Ch. 8-10 Quizes 3700
The result from ANDing 11000111 with 10010001 is ____.
10000001
How many bits of a class B IPv4 address are used for host information?
16
A network with the subnet mask 255.255.192.0 would have what CIDR block?
18
You are running KVM on a Fedora Linux computer and have configured a virtual server to use the bridged networking type. The IP address of your host machine's NIC is 192.168.25.71. Assuming your physical LAN uses DHCP, which of the following addresses is most likely the one assigned to your virtual server?
192.168.25.83
What is the broadcast address in base 10 for subnet 5 on a 8 subnet network with network address 208.64.14.0?
208.64.14.191 HOW?!!?!?!?!?!?!
What is the highest host address in base 10 for subnet 2 on a 8 subnet network with network address 208.64.14.0? The 8 subnets are subnet 0, 1, 2, 3, 4, 5, 6, and 7.
208.64.14.94
How many hosts on network 208.64.14.0, with no subnets? (Answer is number in base 10)
254
If you subdivide your Class B network into 252 subnets, what is the maximum number of hosts you can assign to any single subnet?
254
Convert the following subnet mask into its dotted-decimal equivalent: 11111111 11111111 11111000 00000000.
255.255.248.0
Given an IPV4 address of 208.64.14.9, what is the default subnet mask in base 10?
255.255.255.0
Given an IP address of 200.64.2.14 that uses class addressing. what is the base 10 subnet mask if 4 subnets are needed?
255.255.255.192
How many hosts are on 1 of the 8 subnets on the network 208.64.14.0?
30
As a networking consultant, you've been asked to help expand a client's TCP/IP network. The network administrator tells you that the network ID is subnetted as 185.27.54.0/26. On this network, how many bits of each IP address are devoted to host information?
6
A network with 6 bits remaining for the host portion will have how many usable hosts?
62
packet-filtering
A firewall is a router (or a computer installed with software that enables it to act as a router) that examines the header of every packet of data it receives to determine whether that type of packet is authorized to continue to its destination.
Acceptable use policy
A portion of the security policy that explains to users what they can and cannot do, and penalties for violations. It might also describe how these measures protect the network's security.
Reverse Proxy
A proxy that provides Internet clients access to services on its own network is known as what type of proxy?
transmission and hardware
A router that is not configured to drop packets that match certain or suspicious characteristics is an example of a risk associated with
Streaming Video
A service in which video signals are compressed and delivered over the Internet in a continuous flow so that a user can watch and listen even before all the data has been transmitted.
proxy service
A software application on a network host that acts as an intermediary between the external and internal networks, screening all incoming and outgoing traffic and providing one address to the outside world, instead of revealing the addresses of internal LAN devices
backdoor
A software security flaw that can allow unauthorized users to gain access to a system. Legacy systems are particularly notorious for leaving these kinds of gaps in a network's overall security net.
SIEM System
A system that is capable of collecting and analyzing information generated by firewalls, IDS, and IPS systems is known as which term below?
NIDS
A type of intrusion detection that protects an entire network and is situated at the edge of the network or in a network's protective perimeter, known as the DMZ (demilitarized zone). Here, it can detect many types of suspicious traffic patterns
HIDS
A type of intrusion detection that runs on a single computer, such as a client or server, to alert about attacks against that one host.
HIPS
A type of intrusion prevention that runs on a single computer, such as a client or server, to intercept and help prevent attacks against that one host.
banner-grabbing attack
An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below?
Network
At what layer of the OSI model do firewalls operate?
Layer 7
At what layer of the OSI model do proxy servers operate?
IRC
Botnets often make use of what chat protocol in order to receive commands?
H.225
In H.323, which protocol below handles call or videoconference signaling?
Upon creation, each vNIC is automatically assigned a ____.
MAC address
circuit switched networks
On __________________ networks, a connection is established between two nodes before they begin transmitting. Bandwidth is dedicated to this connection and remain available until the users terminate communication.
SS7
On circuit switched portions of a PSTN, what set of standards established by the ITU is used to handle call signaling?
giants
Packets that exceed the medium's maximum packet size are known by what term?
runts
Packets that exceed the medium's maximum packet size are known by what term?
worms
Programs that run independently and travel between computers and across networks, such as by e-mail attachment or virtually any kind of file transfer, are known as which option below?
To eliminate the possibility of traffic loops on switches and bridges, the ________________ is used.
STP (Spanning Tree Protocol)
phishing
The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below?
A(n) ____________________ groups ports on a switch into groups so that some of the local traffic is forced to go through a router. This allows segmentation of large networks using existing routers.
VLAN
is the most widely implemented virtualization software today.
VMware
Polymorphism
What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size, and internal instructions) to avoid detection?
Smurf attack
What kind of attack involves a flood of broadcast ping messages, with the originating source address being spoofed to appear as a host on the network?
content-filtering
What kind of firewall blocks traffic based on application data contained within the packets?
butter overflow
What kind of vulnerability is exploited by a ping of death?
MPLS
What protocol enables multiple types of Layer 3 protocols to travel over any one of several connection-oriented Layer 2 protocols?
PCS DSS
What security standard below was created to protect credit card data and transactions, requiring network segmentation as part of security controls?
Jamming
What wireless attack might a potential hacker execute with a specially configured transmitter?
jabber
When a device handles electrical signals improperly, usually resulting from a bad NIC, it is referred to by what term below?
user agent client
When using SIP, what term is used to describe end-user devices, which may include workstations, tablet computers, smartphones, or IP phones?
Baseline
When you arrive at work one morning, your Inbox is full of messages complaining of a network slowdown. You collect a capture from your network monitor. What can you compare it with in order to determine what has changed
UDP
Which transport layer protocol is preferred for real time services such as VoIP.
DRDoS
Which type of DoS attack orchestrates an attack using uninfected computers?
denial of service attack
You are alerted that suddenly 100% of the resources on your two core routers are being used and no legitimate traffic can travel into or out of your network. What kind of security attack are you most likely experiencing?
Allow incoming TCP message to port 80
You work for a retailer that sells household goods online. The company has decided to redesign its network for better security. Included in this redesign is the addition of a new firewall. Assuming the firewall is placed between the Internet connection and the Web server, which of the following should be included in the firewall's configuration so that customers can still reach the Web site?
SIP
You're trying to choose a signaling protocol for your company's network because you're about to upgrade to a VoIP system. You need to keep it simple because this is a small company with a simple network. Which protocol should you choose?
packet shaping
Your roommate has been hogging the bandwidth on your router lately. What technique can you use to limit the amount of bandwidth his computer can utilize at any one time?
You have installed and configured two virtual Web servers and a virtual mail server on a physical server. What networking mode will you assign to each server's vNIC to ensure that the virtual machine hosts on the internet can access the virtual machines.
bridged
Which network type allows a vNIC to access a network directly using the host machine's NIC?
bridged mode
Each VM is known as a ____.
guest
The physical computer on a virtual machine is known as a ____.
host
mode is appropriate for test networks or if you simply need to install a different operating system on your workstation to use a program that is incompatible with your host's operating system.
host-only
Which virtual network type allows VMs to communicate with each other on the same host, but disallows communication with other nodes on the network?
host-only mode
Which of the following is not a valid reason for using virtualization?
increase performance
0.0.0.0.0
n ACL statements, the any keyword is equivalent to using what wildcard mask below?
n the host part of a class C IPv4 address the octets equal to 0 and 255 are used for ____, only the numbers 1 through 254 can be used for host information in an IPv4 address.
network Id and broadcast address
port scanner
software searches a node for open ports.
Which of the following applies to virtual machines, no matter what type of virtualization software they are created with?
they exist as files on hard rives of their host
connect vNICs with a network, whether virtual or physical.
virtual bridges
A CIDR block of /26 is equivalent to what subnet mask below?
255.255.255.192
man in the middle attack
An attack that involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack?
honeynet
If multiple honeypots are connected to form a larger network, what term is used to describe the network?
unicast
In a VoIP call, what method of transmission is used between two IP phones?
Stoned
Which virus below combines polymorphism and stealth techniques to create a very destructive virus?