Test Out Ch. 13
Which of the following attacks tries to associate an incorrect MAC address with a known IP address? a. ARP poisoning b. Null session c. MAC flooding d. Hijacking
a. ARP poisoning
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? (Select two.) a. Apply all patches and updates b. Implement separation of duties c. Remove any backdoors d. Change default account passwords e. Conduct privilege escalation
a. Apply all patches and updates d. Change default account passwords
Which key steps should you take when implementing this configuration? (Select two.) a. Configure the VPN connection to use IPsec. b. Configure the browser to send HTTPS requests directly to the Wi-Fi network without going through the VPN connection. c. Configure the VPN connection to use MS-CHAPv2. d. Configure the browser to send HTTPS requests through the VPN connection. d. Configure the VPN connection to use PPTP.
a. Configure the VPN connection to use IPsec. d. Configure the browser to send HTTPS requests through the VPN connection.
Which of the following applications typically use 802.1x authentication? (Select two.) a. Controlling access through a switch b. Controlling access through a wireless access point c. Controlling access through a router d. Authenticating remote access clients e. Authenticating VPN users through the internet
a. Controlling access through a switch b. Controlling access through a wireless access point
While using the internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, the browser displays a completely different website. When you use the IP address of the web server, the correct site is displayed. Which type of attack has likely occurred? a. DNS poisoning b. Spoofing c. Man-in-the-middle d. Hijacking
a. DNS poisoning
An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario? (Select two. Both responses are different names for the same exploit.) a. DNS poisoning b. Man-in-the-middle c. Reconnaissance d. Domain name kiting e. Pharming
a. DNS poisoning e. Pharming DNS poisoning (also known as DNS cache poisoning or Pharming) occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses.
On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can fix the restroom. What should you do? a. Direct him to the front entrance and instruct him to check in with the receptionist. b. Tell him no and quickly close the door. c. Let him in. d. Let him in and help him find the restroom. Then let him work.
a. Direct him to the front entrance and instruct him to check in with the receptionist.
You are a contractor that has agreed to implement a new remote access solution based on a Windows Server 2016 system for a client. The customer wants to purchase and install a smart card system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client? a. EAP b. CHAP c. PPP d. MS-CHAP
a. EAP
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use? a. EAP b. PKI c. MS-CHAP v2 d. IPsec
a. EAP Public and private key pairs are used by certificates for authentication and encryption. Extensible authentication protocol (EAP) allows the client and server to negotiate the characteristics of authentication. EAP is used to allow authentication using smart cards, biometrics (user physical characteristics), and certificate-based authentication.
Which of the following actions typically involves the use of 802.1x authentication? (Select two.) a. Enabling or disabling traffic on a port b. Allowing authenticated users full access to the network c. Authenticating VPN users through the internet d. Authenticating remote access clients Controlling access through a router
a. Enabling or disabling traffic on a port b. Allowing authenticated users full access to the network
Which of the following is not a form of social engineering? a. Impersonating a user by logging on with stolen credentials b. A virus hoax email message c. Impersonating a utility repair technician d. Impersonating a manager over the phone
a. Impersonating a user by logging on with stolen credentials
Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down? a. Implement end-user training. b. Increase the maximum password age. c. Decrease the minimum password length. d. Increase the account lockout clipping level. e. Remove the complex password requirement.
a. Implement end-user training. The best solution is to implement end-user training. Instruct users on the importance of security and teach them how to create and remember complex passwords. Making any other changes would violate the security policy and reduce the overall security of the passwords
Which of the following is not an example of a physical barrier access control mechanism? a. One-time passwords b. Mantraps c. Fences d. Biometric locks
a. One-time passwords
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task? a. PPTP b. PPP c. SLIP d. NetBEUI
a. PPTP PPTP is used with VPNs, which allow you to send data securely over a public network.
Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet? (Select two.) a. PPTP b. L2TP c. VNC d. ICA e. PPPoE
a. PPTP b. L2TP
Which of the following protocols can be used to securely manage a network device from a remote connection? a. SSH b. Telnet c. TLS d. SFTP
a. SSH SSH allows for secure interactive control of remote systems. SSH is a secure and acceptable alternative to Telnet.
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.) a. SSL b. HTTPS c. SMTP d. TLS e. SNMP
a. SSL, d. TLS Both Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are protocols that are used with other protocols to add security. In addition, Secure Shell (SSH) can be used to add security when using unsecure protocols.
You have installed anti-virus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.) a. Schedule regular full system scans. b. Enable chassis intrusion detection. c. Enable account lockout. d. Educate users about malware. e. Disable UAC.
a. Schedule regular full system scans. d. Educate users about malware.
Which of the following is an example of three-factor authentication? a. Token device, keystroke analysis, cognitive b. question c. Pass phrase, palm scan, voice recognition d. Photo ID, smart card, fingerprint c. Smart card, digital certificate, PIN
a. Token device, keystroke analysis, cognitive
Which option is a program that appears to be a legitimate application, utility, game, or screensaver and performs malicious activities surreptitiously? a. Trojan horse b. Outlook Express c. Worm d. ActiveX controls
a. Trojan horse
Which of the following statements about SSL VPN are true? (Select two.) a. Uses port 443. b. Encapsulates packets by adding a GRE header. c. Uses pre-shared keys for authentication. d. Provides message integrity using HMAC. e. Encrypts the entire communication session. f. Uses UDP port 500.
a. Uses port 443. e. Encrypts the entire communication session.
A senior executive reports that she received a suspicious email concerning a sensitive internal project that is behind production. The email was sent from someone she doesn't know, and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario? a. Whaling b. Passive c. Masquerading d. MAC spoofing
a. Whaling Whaling is a form of a social engineering attack that targets senior executives and high-profile victims. Social engineering is an attack that exploits human nature by convincing someone to reveal information or perform an activity.
Which of the following is the strongest form of multi-factor authentication? a. Two-factor authentication b. A password, a biometric scan, and a token device c. Two passwords d. A password and a biometric scan
b. A password, a biometric scan, and a token device
Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer? a. Replay attack b. ARP poisoning c. IP spoofing d. MAC spoofing
b. ARP poisoning
Which of the following inter-facility system would prevent an access cardholder from giving their card to someone after they have gained access? a. Turnstile b. Anti-passback system c. Double entry door d. Mantrap
b. Anti-passback system An anti-passback system is used when a physical access token is required for entry, and prevents a card holder from passing their card back to someone else.
Which of the following measures are you most likely to implement to protect a system from a worm or Trojan horse? a. Password policy b. Antivirus software c. Firewall d. IPsec
b. Antivirus software Worms and Trojan horses are types of viruses. The best way to protect a system from them is to ensure that every system on the network has antivirus software with up-to-date virus definitions installed.
What is the primary countermeasure to social engineering? a. Traffic filters b. Awareness c. A written security policy d. Heavy management oversight
b. Awareness
As the victim of a Smurf attack, what protection measure is the most effective during the attack? a. Blocking all attack vectors with firewall filters b. Communicating with your upstream provider c. Updating your anti-virus software d. Turning off the connection to the ISP
b. Communicating with your upstream provider
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack? a. Spamming b. DDoS c. Backdoor d. DoS e. Replay
b. DDoS A DDoS attack is when multiple PCs attack a victim simultaneously and generate excessive traffic that overloads communication channels or exploiting software flaws.
Which type of denial of service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses? a. SYN flood b. DNS poisoning c. ARP poisoning d. Spam
b. DNS poisoning
Which of the following are examples of social engineering? (Select two.) a. Port scanning b. Dumpster diving c. War dialing d. Shoulder surfing
b. Dumpster diving d. Shoulder surfing
Which of the following are solutions that address physical security? (Select two.) a. Scan all floppy disks before use. b. Escort visitors at all times. c. Disable guest accounts on computers. d. Implement complex passwords. e. Require identification and name badges for all employees.
b. Escort visitors at all times. e. Require identification and name badges for all employees.
Dumpster diving is a low-tech means of gathering information that may be useful for gaining unauthorized access or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving? a. Mandate the use of Integrated Windows Authentication. b. Establish and enforce a document destruction policy. c. Create a strong password policy. d. Secure all terminals with screensaver passwords.
b. Establish and enforce a document destruction policy.
Which of the following network layer protocols provides authentication and encryption services for IP-based network traffic? a. L2TP b. IPsec c. TCP d. SSL
b. IPsec
While using a web-based order form, an attacker enters an unusually large value in the quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario? a. URL hijacking b. Integer overflow c. Buffer overflow d. Watering hole
b. Integer overflow
Which of the following is the most important way to prevent console access to a network switch? a. Disconnect the console cable when not in use. b. Keep the switch in a room that is locked by a keypad. c. Set console and enable secret passwords. d. Implement an access list to prevent console connections.
b. Keep the switch in a room that is locked by a keypad.
Which of the following authentication methods uses tickets to provide single sign-on? a. MS-CHAP b. Kerberos c. 802.1x d. PKI
b. Kerberos
Which of the following controls is an example of a physical access control method? a. Passwords b. Locks on doors c. Hiring background checks d. Access control lists with permissions e. Smart cards
b. Locks on doors
You have a web server that will be used for secure transactions for customers who access the website over the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server? a. Have the server generate its own certificate. b. Obtain a certificate from a public PKI. c. Create your own internal PKI to issue certificates. d. Run a third-party tool to generate the certificate.
b. Obtain a certificate from a public PKI. Computers must trust the CA that issues a certificate. For computers that are used on the internet and accessible to public users, obtain a certificate from a public CA such as VeriSign. By default, most computers trust well-known public CAs.
Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email. What type of attack is this? a. Smurf b. Phishing c. Man-in-the-middle d. Piggybacking
b. Phishing
You manage a network that uses switches. In the lobby of your building, there are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug their computers into the free network jacks and connect to the network. But employees who plug into those same jacks should be able to connect to the network. What feature should you configure? a. Bonding b. Port authentication c. Spanning tree d. VLANs e. Mirroring
b. Port authentication
How can an organization help prevent social engineering attacks? (Select two.) a. Utilize 3DES encryption for all user sessions b. Publish and enforce clearly written security policies c. Implement IPsec on all critical systems d. Educate employees on the risks and countermeasures
b. Publish and enforce clearly written security policies d. Educate employees on the risks and countermeasures
Telnet is inherently insecure because its communication is in plaintext and is easily intercepted. Which of the following is an acceptable alternative to Telnet? a. SHTTP b. SSH c. Remote Desktop d. SLIP
b. SSH SSH (Secure Shell) is a secure and acceptable alternative to Telnet. SSH allows secure interactive control of remote systems. SSH uses RSA public key cryptography for both connection and authentication. SSH uses the IDEA algorithm for encryption by default, but is able to use Blowfish and DES.
Which protocol does HTTPS use to offer greater security in web transactions? a. Username and password authentication b. SSL c. IPsec d. Kerberos
b. SSL
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario? a. Phishing b. Spam c. Repudiation attack d. Open SMTP relay
b. Spam
A VPN is used primarily for which purpose? a. Allow the use of network-attached printers. b. Support secured communications over an untrusted network. c. Allow remote systems to save on long-distance charges. d. Support the distribution of public web documents.
b. Support secured communications over an untrusted network.
Which of the following protocols encrypts data and is a newer version of the Secure Socket Layer (SSL) protocol? a. Dynamic Multipoint Virtual Private Network (DMVPN) b. Transport Layer Protocol (TLS) c. Generic Routing Encapsulation (GRE) d. Internet Protocol Security (IPsec)
b. Transport Layer Protocol (TLS)
Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.) a. Internet security association and key management protocol b. Transport layer security c. Point-to-point tunneling protocol d. Secure sockets layer
b. Transport layer security d. Secure sockets layer
Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry? (Select two.) a. Anti-passback system b. Turnstile c. Mantrap d. Double-entry door e. PTZ CCTV
b. Turnstile d. Double-entry door
A group of salesmen in your organization would like to access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement? a. RADIUS b. VPN concentrator c. I DS d. DMZ e. IPS
b. VPN concentrator With a remote access VPN, a server on the edge of a network (called a VPN concentrator) is configured to accept VPN connections from individual hosts. Hosts that are allowed to connect using the VPN connection are granted access to resources on the VPN server or the private network.
You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you need enter your username and password at a new website so you can manage your email and spam using the new service. What should you do? a. Click on the link in the email and look for company graphics or information before you enter the login information. b. Verify that the email was sent by the administrator and that this new service is legitimate. c. Open a web browser, type in the URL included in the email, and follow the directions to enter your login credentials. d. Click on the link in the email and follow the directions to enter your login information. e. Delete the email.
b. Verify that the email was sent by the administrator and that this new service is legitimate.
In a variation of a brute force attack, an attacker may use a predefined list (dictionary) of common usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue? a. 3DES encryption b. VLANs c. A strong password policy d. AES encryption
c. A strong password policy A strong password policy is the best defense against dictionary attacks. The policy must be enforced, and all users must be trained to properly construct and protect strong passwords.
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.) a. EPS b. SSL c. AH d. ESP e. L2TP
c. AH d. ESP
Which of the following statements about the use of anti-virus software is correct? a. Once installed, anti-virus software needs to be updated on a monthly basis. b. If servers on a network have anti-virus software installed, workstations do not need anti-virus software installed on them. c. Anti-virus software should be configured to download updated virus definition files as soon as they become available. d. If you install anti-virus software, you no longer need a firewall on your network.
c. Anti-virus software should be configured to download updated virus definition files as soon as they become available.
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle? a. Smurf b. Data diddling c. Buffer overflow d. Time of check/time of use (TOC/TOU)
c. Buffer overflow
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this? a. CGI b. Server-side scripts c. Client-side scripts d. ActiveX
c. Client-side scripts JavaScript is an example of client-side scripting, where the client system runs the scripts that are embedded in web pages. When pages download, the scripts are executed.
Which of the following can be used to stop piggybacking from occurring at a front entrance where employees swipe smart cards to gain entry? a. Use weight scales b. Use key locks rather than electronic locks c. Deploy a mantrap d. Install security cameras
c. Deploy a mantrap
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred? a. Trojan horse b. DLL injection c. Drive-by download d. SQL injection
c. Drive-by download
Which of the following can route Layer 3 protocols across an IP network? a. SSL b. IPsec c. GRE d. PPTP
c. GRE
Which of the following CCTV types would you use in areas with little or no light? a. C-mount b. A camera with a high LUX rating c. Infrared d. PTZ
c. Infrared
Which of the following networking devices or services prevents the use of IPsec in most cases? a. Router b. Switch c. NAT d. Firewall
c. NAT
What is the primary difference between impersonation and masquerading? a. One is easily detected, and the other is subtle and stealthy. b. One is a real-time attack, and the other is an asynchronous attack. c. One is more active, and the other is more passive. d. One is used against administrator accounts, and the other is used against end user accounts.
c. One is more active, and the other is more passive.
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts? a. RRAS b. EAP c. RADIUS d. NAS
c. RADIUS The Remote Authentication Dial-In User Service (RADIUS) is an authentication system that allows the centralization of remote user account management.
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan? a. Low LUX or infrared camera b. Sufficient lighting c. Security guards d. PTZ camera
c. Security guards When used in a preventative way, you must have a guard or other person available who monitors one or more cameras. Only a security guard can interpret what the camera sees to make appropriate security decisions.
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network? a. Session hijacking b. Fraggle c. Smurf d. Fingerprinting
c. Smurf Smurf is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network.
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the user's identity to the target system? a. Hashkey b. Voucher c. Ticket d. Coupon
c. Ticket
If your anti-virus software does not detect and remove a virus, what should you try first? a. Set the read-only attribute of the file you believe to be infected. b. Search for and delete the file you believe to be infected. c. Update your virus detection software. d. Scan the computer using another virus detection program.
c. Update your virus detection software.
Five salesmen who work out of your office. They frequently leave their laptops laying on the desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best way to address your concerns? a. Require strong passwords in the local security policy. b. Implement screen saver passwords. c. Use cable locks to chain the laptops to the desks. d. Encrypt all company data on the hard drives.
c. Use cable locks to chain the laptops to the desks.
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file? a. You can prove the source of the file. b. You will be the only one able to open the downloaded file. c. Your copy is the same as the copy posted on the website. d. No one has read the file contents as it was downloaded.
c. Your copy is the same as the copy posted on the website.
Which of the following best describes the ping of death exploit? a. Sending multiple spoofed ICMP packets to the victim b. Partial IP packets with overlapping sequencing numbers c. Redirecting echo responses from an ICMP communication d. An ICMP packet larger than 65,536 bytes
d. An ICMP packet larger than 65,536 bytes
To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occurring again? a. Create a scheduled task to run sfc.exedaily. b. Carefully review open firewall ports and close any unneeded ports. c. Switch to a more reliable anti-virus software. d. Configure the software to automatically download the virus definition files as soon as they become available.
d. Configure the software to automatically download the virus definition files as soon as they become available. Anti-malware software is most effective if it has the latest virus definition files installed. Instead of manually updating the signature files, you should configure the software to automatically download updated virus definition files as soon as they become available.
Which of the following is a text file that a website stores on a client's hard drive to track and record information about the user? a. Certificate b. Mobile code c. Digital signature d. Cookie
d. Cookie
Which of the following is a common social engineering attack? a. Logging on with stolen credentials b. Distributing false information about your organization's financial status c. Using a sniffer to capture network traffic d. Hoax virus information emails
d. Hoax virus information emails
You have installed anti-malware software that checks for viruses in email attachments. You configure the software to quarantine any files with problems. You receive an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the anti-malware software. What has happened to the file? a. The infection has been removed, and the file has been saved to a different location. b. The file extension has been changed to prevent it from running. c. It has been deleted from your system. d. It has been moved to a secure folder on your computer.
d. It has been moved to a secure folder on your computer.
Which of the following attacks, if successful, causes a switch to function like a hub? a. MAC spoofing b. ARP poisoning c. Replay d. MAC flooding
d. MAC flooding
An attacker captures packets as they travel from one host to another with the intent of altering the contents of the packets. Which type of attack is being executed? a. Spamming b. Passive logging c. Distributed denial of service d. Man-in-the-middle attack
d. Man-in-the-middle attack
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP? a. Hashed shared secret b. Certificate-based authentication c. Three-way handshake d. Mutual authentication
d. Mutual authentication MS-CHAP v2 allows for mutual authentication, where the server authenticates to the client.
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose? a. C-mount b. Dome c. Bullet d. PTZ
d. PTZ
Which of the following is the most common form of authentication? a. Digital certificate on a smart card b. Photo ID c. Fingerprint d. Password
d. Password
What should you do to increase the security of Bob's account? (Select two.) a. Configure user account names that are not easy to guess. b. Do not allow users to change their own passwords. c. Upgrade the workstation to Windows 8. d. Require users to set a stronger password upon initial logon. e. Train users not to use passwords that are easy to guess.
d. Require users to set a stronger password upon initial logon. e. Train users not to use passwords that are easy to guess
Which type of activity changes or falsifies information in order to mislead or re-direct traffic? a. Snooping b. Spamming c. Sniffing d. Spoofing
d. Spoofing Spoofing changes or falsifies information in order to mislead or re-direct traffic.
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.) a. AAA b. 802.1x c. EAP d. TACACS+ e. RADIUS f. PKI
d. TACACS+ e. RADIUS Both RADIUS and TACACS+ are protocols used for centralized authentication, authorization, and accounting used with remote access. Remote access clients send authentication credentials to remote access servers. Remote access servers are configured as clients to the RADIUS or TACACS+ servers and forward the authentication credentials to the servers. The servers maintain a database of users and policies that control access for multiple remote access servers.
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card for entry. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer by connecting it to the console port on the router. You configured the management interface with the username admin and the password password. What should you do to increase the security of this device? a. Move the device to a secure data center. b. Use a web browser to access the router configuration using an HTTP connection. c. Use an SSH client to access the router configuration. d. Use a stronger administrative password.
d. Use a stronger administrative password.
Which of the following CCTV camera types lets zoom the focus in and out? a. C-mount b. Fixed c. Infrared d. Varifocal
d. Varifocal
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a username of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? a. Change the default administrative username and password. b. Use a Telnet client to access the router configuration. c. Use encrypted type 7 passwords. d. Use TFTP to back up the router configuration to a remote location. e. Move the router to a secure server room.
e. Move the router to a secure server room.