Testout Chapter 6

Flashcard maker : Lily Taylor
Which of the following best describes the purpose of using subnets?
Subnets divide an IP address into multiple addresses.
Which of the following is NOT a reason to use subnets of a network?
combine different media type on the same subnet
Which of the following IPv6 addresses is the equivalent of IPv4 loop-back address of 127.0.0.1?
::1
Which of the following describes an IPv6 address? (select two)
eight hexidecimal quartets AND 128-bit address
Which of the following correctly describe the most common format for expressing IPv6 addresses? (select two)
hexadecimal numbers AND 32 numbers, grouped using colons
Which of the following are valid IPv6 addresses? (select two)
6384:1319:7700:7631:446A:5511:8940:2552
AND
141:0:0:0:15:0:0:1
Which of the following is a valid IPv6 address?
FEC-::AB:9007
Routers operate at which level of the OSI model?
Network layer (layer 3)
You’ve decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets. Which network IDs will be assigned to these subnets in this configuration? (selec two)
172.17.0.0 AND 172.17.128.0
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
implement version 3 on SNMP
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. What protocol should you implement?
DNS
Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
ICMP
You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall? (Select Two)
25 AND 110
Which port number is used by SNMP?
161
Which of the following ports does FTP use to establish sessions and manage traffic?
20, 21
Using the Netstat command you notice that a remote system has made a connection to your Windows server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing ?
downloading a file
To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform some secure credit card transactions.
443
Which of the following network services or protocols uses TCP/IP port 22?
SSH
Matching ports to associated services
SNMP = 161 TCP and UDP
SSH = 22 TCP and UDP
TFTP = 69 UDP
SCP = 22 TCp and UDP
Telnet = 23 TCP
HTTPS = 443 TCP and UDP
HTTP = 80 TCP
FTP = 20 TCP
SMTP = 25 TCP
POP3 = 110 TCP
You want to maintain tight security on your internal network so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
53
Your company’s network provides HTTP, HTTPS, and SSH access to remote employees. Which ports must be opened on the firewall to allow this traffic to pass?
80 443 22
Your network recently experienced a series of attacks at the Telnet and FTP services. You have rewritten the security policy to abolish the unsecured services, and now you must secure the network using your firewall and routers. Which ports must be closed to prevent traffic directed to these two services?
23 21
What is the main difference between a DoS attack and a DDoS attack?
the DDoS attack uses zombie computer
You need to enumerate the devices on your network and display the configuration details of the network.
Which of the following utilities should you use?
nmap
An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing?
browsing the organization’s website
Which type of active scan turns off all flags in a TCP header?
null
Which of the following Denial of Service (DoS) attacks uses ICMP packets and will only be successful if the victim has less bandwidth than the attacker?
ping flood
in which of the following Denial of Service (DoS) attacks does the victim’s system rebuild invalid UDP packets, causing the system to crash or reboot?
teardrop
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?
land attack
Which of the following is a form of denial of service attack that subverts the TCP three-way handshake process by attempting to open numerous sessions on a victim server but intentionally failing to complete the session by not sending the final required packet?
SYN flood
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
smurf
A SYN attack or SYN flood exploits or alters which element of the TCP three-way handshake?
ACK
When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination addresses as a single victim IP address, the attack is now called what?
land attack
A Smurf attack requires all but which of the following elements to be implemented?
padded cell
Which of the following best describes the ping of death?
an ICMP packet that is larger than 65536 bytes
Which of the following is the best countermeasure against a man-in-the-middle attacks?
IPSec
What is modified in the most common form of spoofing on a typical IP packet?
source address
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
DNS poisoning
Which of the following describes a man-in-the-middle attack?
a false server intercepts communications from a client by impersonating the intended server
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which concern?
man in the middle attack
When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack has occurred?
hijacking
What is the goal of a TCP/IP hijacking attack?
executing commands or accessing resources on a system the attacker does not otherwise have authorization to access
Which of the following is not a protection against session hijacking?
DHCP reservations
Which of the following is the most effective protection against IP packet spoofing on a private network?
ingress and egress filters
While using the Internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address of the Web server, the correct site is displayed.
Which type of attack has likely occurred?
DNS poisoning
Which of the following attacks tries to associate an incorrect MAC address with a known IP address?
ARP poisoning
What are the most common network traffic packets captured and used in a replay attack?
authentication
When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?
an unauthorized user gaining access to sensitive resources
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?
Spoofing
Which of the following is a privately controlled portion of a network that is accessible to some specific eternal entities?
extranet
You are the office manager of a small financial credit business. Your company handles personal, financial information for clients seeking small loans over the Internet. You are aware of your obligation to secure clients records, but budget is an issue.
Which item would provide the best security for this situation?
all-in-one security appliance
You are implementing security at a local high school that is concerned with students accessing inappropriate material on the Internet from the library’s computers. The students will use the computers to search the Internet for research paper content. The school budget is limited. Which content filtering option would you choose?
restrict content based on content categories
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers.
Which type of device should you use to create the DMZ?
network-based firewall
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users.
Which solution should you use?
use firewalls to create a DMZ. place web server in the DMZ, and the private network behind the DMZ
Of the following security zones which one can serve as a buffer network between a private secured network and the untrusted internet?
DMZ
Which of the following is likely to be located in a DMZ?
FTP server
Members of the sales team use laptops to connect to the company network. While traveling they connect their laptops to the internet through the airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
NAC
n which of the following situations would you most likely implement Demilitarized zone (DMZ) ?
you want to protect a public web server from attack
Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks?
bastion or sacrificial host
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
circuit-level
You provide internet access for a local school. You want to control internet access based on user and prevent access to specific URLs. Which type of firewall should you install?
application level
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
firewall
You have been given a laptop to use for work. You connect the laptop to your company network use it from home and for travel. You want to protect the laptop from internet based attacks. Which solution should you use?
host based firewall
You connect your computer to a wireless network available at the local library. You find that you can access all websites you want on the internet except for two. What might be causing the problem?
a PROXY server is blocking access to the websites
You are the network admin for a small company that implements NAT to access the internet. However you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 addt’l registered IP addresses to support these new servers but you don’t want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside? Which method of NAT translation should you implement for these 5 servers?
static
You want to connect your small company network to the internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of network address translation (NAT) should you implement?
dynamic
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server
169.254.0.0 – 169.254.255.255
Which of the following networking devices or services prevents the use of IPsec in most cases ?
NAT
Which of the following is not a benefit of NAT?
improving the throughput rate of traffic
You have a group of salesmen who would like to access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
VPN connector
A VPN is used primarily for what purpose?
support secured communications over an untrusted network
Which VPN protocol typically employs IPsec as its data encryption mechanism?
L2TP
Which IPsec sub protocol provides data encryption?
ESP
Which is the best countermeasure for someone attempting to view your network traffic?
VPN
PPTP(Point to Point Tunneling Protocol) is quickly becoming obsolete because of what VPN protocol?
L2TP
In addition to Authentication Header(AH) IPsec is compromised of what other service?
ESP
What is the following is a valid security measure to protect email from viruses ?
use blockers on e-mail gateways
Which step is required to configure a NAP on a remote desktop (RD) gateway server?
edit the properties for the server and select REQUEST CLIENTS TO SEND A STATEMENT OF HEALTH
In a NAP system what is the function of the System Health Validator ?
Compare the statement of health submitted by the client to the health requirements
How does IPsec NAP enforcement differ from the other NAP enforcement methods?
clients must be issued a valid certificate before a connection to the private network is allowed
Which of the following wireless security methods uses a common key configured on the wireless access point and all wireless clients?
WEP WPA Personal WPA2 Personal
Which of the following features are supplied by WPA2 on a wireless network?
encryption
How does WPA2 differ from WPA?
WPA2 uses AES for encryption; WPA uses TKIP
You need to configure the wireless network card to connect to your network at work. The connection should use a user name and password for authentication with AES encryption. What should you do?
Configure the connection to use WPA2-Enterprise
WiMAX is an implementation of which IEEE committee?
802.16
You want to connect a laptop computer running Windows 7 to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do?
configure the connection witha preshared key and AES encryption
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
rogue access point
Which of the following describes marks that attackers place outside a building to identify an open wireless network?
war chalking
The process of walking around an office building with an 802.11 signal detector is known as what?
war driving
Which of the following best describes Bluesnarfing?
unauthorized viewing calendar, emails, and messages on a mobile devices
Your organization uses a 802.11g wireless network. Recently other tenants installed the following equipment in your building:

A wireless television distribution system running at 2.4 GHz
A wireless phone system running at 5.8 GHz
A wireless phone system

the wireless TV system
Which of the following best describes evil twin?
an access point that is added to the network by an internal employee to provide authorized network
Network packet sniffing is often used to gain the info needed to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing?
encryption
Which of the following common network monitoring or diagnostic activity can be used as a passive malicious attack?
sniffing
An attacker has hidden an NFC reader behind an NFC-Based kiosk in an airport. The attacker uses the device to capture NFC data in transit between end-user devices and the reader in the kiosk
NFC relay attack
You are implementing a wireless network in a dentist’s office. The dentist’s practice is small so you choose to use an inexpensive consumer grade access point. While reading the documentation, you notice that the access point supports Wi-Fi protected Setup (WPS) using a pin. You are concerned about the security implication of this functionality. What should you do to reduce risk?
disable WPS in the access point’s configuration
Which remote access authentication protocol allows for the use of smart cards for authentication?
EAP
You want to implement 802.11x authentication on your network Where would you configure passwords that are used for authentication?
on a RADIUS server
Which EAP implementation is most secure?
EAP-TLS
You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing?
WPA2 with AES
You need to place a wireless access point in your two story building. While trying to avoid interference which of the following is the best location for the access point?
in the top floor

Get instant access to
all materials

Become a Member