Security Chapter 6 pt 1 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Which of the following best describes the purpose of using subnets?
answer
subnets divide an IP network address into multiple network addresses
question
Which of the following is not a reason to use subnets on a network?
answer
combine different media type on to the same subnet
question
Which of the following IPV6 addresses is equivalent to the IPV4 loopback address of 127.0.0.1?
answer
: :1
question
Which of the following IP addresses best describes an IPv6 address?
answer
128- bit address Eight hexadecimal quartets
question
Which of the following correctly describe the most common format for expressing IPv6 addresses?
answer
Hexadecimal numbers 32 numbers, grouped using colons
question
Which of the following are valid IPv6 addresses?
answer
141:0:0:15:0:0:16384:1319:7700 :7631:446A:5511:8940:2552
question
Which of the following is a valid IPv6 address?
answer
FECO ::AB:9007
question
Routers operate at what level of the Open System Interconnect model ?
answer
Network Layer
question
You decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration?
answer
172.17.128.0.0 172.17.0.0
question
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
answer
Implement version 3 of SNMP
question
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?
answer
DNS
question
Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
answer
ICMP
question
You are configuring a network firewall to allow SMTP outbound email traffic and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall?
answer
25 110
question
Which port number is only used by SNMP
answer
161
question
Which of the following ports does FTP use to establish sessions and manage traffic?
answer
20, 21
question
Using the Netstat command you notice the remote system has made a connection to your Windows Server 2008 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?
answer
Downloading a file
question
To increase security on your company's internal network the admin has disabled as many ports as possible. Now however though you can browse the internet you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
answer
443
question
Which of the following network services or protocols uses TCP/IP port 22?
answer
SSH
question
1. SNMP 2. SSH 3. TFTP 4. SCP 5. Telnet 6.HTTPS 7. HTTP 8. FTP 9. SMTP 10. POP3
answer
1. 161 TCP and UDP 2. 22 TCP and UDP 3. 69 UDP 4. 22TCP and UDP 5. 23 TCP 6. 443 TCP and UDP 7. 80 TCP 8. 20 TCP 9. 25 TCP 10. 110 TCP
question
Which of the two following lists accurately describes TCP and UDP ?
answer
UDP: connectionless, unreliable, unsequenced,low overheard TCP: connection-oriented, reliable, sequenced, high overhead
question
You are an app developer creating apps for a wide variety of customers. In which two of the following situations would you select a connectionless protocol?
answer
A gaming company wants to create a networked version of its latest game. Communication speed and reducing packet overhead are more important than error-free delivery A company connects two networks through an expensive WAN link. The communication media is reliable but very expensive. They want to minimize connection times
question
You want to maintain tight security on your internal network so you can restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS which port should you enable?
answer
53
question
Your company's network provides HTTP HTTPS and SSH access to remote employees. Which ports must be opened on the firewall to allow this traffic to pass?
answer
80, 443, 22
question
Your network recently experienced a series of attacks aimed at the Telnet FTP services. You have rewritten the security policy to abolish the unsecured services and now you must secure the network using your firewall routers. Which ports must be closed to prevent traffic directed to these two services ?
answer
23,21
question
Which of the following is the main difference between a DoS attack and a DDoS attack?
answer
The DDoS attack uses zombie computers
question
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
answer
DDoS
question
You suspect that an Xmas attack is occurring on the system. Which of the following could result if you do not stop the attack?
answer
The system will be unavailable to respond to legitimate requests The threat agent will obtain info about open ports on the system
question
You need to enumerate the devices on your network and display the configuration details of the network. Which of the following should you use?
answer
nmap
question
An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing?
answer
browsing the organization's website
question
Which type of active scans turns off all flags in a TCP header?
answer
Null
question
Which of the following Denial of Service (DOS) attacks uses ICMP packets and will only be successful if the victim has less bandwidth then the attacker?
answer
Ping flood
question
In which of the following Denial of Service (DOS) attacks does the victim's system rebuild invalid UDP packets causing them to crash or reboot?
answer
Teardrop
question
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver address, which is the address of the server. This is an example of what type of attack?
answer
Land Attack
question
Which of the following is a form of denial of service attack that subverts the TCP three-way handshake process by attempting to open numerous sessions on a victim server but intentionally failing to complete the session by not sending the final required packet?
answer
SYN flood
question
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
answer
Smurf
question
A SYN attack or a SYN flood exploits or alters which element of the TCP three-way handshake?
answer
ACK
question
When a SYN is flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address the attack is now called what ?
answer
Land attack
question
A smurf attack requires all but which of the following elements to be implemented?
answer
padded cell
question
Which of the following best describes the ping of death?
answer
An ICMP packet that is larger than 65,536 bytes
question
Which of the following is the best countermeasure against man-in-the-middle attacks?
answer
IPSec
question
What is modified in the most common form of spoofing on a typical IP packet
answer
source address
question
Which type of denial of service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
answer
DNS poisoning
question
Which of the following describes a man-in-the-middle attack?
answer
a false server intercepts communications from a client by impersonating an intended server
question
Capturing packets as they travel from one host to another with the intent of altering contents of the packets is a form of which security concern?
answer
man-in-the-middle attack
question
When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets in the communication stream what type of attack has occurred?
answer
Hijacking
question
What is the goal of TCP/IP hijacking attack?
answer
Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access
question
Which of the following is not a protection against session hijacking?
answer
DHCP reservations
question
Which of the following is the most effective protection against IP packet spoofing on a private network?
answer
Ingress and egress filters
question
While using the internet you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, the browser displays a completely different website. When you use the IP address of the web server the correct site is displayed. What type of attack has likely occurred?
answer
DNS poisoning
question
Which of the following attacks tries to associate an incorrect MAC address with a known IP address?
answer
ARP poisoning