Chapter 7 – College

You manage a network with a single switch. All hosts connect to the network through the switch. You want to increase the security of devices that are part of the accounting department. You want to make sure hat broadcast traffic sent by an accounting computer is only received by other accounting computers, and you want to impement ACLs to control traffic sent to accounting computers through the network. What should you do?

You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose?

Which of the following is an advantage of using switches to create virutal LANs?

Which characteristic of a switch can improve bandwidth utilization and reduce the risk of sniffing attacks on the network?

What characteristic of hubs poses a security threat?

Which of the following devices does not examin the MAX address in a frame before processing or forwarding the frame?

Which of the following describes how a router can be used to implment security on your network?

A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?

An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?

You’ve just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You’ve backed up to the router configuration to a remote location in an encrypted fil. You access the router configuration interface from your notebook coputer by connecting it to the conosole port on the router. You configured the management interface with a user name of admin and a password of password. What should you do to increase the security of this device?

While developing a network application, a programmer adds functionally that allows her to access the running program. Without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. What type of security weakness does this represent?

Which of the following attacks, if successful, causes a switch to function like a hub?

Which of the following switch attakcs associates the attacker’s MAC address with the IP address of the victim’s devices

Which is a typical goal of MAC spoofing?

Which protocol should you disabl on the user access ports of a switch?

You’ve just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You’ve backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a user name of admin and a password of admin. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of the device?

You’ve just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You’ve backed up the router configuration to a remote location in an encrypted file. You access the router configuration from your notebook computer using an SSH client with the user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

You’ve just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a locked server closed. You use an FTP client to regularly back up the router configuration to a remote server in an encrypted file. You access the router configuration interface from a notebook computer that is connected to the router’s concole port. You’ve configured the device with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Match the management option with the corresponding description

A vitual LAN can be created using which of the following?

When configuring VLANs on a switch, what is used to identify VLAN membership of a device?

You want to increase the security of your network by allowing only authenticated users to be able to access netowrk devices through a switch. Which of the following should you implement?

Which of the following applications typically use 802.1x authentication?

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access. Which feature should you implement?

When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?

You manage a network that uses switched. In the lobby your building are three RJ-45 ports connected to a switch. You want to make sure that vistors cannot plug in their computers to the free network jacks and connect to the netowrk. However, employees who plug into those same jacks should be able to conect to the network. What feature should you configure?

Which of the following solutions would you implement to eliminate switching loops?

You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?

In which of the following situations would you use port security?

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You’ve had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the Internet. The library computers are in groups of four. Each group of four comptuers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do?

You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isoluated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through thte switch, but you still need to access the network through the computer. What should you use this situation?

Which of the following best describes the concept of a virtual LAN?

Your company is a small startup company that has leased office space in a building shared by other business. All business share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implmented?

You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?

You are concerned about protecting your network from network based attacks from the internet. Specifically you are concerned about attacks that have not yet been identified or that do not have prescribed protections. Which type of device should you use?

What do host based intrusion detection systems often rely upon to perform their detection activities?

What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack?

Which of the following activities are considered passive in regards to the functioning of an intrusion detection system?

An active IDS system often performs which of the following actions?

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?

You have just installed a new network based IDS system that uses signature recognition. What should you do on a regular basis?

Whatis the most common form of host based IDS that employs signature or pattern matching detection methods?

You have configured a NIDS to monitor network traffic. Which of the following describes an attack that is not detected by a NIDS device?

Which of the following describes a false positive when using an IPS device?

If maintaining confidentiality is of the utmost importance to your organiation, what is the best response when an intruder is detected on your network?

Which of the following devices is capable of detecting and responding to security threats?

You want to create a collection of computers on your network that appear to have valuable data, but are really computers configured with fake datathat could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the methods of attack that are being deployed. What should you implement?

A honey pot is used for what purpose?

Your organization uses a web server to host an e-commerce site. Because this web server ahndles financial transactions, you are concerned that it could become a prime target for exploits. You want to implement a network security control that will analyze the contents of each packet going to or from the web server. The security control must be able to identify malicious payloads and block them. What should you do?

Match the fabric zoning with the description:

You are implementing an iSCSI that will be used by the file servers in your organization. You are concerned about security, so your design specifies the iSCSI initiators and targets must authenticate with each other before a connection over the SAN will be allowed. In addition, you want data being transferred over the SAN to be encrypted. Which of the following are true in the scenario

You are implementing a Fibre Channel SAN thata will be used by the database servers in your organization. You are concerned about secruity so your design specifies that SAN hosts must authenticate with each other before a connection over the SAN will be allowed. In addition, you want data being transferred over the SAN to be encrypted. Which of the following are true in this scenario?

Match the SAN security control with the description

You are designing a Fibre Channel SAN implmentation that will be used y the file servers in you orgnaization. Multiple volumes will be configured on the SAN, each used by different departments in your organization. It’s very important that only the appropriate server b able to connect to a given volume on the SAN. For example, the Salse and marketing server must not be allowed to connect to the SAN volume used by Human Resources. To enable this, you decide to use LUN masking. Which of the following is true in this scenario?