Mid3 Chap7 M82

You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the ff. devices should you choose?

Which characteristic of a switch can improve bandwidth utilization and reduce the risk of sniffing attacks on the network?

Which of the ff. is an average of using switches to create virtual LANs?

You manage a network with a single switch. All hosts connect to the network through the switch. You want to increase the security of devices that are part of the accounting department. You want to make sure that broadcast traffic sent by an accounting computer is only received by other accounting computers, and you want to implement ACLs to control traffic sent to accounting computers through network. What should you do?

What characteristic of hubs poses a security threat?

Which of the ff. devices does "not" examine the MAC address in a frame before processing or forwarding the frame?

A relative new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the ff. has occurred?

An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?

Which protocol should you disable on the user access ports of a switch?

Which of the ff. attacks, if successful, causes a switch to function like a hub?

Which is a typical goal of MAC spoofing?

Which of the ff. switch attacks associates the attacker's MAC address with the IP address of the victim's devices?

Which of the ff. best describes the concept of virtual LAN?

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet Access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive doc. on a computer that would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you implement?

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to make sure that visitors cannot plug in their computer to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?

When configuring VLANs on a switch, what is used to identify VLAN membership of a device?

Which of the ff. solutions would you implement to eliminate switching loops?

Your company is a small start-up company that has leased office in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the Internet. Supervision of these computers has been difficult. You've had problems with patrons brining personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the Internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access point on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do?

In which of the ff. situations would you use port security?

You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the ff. should you implement?

When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?

A virtual LAN can be created using which of the ff.?

You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?

Which of the ff. devices is capable of detecting and responding to security threats?

You are concerned about protecting your network from network-based attacks from the Internet. Specially, you are concerned about attacks that have not yet been identified or that do not have prescribed protections. Which type of device should you use?

You have just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis?

What do host based intrusion detection systems often rely upon to perform their detection activities?

Which of the ff. describes a false positive when using an IPS device?

You want to create a collection of computers on your network that appear to have valuable data, but are really computers configured with fake data that could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the methods of attack that is being deployed. What should you implement?

What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?

If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?

What is the most common form of host based IDS that employs signature or pattern matching detection methods?

A honey pot is used for what purpose?

You have configured a NIDS to monitor network traffic. Which of the ff. describes an attack that is not detected by the NIDS device?