Section 6 – Flashcards
Unlock all answers in this set
Unlock answersquestion
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
answer
Implement version 3 of SNMP
question
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. What protocol should you implement?
answer
DNS
question
Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
answer
ICMP
question
You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall? (Select Two)
answer
25, 110
question
Which port number is used by SNMP?
answer
161
question
Which of the following ports does FTP use to establish sessions and manage traffic?
answer
20, 21
question
Using the Netstat command you notice that a remote system has made a connection to your Windows server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing ?
answer
Downloading a file
question
To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform some secure credit card transactions.
answer
443
question
Which of the following network services or protocols uses TCP/IP port 22?
answer
SSH
question
Matching ports to associated services
answer
SNMP = 161 TCP and UDP SSH = 22 TCP and UDP TFTP = 69 UDP SCP = 22 TCp and UDP Telnet = 23 TCP HTTPS = 443 TCP and UDP HTTP = 80 TCP FTP = 20 TCP SMTP = 25 TCP POP3 = 110 TCP
question
Which of the following lists accurately describes TCP and UDP?
answer
TCP: connection-oriented, reliable, sequenced, high overhead UDP: connectionless, unreliable, unsequenced, low overhead
question
You are an application developer creating applications for a wide variety of customers. In which two of the following situations would you select a connectionless protocol?(Select 2)
answer
A gaming company wants to create a networded version fo its latest game AND A company connects two networks through an expensive WAN link. The communication media is reliable, but very expensive. They want to minimize connection times.
question
You want to maintain tight security on your internal network so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
answer
53
question
Your company's network provides HTTP, HTTPS, and SSH access to remote employees. Which ports must be opened on the firewall to allow this traffic to pass?
answer
80, 443, 22
question
Your network recently experienced a series of attacks at the Telnet and FTP services. You have rewritten the security policy to abolish the unsecured services, and now you must secure the network using your firewall and routers. Which ports must be closed to prevent traffic directed to these two services?
answer
23, 21
question
Which of the following best describes the purpose of using subnets?
answer
Subnets divide an IP address into multiple addresses.
question
Which of the following is NOT a reason to use subnets of a network?
answer
Combine different media type on the same subnet.
question
Which of the following IPv6 addresses is the equivalent of IPv4 loop-back address of 127.0.0.1?
answer
::1
question
Which of the following describes an IPv6 address? (select two)
answer
128-bit address; eight hexadecimal quartets
question
Which of the following correctly describe the most common format for expressing IPv6 addresses? (select two)
answer
Hexadecimal numbers; 32 nubmers, grouped using colons
question
Which of the following are valid IPv6 addresses? (select two)
answer
6384:1319:7700:7631:446A:5511:8940:2552 AND 141:0:0:0:15:0:0:1
question
Which of the following is a valid IPv6 address?
answer
FEC0::AB;9007
question
Routers operate at which level of the OSI model?
answer
Network layer OR layer 3
question
You've decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration? (selec two)
answer
172.17/128.0 AND 172.17.0.0
question
attacks?
answer
IPSec
question
What is modified in the most common form of spoofing on a typical IP packet?
answer
Source address
question
misleading data that incorrectly maps host names and IP addresses?
answer
DNS poisoning
question
attack?
answer
A false server intercepts communications from a client by impersonating the intended
question
of the packets is a form of which security concern?
answer
Man-in-the-middle attack
question
packets into the communication stream, what type of attack has occurred?
answer
Hijacking
question
What is the goal of a TCP/IP hijacking attack?
answer
Executing commands or accessing resources on a system the attacker does not
question
Which of the following is not a protection against session hijacking?
answer
DHCP reservations
question
network?
answer
Ingress and egress filters
question
Which type of attack has likely occurred?
answer
DNS poisoning.
question
address?
answer
ARP poisoning
question
What are the most common network traffic packets captured and used in a replay attack?
answer
Authentication
question
what is the security problem you are most concerned about?
answer
An unauthorized user gaining access to sensitive resources
question
what form of attack?
answer
Spoofing
question
names for the same exploit.)
answer
Pharming
