Network Security Essentials Exam

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

ActiveX controls can run on any browser platform. T/F

False

Alt+F8 is the key combination that closes up pop-up windows. T/F

False

An IP proxy serves clients requests by caching HTTP information. T/F

False

RFI is a disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation. T/F

False

Syslog uses port 161. T/F

False

The convert command converts an NTFS drive to FAT32. T/F

False

To accept fewer cookies, you would add them to the Restricted Sites zone. T/F

False

To open the Local Group Policy console window, a user can only use the MMC in the Run prompt. T/F

False

WPA2 has a typical key size of 128 bits. T/F

False

Which of the following should an administrator implement to research current attack methodologies? - Design reviews -Honeypot -Vulnerability scanner -Code reviews

Honeypot

A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability? A. Host-based firewall B. IDS C. IPS D. Honeypot

IDS

Which of the following devices should you use to keep machines behind it anonymous? -Caching proxy -IP proxy -Circuit level gateway -Firewall - UTM

IP Proxy

An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement? - Implement IIS hardening by restricting service accounts - Implement database hardening y applying vendor guidelines - Implement perimeter firewall rules to restrict access - Implement OS hardening by applying GPOs

Implement OS hardening by applying GPOs

Which of the following types of authentication packages user credentials in a ticket? - Kerberos -LDAP -TACACS+ -RADIUS

Kerberos

Which of the following enables a hacker to float a domain registration for a maximum of five days? - Kiting - DNS poisoning - Domain hijacking - Spoofing

Kiting

Which of the following means of wireless authentication is easily vulnerable to spoofing? -MAC filtering -WPA-LEAP -WPA-PEAP -Enabled SSID

MAC Filtering

What should you configure to improve wireless security? - Enable the SSID -IP spoofing -Remove repeaters -Use MAC filtering

MAC filtering

Mike, a network administrator, has been asked to passively monitor network traffic to the company's sales websites. Which of the following would be BEST suited for this task? A. HIDS B. Firewall C. NIPS D. Spam filter

NIPS

Which of the following can detect malicious packets and discard them? -Proxy server -NIDS -NIPS -PAT

NIPS

Which of the following misuses the Transmission Control Panel handshake process? - Man-in-the-middle attack - SYN attack - WPA attack - Replay attack

SYN Attack

What does isolation mode on an AP provide? - Hides the SSID - Segments each wireless user from every other wireless user - stops users from communicating with the AP - Stops users from connecting to the Internet

Segments each wireless user from every other wireless user

A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security pin that was mailed to him during account registration. This is an example of which of the following? A. Dual-factor authentication B. Multifactor authentication C. Single factor authentication D. Biometric authentication

Single factor authentication

By turning on the phishing filter a person can prevent spyware. T/F

True

Crosstalk is when a signal transmitted on one copper wire creates an unwanted effect on another wire the signal "bleeds" over, so to speak.

True

Data emanations occurs most commonly on coaxial cable. T/F

True

Fiber-optic cable is not susceptible to data emanations. T/F

True

Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications. T/F

True

Ransomware holds a user's files for ransom by encrypting them. T/F

True

Subnetting increases security by compartmentalizing a network. T/F

True

The network tab in Firefox is used to connect to a proxy server. T/F

True

The systeminfo commands show a list of hot fixes that have been installed to the operating system.

True

To make changes to Internet Explorer policies that correspond to an OU, you need a domain controller. T/F

True

Which of the following are ways to help defend against distributed denial-of-service attacks? Select best three. - Update firewalls -Carefully select applications -Use intrusion prevention systems -use a 'clean pipe'

Update firewalls, carefully select applications, use a clean pipe

Which of the following should you implement to keep a well-maintained computer? - Update the firewall - Update the BIOS - Use a surge protector - Remove the unnecessary firewall

Update the BIOS

Which of the following can help to secure the BIOS of a computer? Select two: - Use a case lock - Use a BIOS supervisor password. - Configure a user password - Disable USB ports

Use a case lock

A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices. Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees' devices are connected? A. VPN B. VLAN C. WPA2 D. MAC filtering

VLAN

Which of the following is required to allow multiple servers to exist on one physical server? - Software as a Service (SaaS) - Platform as a Service (PaaS) - Virtualization - Infrastructure as a Service(IaaS)

Virtualization

Which of the following firewall rules only denies DNS zone transfers? - deny udp any any port 53 -deny ip any any -deny tcp any any port 53 -deny all dns packets

deny tcp any any port 53

Which of the following commands can be used to turn off a service? -net stop -net start -sc config -# chkconfig <service> off

net stop

Which commands disable a service in the command line? - net stop - net start -net disable -sc config

sc config

Which of the following ranges compromise the well-known ports category? - 1024-49.151 -0-1023 -49.152-65.535 -10.0.0.0-10.255.255.255

0-1023

A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? A. 20 B. 21 C. 22 D. 23

21

While configuring a new access layer switch, the administrator, Joe, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens? A. Log Analysis B. VLAN Management C. Network separation D. 802.1x-----

802.1x

A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates. Which of the following processes could MOST effectively mitigate these risks? - Application hardening - Application change management - Application patch management - Application firewall review

Application patch management

A group of compromised computers that have software installed by a worm or Trojan is known as which of the following? A. Botnet B. Virus C. Honeypot D. Zombie

A. Botnet

Which of the following is an inline device that checks all packets? A. Host-biased intrusion detection system B. Statistical anomaly C. Network intrusion detection system D. Personal software firewall

A. Host-biased intrusion detection system

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure? A. PAT B. NAP C. DNAT D. NAC

A. PAT

A network administrator wants to block both DNS requests and zone transfers coming from outside IP addresses. The company uses a firewall which implements an implicit allow and is currently configured with the following ACL applied to its external interface. PERMIT TCP ANY 80 PERMIT TCP ANY 443 Which of the following rules would accomplish this task? Select two. - Change the firewall default settings so that it implements an implicit deny -Apply the current ACL to all interfaces of the firewall. -Remove the current ACL -Add the following ACL at the top of the current ACL

Change the firewall default settings so that it implements an implicit deny, Add the following ACL at the top of the current

Which one of the following navigiational paths shows the current service pack level to the user? - Click start, right-click network, and select properties - Click start, right click computer, and select properties - Click start, right click computer, and select manage - Click start, right click network, and select manage

Click Start, right-click Computer, and select Properties

Which of the following technologies can store multi-tenant data with different security requirements? - Data loss prevention -Trusted platform module -Hard drive encryption -Cloud computing

Cloud computing

Which of the following encompasses application patch management? - Configuration management - Policy management - Cross-site request forgery - Fuzzing

Configuration management

Which tab on the internet options dialog box of Internet Explorer enables a person to make secure connections through a VPN? - Advanced tab -Content tab -Programs tab -Connections tab

D. Connections Tab

Your boss wants you to make changes to 20 computers Internet Explorer programs. To do this quickly, what is the best solution? - Use a proxy server. - Create an organizational unit. - Create a script. - Create and use a template.

D. Create and use a template

A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs: 10.10.3.16 10.10.3.23 212.178.24.26 217.24.94.83 These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring? A. XSS B. DDoS C. DoS D. Xmas

DDoS

A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network? - VLAN - Subnet - VPN - DMZ

DMZ

Which of the following is used to house FTP servers, mail servers, and web servers so that people on the Internet can access them but cannot access any other of the orgnizations servers? - DMZ -Intranet -Subnet -VLAN

DMZ

Several employees have been printing files that include personally identifiable information of customers. Auditors have raised concerns about the destruction of these hard copies after they are created, and management has decided the best way to address this concern is by preventing these files from being printed. Which of the following would be the BEST control to implement? A. File encryption B. Printer hardening C. Clean desk policies D. Data loss prevention

Data loss prevention

A MAC flood is when a person accesses a single port of a switch that was not physically secured. T/F

False

A NIDS can inspect traffic and possible remove, detain, or redirect malicious traffic. T/F

False

An intranet enables sister companies to access a secure area of a company's network. T/F

False

One way of protecting Microsoft Outlook is to use a password for modifying documents. T/F

False

One way to defend against a double-tagging attack is to put unplugged ports on the switch into an unused VLAN. T/F

False

One way to secure the administration interface of WAP is to turn it off when not in use. T/F

False

Which of the following cables suffers from chromatic dispersion if the cable is too long? -Twisted-pair cable -Fiber-optic cable -Coaxial cable -USB cables

Fiber-optic cable

Which of the following should be your primary defense? -Protocol analyzer -Proxy server -NIPS -Firewall

Firewall

Which of the following application security testing techniques is implemented when an automated system generates random input data? - Fuzzing - XSRF -Hardening -Input validation

Fuzzing

Of the following, what are three ways to increase the security of Microsoft Outlook? - password protect .PST files -Increase the junk email security level. -Set macro security levels -Install the latest security pack

Password to protect .PSt files Increase the junk email security level Install the latest security pack

After a company has standardized to a single operating system, not all servers are immune to a well-known OS vulnerability. Which of the following solutions would mitigate this issue? A. Host based firewall B. Initial baseline configurations C. Discretionary access control D. Patch management system

Patch management system

Which of the following is not a good strategy for securing a WAP? - Use NAT filtering -Turn off the SSID -Place it in a Faraday cage -Use PNAC

Place it in a Faraday cage

Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly? -Protocol Analyzer - Baseline report -Risk assessment -Vulnerability scan

Protocol Analyzer

Which of the following should the security administrator implement to limit web traffic based on country of origin? Select three -Spam filter -Load balancer -Antivirus -Proxies -Firewall -NIDS -URL filtering

Proxies, firewall, URL filtering

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address? A. Interference B. Man-in-the-middle C. ARP poisoning D. Rogue access point

Rogue Access point

By default, which of the following uses TCP port 22? Select 3. - FTPS -STELNET -TLS -SCP -SSL -HTTPS -SSH -SFTP

SCP, SSH, SFTP

Which of the following protocols allow for the secure transfer of files? (Select best two) - SNMP - SFTP - TFTP - SCP - ICMP

SFTP, SCP

On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure, and that there are no outages. Which of the following is the MOST likely cause for this issue? A. Too many incorrect authentication attempts have caused users to be temporarily disabled. B. The DNS server is overwhelmed with connections and is unable to respond to queries. C. The company IDS detected a wireless attack and disabled the wireless network. D. The Remote Authentication Dial-In User Service server certificate has expired.

The Remote Authentication Dial-In user Service server certificate has expired.

A service pack is a group of updates, bug fixes, updated drivers, and security fixes. T/F

True

A stateless packet filter is vulnerable to IP spoofing attacks. T/F

True

An older type of door access system might use a proximity sensor. T/F

True

Back Orifice is an example of a backdoor. T/F

True

The act of splitting the wires of a twisted-pair cable connection would be an example of which of the following? A. Wardriving B. Data emanation C. Wiretapping D. Spectral analyzing

Wiretapping

Where would a NIDS sit on a network? A. Inline B. On the extranet C. On the DMZ D. Back to back

an c


Set pelajaran terkait

Genetics Final Exam (Compilations of Exams)

View Set

Telephone Communication Chapter 6

View Set

#6 - questions - Ciscos Internetworking Operating System (IOS)

View Set

Speech Chapter 20 "Choose and Rehearse a Method of Delivery"

View Set

Constitution Clauses & Related Cases Quizlet

View Set