networking final II
You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: • A 4U redundant power supply • A 4U server • A 4U switch • A 2U router Which of the following equipment will also fit in this rack along with the above equipment? 4U UPS 2U UPS 3U server 4U firewall
2U UPS
You want to increase the security of your network by allowing only authenticated users to access network devices through a switch. Which of the following should you implement? a. 802.1x b. Port security c. Spanning tree d. IPsec
802.1x
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement? a. 802.1x b. Port security c. Spanning tree d. IPsec
802.1x
Which of the following is the strongest form of multi-factor authentication? a. A password and a biometric scan b. Two passwords c. A password, a biometric scan, and a token device d. Two-factor authentication
A password, a biometric scan, and a token device
In a variation of a brute force attack, an attacker may use a predefined list (dictionary) of common usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue? a. A strong password policy b. 3DES encryption c. AES encryption d. VLANs
A strong password policy
Which of the following is an example of two-factor authentication? a. A username and a password b. A pass phrase and a PIN c. A token device and a PIN d. A fingerprint and a retina scan
A token device and a PIN
Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer? a. MAC spoofing b. IP spoofing c. Replay attack d. ARP poisoning
ARP poisoning
Which of the following attacks tries to associate an incorrect MAC address with a known IP address? a. ARP poisoning b. Hijacking c. Null session d. MAC flooding
ARP poisoning
Question 65 of 186 A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario? a. Passive fingerprinting b. Active fingerprinting c. Network enumeration d. Firewalking
Active fingerprinting
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60%, and the temperature is 80 degrees. What should you do to help reduce problems? a. Add a separate A/C unit in the server room. b. Add line conditioners in the server room. c. Add a de-humidifier to the server room. d. Add a humidifier to the server room.
Add a separate A/C unit in the server room.
Which of the following best describes the ping of death exploit? a. Partial IP packets with overlapping sequencing numbers b. Sending multiple spoofed ICMP packets to the victim c. Redirecting echo responses from an ICMP communication d. An ICMP packet larger than 65,536 bytes
An ICMP packet larger than 65,536 bytes
You are concerned about protecting your network from network-based attacks from the internet. Specifically, you are concerned about zero day attacks (attacks that have not yet been identified or that do not have prescribed protections). Which type of device should you use? a. Signature-based IDS b. Anomaly-based IDS c. Anti-virus scanner d. Network-based firewall e. Host-based firewall
Anomaly-based IDS
What does a tarpit specifically do to detect and prevent intrusion into your network? a. Answers connection requests in such a way that the attacking computer is stuck for a period of time. b. Entices intruders by displaying a vulnerability, configuration flow, or data that appears to be of value. c. Passively monitors and logs suspicious activity until it detects a known attack pattern, then shuns the intruder by dropping their connection. d. Uses a packet sniffer to examine network traffic and identify known attack patterns, then locks the attacker's connection to prevent any further intrusion activities.
Answers connection requests in such a way that the attacking computer is stuck for a period of time.
Which of the following is the best recommendation for applying hotfixes to your servers? a. Apply hotfixes immediately as they are released. b. Apply only the hotfixes that apply to software running on your systems. c. Wait until a hotfix becomes a patch, then apply it. d. Apply all hotfixes before applying the corresponding service pack.
Apply only the hotfixes that apply to software running on your systems.
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle? a. Time of check/time of use (TOC/TOU) b. Data diddling c. Smurf d. Buffer overflow
Buffer overflow
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this? a. Client-side scripts b. Server-side scripts c. ActiveX d. CGI
Client-side scripts
As the victim of a Smurf attack, what protection measure is the most effective during the attack? a. Turning off the connection to the ISP b. Communicating with your upstream provider c. Blocking all attack vectors with firewall filters d. Updating your anti-virus software
Communicating with your upstream provider
Which of the following enterprise wireless configuration strategies best keeps public wireless access separate from private wireless access? a. Configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point. b. Implement MAC address filtering to restrict connections to the private access point only to MAC addresses that are explicitly allowed. c. Deploy independent stand-alone access points throughout your enterprise and configure each to use the same SSID, the same channel, and thesame IP subnet. d. Establish shared key authentication that uses one passphrase for guest users and another passphrase for private users
Configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point.
You are the network administrator for a city library. Throughout the library, there are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do to fix this problem? a. Configure port security on the switch. b. Remove the hub and place each library computer on its own access port. c. Create a VLAN for each group of four computers. d. Create static MAC addresses for each computer and associate them with a VLAN.
Configure port security on the switch.
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration? a. Configure remote access clients as RADIUS clients. b. Configure the remote access servers as RADIUS servers. c. Configure the remote access servers as RADIUS clients. d. Obtain certificates from a public or private PKI.
Configure the remote access servers as RADIUS clients.
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage and a single connection to your ISP. You want to provide redundancy so that a failure in a single component does not cause the website to become unavailable. What should you add to your configuration to accomplish this? a. On each server, add a second network connection to connect the server to the shared storage device. b. Connect one server to the internet through a different ISP . c. On each server, add a second network connection to the internet. d. Reconfigure the disk array in a RAID 1+0 configuration.
Connect one server to the internet through a different ISP .
Which of the following is a text file that a website stores on a client's hard drive to track and record information about the user? a. Mobile code b. Certificate c. Cookie d. Digital signature
Cookie
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this? IGMP snooping Port security DHCP snooping Dynamic ARP inspection
DHCP snooping
Which of the following actions should you take to reduce the attack surface of a server? a. Disable unused services. b. Install anti-malware software. c. Install the latest patches and hotfixes. d. Install a host-based IDS
Disable unused services.
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred? a. Drive-by download b. DLL injection c. SQL injection d. Trojan horse
Drive-by download
A network switch is configured to perform the following validation checks on its ports: • All ARP requests and responses are intercepted. • Each intercepted request is verified to ensure that it has a valid IP-to-MAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination. • If the packet has an invalid binding, the switch drops the ARP packet. Which security feature was enabled on the switch to accomplish this task? a. IGMP snooping b. Port security c. DHCP snooping d. Dynamic ARP Inspection
Dynamic ARP Inspection
Which remote access authentication protocol allows for the use of smart cards for authentication? a. EAP b. CHAP c. PAP d. PPP e. SLIP
EAP
You are a contractor that has agreed to implement a new remote access solution based on a Windows Server 2016 system for a client. The customer wants to purchase and install a smart card system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client? a. MS-CHAP b. CHAP c. PPP d. EAP
EAP
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use? a. PKI b. EAP c. MS-CHAP v2 d. IPsec
EAP
Which of the following can route Layer 3 protocols across an IP network? a. GRE b. IPsec c. SSL d. PPTP
GRE
Which of the following intrusion detection and prevention systems uses fake resources to entice intruders by displaying a vulnerability, configuration flaw, or valuable data? Honeypot Botnet Trojan horse Zombie
Honeypot
As a security precaution, you have implemented IPsec between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement? a. Host-based IDS b. Network-based IDS c. VPN concentrator d. Port scanner e. Protocol analyzer
Host-based IDS
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a short-term, periodic basis (typically monthly)? a. Hotfix b. Service pack c. Targeted software patch d. Kernel fix kit
Hotfix
What security mechanism can be used to detect attacks originating on the internet or from within an internal trusted subnet? a. Firewall b. IDS c. Security alarm d. Biometric system
IDS
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations? a. Firewall b. Switch c. Padded cell d. IDS
IDS
Which of the following devices is capable of detecting and responding to security threats? a. IDS b. IPS c. DNS server d. Multilayer switch
IPS
You are concerned about attacks directed at your network firewall. You want to be able to identify attacks and be notified of attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use? a. IDS b. IPS c. Packet sniffer d. Port scanner
IPS
Which of the following network layer protocols provides authentication and encryption services for IP-based network traffic? a. TCP b. IPsec c. SSL d. L2TP
IPsec
The owner of a hotel has contracted you to implement a wireless network to provide internet access for patrons. The owner has asked that you implement security controls so that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the internet. If a patron does not provide the correct code, they should not be allowed to access the internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do? a. Implement a guest network . b. Implement MAC address filtering. c. Implement 802.1x authentication using a RADIUS server. d. Implement pre-shared key authentication.
Implement a guest network
As you are helping a user with a computer problem, you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: • Minimum password length = 10 • Minimum password age = 4 • Maximum password age = 30 • Password history = 6 • Account lockout clipping level = 3 • Require complex passwords that include numbers and symbols Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down? a. Implement end-user training. b. Decrease the minimum password length. c. Increase the maximum password age. d. Remove the complex password requirement. e. Increase the account lockout clipping level.
Implement end-user training.
You have decided to perform a double-blind penetration test. Which of the following actions should you perform first? a. Inform senior management. b. Perform operational reconnaissance. c. Engage in social engineering. d. Run system fingerprinting software.
Inform senior management.
You have worked as the network administrator for a company for seven months. One day, all picture files on the server become corrupted. You discover that a user downloaded a virus from the internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do? a. Install a network virus detection software solution. b. Disconnect the user from the internet. c. Allow users to access the internet only from terminals that are not attached to the main network. d. Install a firewall.
Install a network virus detection software solution.
While using a web-based order form, an attacker enters an unusually large value in the quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario? a. Integer overflow b. Buffer overflow c. Watering hole d. URL hijacking
Integer overflow
You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. The solar panel array captures sunlight, converts it into direct current (DC), and stores it in large batteries. The power supplies in the servers, switches, and routers in your data center require alternating current (AC) to operate. Which electrical device should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center? a. Inverter b. Transformer c. Capacitor d. Transistor
Inverter
Which of the following statements is true? A system image backup: a. Does not include user profile settings. b. Can be saved to a Bitlocker-enabled volume. c. Is saved as a .vhd file. d. s the only type of backup supported by the backup and restore console.
Is saved as a .vhd file.
Which of the following authentication methods uses tickets to provide single sign-on? a. PKI b. Kerberos c. 802.1x d. MS-CHAP
Kerberos
Which of the following attacks, if successful, causes a switch to function like a hub? a. ARP poisoning b. MAC flooding c. MAC spoofing d. Replay
MAC flooding
Which of the following best describes one-factor authentication? a. Only Type 1 authentication credentials are accepted. b. Only a single authentication credential is submitted. c. A username without any additional credentials is accepted. d. Multiple authentication credentials may be required, but they are all of the same type.
Multiple authentication credentials may be required, but they are all of the same type.
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP? a. Three-way handshake b. Hashed shared secret c. Mutual authentication d. Certificate-based authentication
Mutual authentication
Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use? a. NAC b. NAT c. VLAN d. DMZ e. NIDS
NAC
Which of the following networking devices or services prevents the use of IPsec in most cases? a. Firewall b. Router c. NAT d. Switch
NAT
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through UTP cable that will run across the floor of the data center. To protect equipment from power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work? a. Yes. This configuration complies with data center best practices. b. No. You should not run a cable across the floor of the data center. c. No. You should not use blade servers for virtualization. d. No. You must use a cross-over cable to connect the two switches together. e. No. You must implement the UPS and power supplies to the rack externally.
No. You should not run a cable across the floor of the data center.
Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environment monitoring device within the rack. Currently, the device shows that the temperature within the rack is 70 degrees Fahrenheit (21 degrees Celsius). What should you do? a. Nothing. The temperature within the rack is within acceptable limits. b. Install an additional air conditioning unit for the server room. c. Install a humidifier to increase the humidity within the server room. d. Re-orient the cold aisle within the server room so that it is directed toward the air conditioner's return duct
Nothing. The temperature within the rack is within acceptable limits.
You have a web server that will be used for secure transactions for customers who access the website over the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server? a. Obtain a certificate from a public PKI. b. Create your own internal PKI to issue certificates. c. Have the server generate its own certificate. d. Run a third-party tool to generate the certificate.
Obtain a certificate from a public PKI.
Which of the following is a mechanism for granting and validating certificates? a. PKI b. RADIUS c. Kerberos d. AAA
PKI
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task? a. PPP b. PPTP c. SLIP d. NetBEUI
PPTP
You are concerned about attacks directed at the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use? a. Packet sniffer b. Load tester c. Throughput tester d. Event log e. System log
Packet sniffer
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario? a. Passive fingerprinting b. Active fingerprinting c. Network enumeration d. Firewalking
Passive fingerprinting
Which of the following uses hacking techniques to proactively discover internal vulnerabilities? a. Reverse engineering b. Penetration testing c. Inbound scanning d. Passive reconnaissance
Penetration testing
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful for maintaining a secure environment? a. The accounting department must compress the logs on a quarterly basis. b. All files must be verified with the IDS checksum. c. Periodic reviews must be conducted to detect malicious activity or policy violations. d. All logs should be deleted and refreshed monthly.
Periodic reviews must be conducted to detect malicious activity or policy violations.
You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers into the free network jacks and connect to the network, but you want employees who plug into those same jacks should be able to connect to the network. What feature should you configure? a. Port authentication b. Mirroring c. Bonding d. Spanning tree e. VLANs
Port authentication
You manage a network that uses switches. In the lobby of your building, there are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug their computers into the free network jacks and connect to the network. But employees who plug into those same jacks should be able to connect to the network. What feature should you configure? a. Port authentication b. Mirroring c. Bonding d. Spanning tree e. VLANs
Port authentication
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use? a. Packet sniffer b. Port scanner c. IDS d. IPS e. System logs
Port scanner
Which type of security uses MAC addresses to identity devices that are allowed or denied a connection to a switch? a. Port security b. Traffic shaping c. Secure Sockets Layer d. MAC spoofing
Port security
Question 95 of 186 You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement? a. Positive pressure system b. Negative pressure system c. Line conditioner d. UPS e. Backup generator
Positive pressure system
A network utilizes a network access control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called? a. Port security b. Remediation c. Quarantine d. Posture assessment
Posture assessment
What does an IDS that uses signature recognition use to identify attacks? a. Potential attack activity compared to a database of known attacks. b. Exceeding threshold values. c. Statistical analysis to find unusual deviations. d. Current statistics compared to past statistics.
Potential attack activity compared to a database of known attacks.
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts? a. RRAS b. RADIUS c. NAS d. EAP
RADIUS
Which of the following protocols or services would you associate with Window's Remote Desktop Services network traffic? a. WTSP b. NNTP c. WPA d. RDP
RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use? a. FTP b. TFTP c. RDP d. Telnet e. SSH
RDP
In addition to performing regular backups, what must you do to protect your system from data loss? Store the backup media in an on-site fireproof vault. Regularly test restoration procedures. Restrict restoration privileges to system administrators. Write-protect all backup media.
Regularly test restoration procedures
A smart phone was lost at the airport. There is no way to recover the device. Which if the following will ensure data confidentiality on the device? a. Remote wipe b. Screen lock c. GPS d. TPM
Remote wipe
Telnet is inherently insecure because its communication is in plaintext and is easily intercepted. Which of the following is an acceptable alternative to Telnet? a. SLIP b. SHTTP c. Remote Desktop d. SSH
SSH
Which of the following protocols can be used to securely manage a network device from a remote connection? a. SSH b. Telnet c. SFTP d. TLS
SSH
Which protocol does HTTPS use to offer greater security in web transactions? a. Kerberos b. SSL c. IPsec d. Username and password authentication
SSL
You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls? a. PPTP b. L2TP c. SSL d. IPsec e. PPPoE
SSL
Which of the following mobile device security consideration disables the ability to use the device after a short period of inactivity? a. Remote wipe b. Screen lock c. GPS d. TPM
Screen lock
You are considering using Wi-Fi triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system? a. Signal strength b. WAP placement c. Wireless standard in use d. Wireless encryption in use
Signal strength
Which of the following is the most common detection method used by an IDS? a. Signature b. Anomaly c. Behavior d. Heuristic
Signature
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database? a. Heuristics-based b. Anomaly-analysis-based c. Stateful-inspection-based d. Signature-based
Signature-based
Your organization's security policy specifies that, regardless of ownership, any mobile device that connects to your internal network must have remote wipe enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Which of the following should you implement to ensure organizational data can be remote wiped while preserving personal data? a. Storage segmentation b. Reporting system c. Lockout or screen Lock d. Asset tracking and inventory control
Storage segmentation
A VPN is used primarily for which purpose? a. Allow remote systems to save on long-distance charges. b. Support secured communications over an untrusted network. c. Allow the use of network-attached printers. d. Support the distribution of public web documents.
Support secured communications over an untrusted network.
Which of the following is the least effective power loss protection for computer systems? a. Uninterruptible power supply b. Surge protector c. Secondary power source d. Backup power generator
Surge protector
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network? a. Delay the intruder. b. Record audit trails about the intruder. c. Monitor the intruder's actions. d. Terminate the intruder's session.
Terminate the intruder's session.
What is the primary purpose of penetration testing? a. Test the effectiveness of your security perimeter. b. Evaluate newly deployed firewalls. c. Assess the skill level of new IT security staff. d. Infiltrate a competitor's network
Test the effectiveness of your security perimeter.
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix? a. Apply the hotfix immediately to the server; apply the hotfix to other devices only as the security threat manifests itself. b. Apply the hotfix immediately to all servers. c. Test the hotfix, then apply it to all servers. d. Test the hotfix, then apply it to the server that had the problem.
Test the hotfix, then apply it to all servers.
Which of the following are not reasons to remote wipe a mobile device? a. The device is being assigned to another user. b. The device is stolen or lost. c. The device is inactive for a period of time. d. The device is locked, and someone has entered multiple incorrect entries of the password or PIN.
The device is inactive for a period of time.
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the user's identity to the target system? Coupon Voucher Ticket Hashkey
Ticket
Why should you store backup media off site? a. To reduce the possibility of theft. b. To comply with government regulations. c. To prevent the same disaster from affecting both the network and the backup media. d. To make the restoration process more efficient.
To prevent the same disaster from affecting both the network and the backup media.
Which of the following is an example of three-factor authentication? a. Token device, keystroke analysis, cognitive question b. Photo ID, smart card, fingerprint c. Smart card, digital certificate, PIN d. Pass phrase, palm scan, voice recognition
Token device, keystroke analysis, cognitive question
You have just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis? Update the signature files. Check for backdoors. Generate a new baseline. Modify clipping levels.
Update the signature files.
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card for entry. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer by connecting it to the console port on the router. You configured the management interface with the username admin and the password password. What should you do to increase the security of this device? a. Use an SSH client to access the router configuration. b. Use a stronger administrative password. c. Use a web browser to access the router configuration using an HTTP connection. d. Move the device to a secure data center
Use a stronger administrative password.
Which of the following identification and authentication factors are often well-known or easily discovered by others on the same network or system? a. Username b. Password c. PGP secret key d. Biometric reference profile
Username
Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented? a. VLAN b. Spanning tree c. Port security d. VPN
VLAN
A group of salesmen in your organization would like to access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement? a. VPN concentrator b. IDS c. IPS d. DMZ e. RADIUS
VPN concentrator
In which of the following situations would you use port security? a. You want to prevent sniffing attacks on the network. b. You want to restrict the devices that could connect through a switch port. c. You want to control the packets sent and received by a router. d. You want to prevent MAC address spoofing.
You want to restrict the devices that could connect through a switch port.
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file? a. Your copy is the same as the copy posted on the website. b. You can prove the source of the file. c. No one has read the file contents as it was downloaded. d. You will be the only one able to open the downloaded file.
Your copy is the same as the copy posted on the website.
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack? a. Full knowledge team b. Zero knowledge team c. Partial knowledge team d. Split knowledge team
Zero knowledge team
What is the main difference between vulnerability scanning and penetration testing? a. Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter. b. Vulnerability scanning uses approved methods and tools; penetration testing uses hacking tools. c. The goal of vulnerability scanning is to identify potential weaknesses; the goal of penetration testing is to attack a system. d. Vulnerability scanning is performed with a detailed knowledge of the system; penetration testing starts with no knowledge of the system.
ulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.