a mechanism that defines standards of equipment and configuration that systems must meet before they can connect to the network
Which of the following are cryptographic algorithms used for file hashing? (Choose all the correct answers) A.) SHA B.) MD5 C.) RC4 D.) AES
A.) SHA B.) MD5 Sercure Hash Algorithm (SHA) and Message Digest (MD5) are file hashing algorithms, used to test data integrity by calculating a hash value before transmission a file over a network. After the transmission, the recieving system performs the same calculation
Which of teh following describes the primary difference between single sign-on and same sign-on? A.) Single sign-on requires the users to supply credentials only once, whereass with same sign-on, the user must supply the credentuals repeatedly B.) Single sign-on enables users to to access different resources with one swt of credentials, whereas same sign-on requires users to have multiple credential sets C.) Single sign-on credentials consist of one username and one password, whereas same sign-on credential consist of one username and ultiple passwords D.) Single sign-on requires multifactor authentication, such as a password and a smartcard, whereas same sign-on requires only a password for authentication
A.) Single sign-on requires the user to supply credentials only once, whereas the same sign-on the user must supply the credential repeatedly Single sign-on uses one set of credentials and requires the user to supply themonly once to gain access to multiple resources. Same sign-on also uses a single set of credentials, with one password, but the user must perform individual logon for each resource. NEITHER sign-ons requires mutlfactor authentication
An early form of denial-of-service attack called for the attacker to bombard the network with alter ping requests sent to the broadcast address. Which of the following is the name of this type of attack? A.) Smurf B.) Phishing C.) Evil twin D.) Fraggle
A.) Smurf In a smurf attack, the attacker sends ping requests, which use the ICMP, to the broadcast address. The request messages are altered to appear as though sent by the designed target so that all the replies are sent to that system
Which of the following types of attacks can be used to enable an intruder to access a wireless network despite the protection provided by MAC filtering ? A.) Spoofing B.) Brute force C.) DNS poisoning D.) War driving
A.) Spoofing Spoofing is the process if modifying network packets to make them appear as though they are transmitted by or addressed by someone else. One way of doing this is to modify the MAC address in the packets to one that is approved by the MAC filter
In the datacenter of a company involved with sensitive government data all servers have crimped metal tags holding the cases closed. All of teh hardware racks are locked in clear-fronted cabinets. All cables runs are installed in transparent conduits. These are all examples of which pf the following physical measures? A.) Tamper Detection B.) Asset Tracking C.) Geofencing D.) Port Security
A.) Tamper Detection
Which of the following statement best describes a type of replay attack? A.) A type of attack in which an intruder reenters a resource previously compromised by another intruder B.) A type of attack in which an intruder retransmits captured authentication packets to gain access to a secure resource C.) A type of attack in which an intruder uses the same technique that provided access to other resources to penetrate a new resource D.) a type of attack in which an intruder accesses a resource that was accidentally left unsecured by an authorized user
B.) A type of attack in which an intruder retransmits captured authentication packets to gain access to a secure resource A replay attack is one in which an attacker utilizes the information found in previously captured packets to gain access to a secured resource. In many cases, the captured packets contain authentication data. In this way, that attacker can make use of captured passwords, even when they are encrypted and cannot be read
For which of the follwoing reasons is disabling the SSID broadcast of a wireles network to prevent unauthorized accesss a relatively weak method of device hardening A.) Attackers have ways of connecting to the network without the SSID B.) Attackers can capture packets transmitted over the network and read the SSID from them C.) Every access point's SSID is printed on a label on the back of the device D.) Attackers have software that can easily guess a network's SSID
B.) Attackers can capture packets transmitted over the network and read the SSID from them
Which of the following is the name for an attack in which an intruder uses a Bluetooth connection to steal information from a wireless device, such as a smart phone? A.) Bluedogging B.) Bluesnarfing C.) Bluesmurfing D,) Bluejacking
B.) Bluesnarfing Bluesnarfing is an attack in which an intruder connects to a wireless device using Bluetooth, for the purpose of stealing information. Bluejacking is the process of sending unsolicited messages to a device using Bluetooth. The other options do not exist
Which of the following attack types are specifically targeted at wireless network clients? (Choose all the correct answers) A.) Logic bomb B.) Deauthentication C.) Evil twin D.) ARP poisoning
B.) Deauthentication C.) Evil twin Deauthentication is a type of DoS attack in which the attacker targets a wireless client by sending a deauthentication frame that causes the client to be disconnected from the network. The object of the attack is often to compel the client to connect to a rogue access point called an evil twin. An evil twin is a fraudulent access point on a wireless network that mimics the SSID of a legitimate access point, in hope of luring in users
Video surveillance of sensitive areas, such as datacenters, can prevent which of the following types of attack? (Choose all the correct answers) A.) Social Engineering B.) Evil Twin C.) Brute Force D.) Insider Threats
B.) Evil Twin D.) Insider Threats
Which of the following types of attacks have been rendered all but obsolete by the routers that no longer forward broadcast traffic? (Choose all the correct anwers) A.) Logic bomb B.) Fraggle C.) Phishing D.) Smurf
B.) Fraggle D.) Smurf
Ed recieves an email throughnhis personal account, warning him that his checking account has been locked due to excessive activity. To confirm that the activity is fraudulent, the email instructs Ed to click the enclosed hyperlink, log on to his account, and review the list of charges. Ed clicks the link and is taken to a web page that appears to be that of his bank. He then supplies his username and password to log on. Which of the following types of attacks is Ed likely to be experiencing? A.) Social engineering B.) Phishing C.) Logic bomb D.) Spoofing
B.) Phishing
On which of the following types of devices should you consider disabling usused ports as a sercurity precaution? (Choose all the correct answers) A.) Hub B.) Servers C.) Switches D.) Wireless access points
B.) Servers C.) Switches
Which of the following are network segmentation methods that can prevent intruders from gaining full access to a network? (Choose all the correct answers) A.) ACL B.) VLAN C.) NAC D.) DMZ
B.) VLAN D.) DMZ
On the fence outside your home, you happen to notice a small sticker that has the SSID of your wireless network written on it, along with the name of the security protocol your network is using. To which of the following attacks have you been made a victim? A.) War driving B.) War chalking C.) War tagging D.) War signing
B.) War chalkng When a war driver locates a wireless network and marks ot for another attackers, it is called chalking. There are no such attacks as war tagging and war signing
Which of the following standards is most commonly used to define the format of digital certificates? A.) 802.1X B.) X.509 C.) 802.1q D.) X.500
B.) X.509 published by the International Telecommunication Union's Standardization (ITU-T) defines the format of digital certificate
In which of the following ways is VLAN hopping a potential threat? A.) VLAN hopping enables an attacker to scramble a switch's patch panel connections B.) VLAN hopping enables an attacker to rename the default VLAN on a switch C.) VLAN hopping enables an attacker to access different VLANs using 802.1q D.) VLAN hopping enables an attacker to change the native VLAN on a switch
C.) VLAN hopping enables an attacker to accesss diferent VLANs using 802.1q VLAN hopping is a method for sending commands to switches to transfer a port from one VLAN to another. This can enable the attacker to connect his or her device to a potentially sensitive VLAN. VLAN hopping does not modify the switch's patch panel connections, only its VLAN assignments
which of the following types of physical sercurity is most likely to detect insider threats? A.)Smartcards B.)Motion detection C.)Video surveillance D.)Biometrics
C.) Videos Surveillance
A senior IT administrator at your company was terminated two weeks ago. Today, Friday, you arrive at the office and found that all the hosts in the web server farm has had all their data deleted. There are no unauthorized entries to the datacenter recorded but you suspect the teminated administrator to be responisble. Which of the folowing attack types might the administrator have directed at the web server farm? A.) Social engineering B.) ARP poisoning C.) Evil twin D.) Logic bomb
D.) Logic bomb A logic bomb is a code insert placed into a legitimate software product that triggers a malicious event when specific conditions are met. The teminated administrator might have created a code designed to trigger deletions after the administrator's departure from the company.
Which of the following is the best description of geofencing? A.) Something you have B.) Something you know C.) Something you do D.) Somewhere you are
D.) Somewhere you are Geofencing is the generic term for a technology that limits access to a network or other resource based on the client's location
Which of the following statements best describes the primary scenario for the use of TACACS+? A.) TACACS+ was designed to provide authentication, authorization, and accounting services for wireless network B.) TACACS+ was designed to provide authentication, authorization, and accounting services for the Active Directory directory service C.) TACACS+ was designed to provide authentication, authorization, and accounting services for the remote dial-up users D.) TACACS+ was designed to provide authentication, authorization, and accounting services for network routers and switches
D.) TACACS+ was designed to provide authentication, authorization, and accounting services for network routers and switches Teminal Access Control Access Control System Pus is a protocol designed to provides AAA services for networks with many routers and switches, enabling adminstrators to access them with single set of credentials. it was not designed to provide AAA services for wireless networks, Active Directory, or remote dial-up users