Download Cybersecurity Chapter 3 Test Review

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
Document related concepts

Cross-site scripting wikipedia , lookup

Proxy server wikipedia , lookup

Mobile security wikipedia , lookup

Security and safety features new to Windows Vista wikipedia , lookup

Computer security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Deep packet inspection wikipedia , lookup

Network tap wikipedia , lookup

Wireless security wikipedia , lookup

Security-focused operating system wikipedia , lookup

HTTPS wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Unix security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Distributed firewall wikipedia , lookup

Transcript 
Chapter Three
Which of the following protocols is a file
transfer protocol using SSH?
A.
B.
C.
D.
SFTP
TFTP
SICMP
CCMP

Of the following choices, which one provides
the most security for FTP?
A.
B.
C.
D.
FTP active mode
FTPS
TFTP
SCP

Of the following choices, what is a benefit for
IPsec?
A.
B.
C.
D.
MAC filtering
Flood guard
Load balancing
Payload encryption

What protocol is used to monitor and
configure network devices?
A.
B.
C.
D.
ICMP
SFTP
SNMP
DNS

Which of the following is an IPv6 address?
A.
B.
C.
D.
192.168.1.100
192.168.1.100/128
FE80:20D4:3FF7:003F:DE62
FE80:0000:0000:0000:20D4:3FF7:003F:DE62

Which of the following IP addresses are on
the same subnet? (Choose all that apply)
A.
B.
C.
D.
192.168.5.50, 255.255.255.192
192.168.1.100, 255.255.255.192
192.168.1.165, 255.255.255.192
192.168.1.189, 255.255.255.192

An administrator decides to block Telnet
access to an internal network from any
remote device on the internet. Which of the
following is the best choice to accomplish
this?
A.
B.
C.
D.
Block
Block
Block
Block
port
port
port
port
22
22
23
23
at the host firewall
on the internal routers
at the network firewall
on internal routers

What port does SFTP use?
A.
B.
C.
D.
22
23
443
1443

What ports do HTTP and HTTPS use?
A.
B.
C.
D.
20
22
80
80
and
and
and
and
21
25
443
1433

What port does SMTP use?
A.
B.
C.
D.
22
25
110
143

Of the following choices, what ports are used
by NetBIOS? (Choose two.)
A.
B.
C.
D.
80
137
139
3389

Your organization uses switches for
connectivity. Of the following choices, what
will protect the switch?
A.
B.
C.
D.
Disable
Disable
Disable
Disable
unused
unused
unused
unused
MAC addresses
ports
IPv4 addresses
IPv6 addresses

YA user unplugged a cable into two RJ-45
wall jacks connected to unused ports on a
switch. In a short period, this disrupted the
overall network performance. What should
you do to protect against this problem in the
future?
A.
B.
C.
D.
Enable loop protection on the switch
Disable port security
Use a VLAN
Create DMZ

What can you use to logically separate
computers in two different departments
within a company?
A.
B.
C.
D.
A hub
A VLAN
NAT
A flood guard

Most firewalls have a default rule placed at
the end of the firewall’s ACL. Which of the
following is the most likely default rule?
A.
B.
C.
D.
Deny any any
Deny ICMP all
Allow all all
Allow TCP all

Of the following choices, what best describes
a method of managing the flow of network
traffic by allowing aor denying traffic based
on ports, protocols and addresses?
A.
B.
C.
D.
Implicit deny
Firewall rules
Proxy server content filter
Firewall logs

A.
B.
C.
D.
Of the following choices, what represents the
best choice to prevent intrusions on an
individual computer?
HIDS
NIDS
Host-based firewall
Network-based firewalls

A.
B.
C.
D.
Your network includes a subnet that hosts
accounting server with sensitive data. You
want to ensure that users in the Marketing
Department (on a separate subnet) cannot
access these servers. Of the following
choices, what would be the easiest to achieve
the goal?
Enable load balancing
Enable port security
Use an ACL
Add a host-based firewall to each server

A.
B.
C.
D.
Of the following choices, what controls traffic
between networks?
A firewall
Load balancer
VPN connector
Protocol analyzer

A.
B.
C.
D.
An organization has a web security gateway
installed. What function is this performing?
MAC filtering
Caching content
Hiding internal IP addresses
Content filtering

A.
B.
C.
D.
Your organization hosts a large website
served by multiple servers. They need to
optimize the workload and distribute it
equally among all servers. What should they
use?
Proxy server
Load balancer
Web security gateway
Security appliance

A.
B.
C.
D.
Of the following choices, what can be used to
allow access to specific servers from the
internet while protecting access to an internal
network?
SSH
Implicit deny
DMZ
Port security

A.
B.
C.
D.
Of the following choices, what hides the IP
addresses of computers inside a network
from computers outside the network?
Web security gateway
Replacing all hubs with switches
WAF
NAT

A.
B.
C.
D.
Of the following choices, what is the best
choice for a device to filter and cache content
from web pages?
Web security gateway
VPN connector
Proxy server
MAC filtering

A.
B.
C.
D.
E.
In order to provide flexible working conditions, a
company has decided to allow some employees
remote access into corporate headquarters.
Which of the following security technologies
could be used to provide remote access? (Select
TWO).
Subnetting
NAT
Firewall
NAC
VPN

A.
B.
C.
D.
Which of the following can prevent an
unauthorized person from accessing the
network by plugging into an open network
jack?
802.1x
DHCP
802.1q
NIPS

A.
B.
C.
D.
After verifying that the server and database are
running, Jane, the administrator, is still unable to
make a TCP connection to the database. Which of
the following is the MOST likely cause for this?
The server has data execution prevention
enabled
The server has TPM based protection enabled
The server has HIDS installed
The server is running a host-based firewall

A.
B.
C.
D.
A security administrator needs to determine
which system a particular user is trying to
login to at various times of the day. Which of
the following log types would the
administrator check?
Firewall
Application
IDS
Security

A.
B.
C.
D.
Which of the following devices would MOST
likely have a DMZ interface?
Firewall
Switch
Load balancer
Proxy

A.
B.
C.
D.
Which of the following tools would Matt, a
security administrator, MOST likely use to
analyze a malicious payload?
Vulnerability scanner
Fuzzer
Port scanner
Protocol analyzer

A.
B.
C.
D.
Which of the following BEST describes a
protective countermeasure for SQL injection?
Eliminating cross-site scripting
vulnerabilities
Installing an IDS to monitor network traffic
Validating user input in web applications
Placing a firewall between the Internet and
database servers

A.
B.
C.
D.
Pete, a network administrator, is capturing
packets on the network and notices that a
large amount of the traffic on the LAN is SIP
and RTP protocols. Which of the following
should he do to segment that traffic from the
other traffic?
Connect the WAP to a different switch.
Create a voice VLAN.
Create a DMZ.
Set the switch ports to 802.1q mode.

A.
B.
C.
D.
E.
Which of the following IP addresses would be
hosts on the same subnet given the subnet
mask 255.255.255.224? (Select TWO).
10.4.4.125
10.4.4.158
10.4.4.165
10.4.4.189
10.4.4.199

A.
B.
C.
D.
Matt, an administrator, notices a flood
fragmented packet and retransmits from an
email server. After disabling the TCP offload
setting on the NIC, Matt sees normal traffic
with packets flowing in sequence again.
Which of the following utilities was he MOST
likely using to view this issue?
Spam filter
Protocol analyzer
Web application firewall
Load balancer

A.
B.
C.
D.
An ACL placed on which of the following
ports would block IMAP traffic?
110
143
389
465

A.
B.
C.
D.
Mike, a network administrator, has been
asked to passively monitor network traffic to
the company’s sales websites. Which of the
following would be BEST suited for this task?
HIDS
Firewall
NIPS
Spam filter

A.
B.
C.
D.
Which of the following would Pete, a security
administrator, MOST likely implement in
order to
allow employees to have secure remote
access to certain internal network services
such as file
servers?
Packet filtering firewall
VPN gateway
Switch
Router

A.
B.
C.
D.
Matt, the IT Manager, wants to create a new
network available to virtual servers on the
same
hypervisor, and does not want this network to
be routable to the firewall. How could this
BEST be
accomplished?
Create a VLAN without a default gateway.
Remove the network from the routing table.
Create a virtual switch.
Commission a stand-alone switch.

A.
B.
C.
D.
A security administrator has configured FTP
in passive mode. Which of the following ports
should the security administrator allow on the
firewall by default?
20
21
22
23

A.
B.
C.
D.
Which of the following protocols would be
implemented to secure file transfers using
SSL?
TFTP
SCP
SFTP
FTPS

A.
B.
C.
D.
E.
Which of the following are used to implement
VPNs? (Select TWO).
SFTP
IPSec
HTTPS
SNMP
SSL

A.
B.
C.
D.
Matt, a security administrator, is receiving
reports about several SQL injections and
buffer overflows through his company’s
website. Which of the following would reduce
the amount of these attack types?
Antivirus
Anti-spam
Input validation
Host based firewalls

A.
B.
C.
D.
Pete, the security administrator, wants to ensure
that traffic to the corporate intranet is secure
using HTTPS. He configures the firewall to deny
traffic to port 80. Now users cannot connect to
the intranet even through HTTPS. Which of the
following is MOST likely causing the issue?
The web server is configured on the firewall’s
DMZ interface.
The VLAN is improperly configured.
The firewall’s MAC address has not been
entered into the filtering list.
The firewall executes an implicit deny.

A.
B.
C.
D.
Which of the following protocols can be used
to secure traffic for telecommuters?
WPA
IPSec
ICMP
SMTP

A.
B.
C.
D.
Which of the following must Jane, a security
administrator, implement to ensure all wired
ports are authenticated before a user is
allowed onto the network?
Intrusion prevention system
Web security gateway
Network access control
IP access control lists

A.
B.
C.
D.
A security administrator needs to open ports
on the firewall to allow for secure data
transfer. Which of the following TCP ports
would allow for secure transfer of files by
default?
21
22
23
25

A.
B.
C.
D.
E.
Which of the following technologies would
allow for a secure tunneled connection from
one site to another? (Select TWO).
SFTP
IPSec
SSH
HTTPS
ICMP

A.
B.
C.
D.
Which of the following network design
elements provides for a one-to-one
relationship between an internal network
address and an external network address?
NAT
NAC
VLAN
PAT

A.
B.
C.
D.
Sara, a security administrator, needs to
implement the equivalent of a DMZ at the
datacenter entrance. Which of the following
must she implement?
Video surveillance
Mantrap
Access list
Alarm

A.
B.
C.
D.
Sara, a security technician, has been asked to
design a solution which will enable external
users to have access to a Web server, while
keeping the internal network unaffected by
this access. Which of the following would
BEST meet this objective?
Place the Web server on a VLAN
Place the Web server inside of the internal
firewall
Place the Web server in a DMZ
Place the Web server on a VPN
Related documents
Firewall Configuration
Firewall Configuration
Microsoft Word - Firewall change request form1
Microsoft Word - Firewall change request form1
homework 8
homework 8
Cisco Discovery 1 Module 08 Quiz Picture Descriptions
Cisco Discovery 1 Module 08 Quiz Picture Descriptions
Read more
Read more
CS572: Computer Security
CS572: Computer Security
I get the error message “An error occurred while
I get the error message “An error occurred while
Network Security
Network Security
Document 62752
Document 62752
Non-Technical Issues regarding connecting hospitals to
Non-Technical Issues regarding connecting hospitals to