






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A wide range of network security topics, including tools for network monitoring and analysis, encryption methods, firewall configurations, security threats and vulnerabilities, incident response procedures, and various attack types. It provides detailed explanations and corrective answers to multiple-choice questions, demonstrating a comprehensive understanding of network security principles and best practices. The document delves into the fundamentals of securing network environments, addressing issues such as password management, access control, encryption algorithms, and defense mechanisms against common cyber threats like ddos attacks, brute-force attacks, and sql injections. By studying this document, readers can gain valuable insights into the strategies and techniques employed by network administrators and security professionals to maintain the integrity, confidentiality, and availability of network resources.
Typology: Exams
1 / 10
This page cannot be seen from the preview
Don't miss anything!







What tool allows network administrators to capture and analyze data traversing their networks? - Correct answer Protocol analyzer Following a natural or manmade incident at your organization that involved loss of data from local HDDs and storage, what entity should you contact to enable recovery of data? - Correct answer Backup service What is a disadvantage of creating hashes of each file on an attached storage device? - Correct answer Places a performance burden on the host and slows its ability to respond to requests What is a primary disadvantage of asymmetric-key encryption? - Correct answer Slow speed due to high processing burden What defensive action will allow you to reduce severity of attacks involving specific services and protocols coming from outside of your network? - Correct answer Configure your firewall to filter out unwanted traffic based on protocol or services What is considered to be the most secure default firewall policy? - Correct answer Implicit Deny (Blocking all access by default, then allowing only specific, necessary connections) Common security threats to Web servers include, but are not limited to: - Correct answer CGI Scripts, SQL injections, Cross site scripting (XSS), DDOS
What is the foundational component needed to be in place FIRST when creating a secure networking environment? - Correct answer Security Policy In considering authentication using HTTP vs HTTPS, which operates fully in the clear and introduces susceptibility man-in-the-middle attacks? - Correct answer HTTP What malicious logic, when installed on a system, replaces or modifies legitimate programs preventing them from functioning as expected in effort to hide malicious programs and activity? - Correct answer A root kit What organization maintains information about how to solve specific security problems and publishes security advisories? - Correct answer CERT When considering symmetric vs asymmetric encryption, and encryption speed is your #1 priority for the endeavor, which type would you choose? - Correct answer Symmetric In addition to normal day-to-day security scanning and operations conducted to protect your networked devices and systems, what action is imperative to compliment those actions and ensure you are protected against new threats, vulnerabilities and newly discovered bugs? - Correct answer Implement all regular and emergency system and software updates MD5 and SHA are examples of what type of mechanisms? - Correct answer Hash Algorithms What type of malicious logic contains programming code enabling it to execute differently each time it is run to evade detection by anti-virus software? - Correct answer Polymorphic What Public Key Infrastructure standard is used for digital certificates? - Correct answer X.
When considering reconnaissance for a network attack, references to potential target areas such as kernel modules, etc/shadow file, Root UID, are indicative of what operation systems? - Correct answer *nix systems When considering reconnaissance for a network attack, references to potential target areas such as boot sector files, System32 DLL files, shared libraries, SAM file, and registry are indicative of what operation systems? - Correct answer Windows systems What type of attack involves an attacker sending a succession of SYN requests to a target system in an attempt to consume enough resources to make the system unresponsive to legitimate traffic? - Correct answer SYN Flood What is the best way to defend against (or at least make it more difficult for the attacker) password brute force and dictionary attacks? - Correct answer Implement and enforce a strong, organization-wide, password policy. A vulnerability that is unknown to those interested in mitigating it, is called what? - Correct answer Zero Day What are some standard details that should be included in documentation of an attack from an incident response perspective? - Correct answer The time and date of the attack, nature of attack, and the names of personnel contacted during the response, servers involved, applications used During incident response actions, system administrators and response team members should NOT panic and make snap decisions, but rather do what? - Correct answer Review and respond to the incident according to the established company policy and protocol If you are concerned with managing which objects are allowed to interact with which resources and to what extent, you are concerned with managing what? - Correct answer Access control
What entity external to your organization can you leverage to assist you in investigating attacks involving high volumes of traffic flooding your network? - Correct answer Your Internet Service Provider (ISP) What is the name of the trusted entity that manages and issues security certificates and public keys in cryptography and can be leveraged for verifying the identities? - Correct answer Certificate Authority What does stateful multi-layer inspection consist of? - Correct answer Inspecting packets in all layers of the OSI stack with a packet filter Basic firewall functions include what? - Correct answer Logging, creating a choke point, limit network host exposure, log internet activity Which encryption standard, also known as the Rijndael standard can use a 128-bit key, and has been adopted as a standard by various governments and corporations? - Correct answer Advanced Encryption Standard (AES) What is the major difference between the Smurf and Fraggle attacks? - Correct answer Smurf utilizes ICMP, Fraggle utilizes UDP What practice involves labeling and compartmentalizing data by importance or some other criteria to enable you to appropriately align protection mechanisms commensurate with different resources? - Correct answer Classifying systems In considering the following potential security issues, which would not be considered a physical security problem: faulty door lock, logic bomb, false ceiling, malfunctioning mantrap - Correct answer logic bomb What tool or program is used to assess your network, applications or systems for known weaknesses? - Correct answer A vulnerability scanner During an attack happening on one of your servers in real time, what action can you take to stop the attack, while still preserving volatile data on the system? - Correct answer Disconnect the system's network cable
[sudo] password for joe: Created directory: /root/.rick Loaded 1 password hash (FreeBSD MD5 [32/32]) guesses: 0 time: 0:00:00:09 (2) c/s: 6130 trying: apple guesses: 0 time: 0:00:00:12 (2) c/s: 6140 trying: @pple guesses: 0 time: 0:00:00:09 (2) c/s: 6123 trying: appl guesses: 0 time: 0:00:00:09 (2) c/s: 6030 trying: app1e guesses: 0 time: 0:00:00:09 (2) c/s: 6170 trying: apple guesses: 0 time: 0:00:00:09 (2) c/s: 6114 trying: @pple guesses: 0 time: 0:00:00:09 (2) c/s: 6148 trying: !@#$%p guesses: 0 time: 0:00:00:09 (2) c/s: 6121 trying: aabbcc guesses: 0 time: 0:00:00:09 (2) c/s: 6017 trying: p@ssword - Correct answer Brute force When considering user use of active vs passive FTP sessions, which is easier for firewalls to process? - Correct answer Passive A typical session establishment sequence using a TCP handshake consists of a SYN, a SYN/ACK, and an ACK. Passive Open communication using this sequence leaves the session susceptible to what attack? - Correct answer Man-in the middle What is the name of the list containing certificates that have expired before their normal due dates, due to server compromise, or because the owner no longer wants the certificate to be used? - Correct answer Certificate revocation list What is the name of the router to inspect traffic just before that traffic enters your internal network from the internet? - Correct answer Choke router A circuit-level gateway operates at what layer of the OSI model? - Correct answer Layer 4 What is the name given to one type of network address translation that allows all of the hosts on a private network to use the Internet at the price of a single IP address? - Correct answer IP masquerading
What standard involves placing protective coatings or sheaths on computer connectors and cables to help control electromagnetic transmissions? - Correct answer TEMPEST What security principle involves determining what system resources a user or service may use, view, or change? - Correct answer Access control What action in encryption allows users to prove that an information exchange actually occurred and essentially allow one to achieve non- repudiation? - Correct answer Using digital signatures What impact on network proxy server performance will implementing caching introduce? - Correct answer Improve performance by speeding up web-based resource requests and responses The screened subnet firewall configuration creates a fairly secure subnetwork between the Internet and your internal network called a what? - Correct answer Demilitarized zone (DMZ) What is an inexpensive solution requiring minimum human effort to have login activity recorded that you can in turn use for security purposes or investigations? - Correct answer Running custom login scripts PGP is a security measure primarily concerned with protections to what service? - Correct answer SMTP What type of encryption algorithm involves relatively fast Speed, and a Single Secret key? - Correct answer Symmetric What are two main vulnerabilities of IPsec? - Correct answer Compromised keys, compromised certificates The Application layer of the TCP/IP stack performs the functions of which OSI model layers? - Correct answer 7, 6, and 5 (application, presentation, and session) Blowfish, Twofish, Serpent, and Skipjack are examples of which type of algorithms (Symmetric OR Asymmetric)? - Correct answer Symmetric
What process within IPsec allows two hosts to establish a trust relationship by facilitating negotiation of the nature of the connection? - Correct answer : Internet Key Exchange (IKE) Any mechanism that allows you to monitor and document your network's activity is considered what? - Correct answer Audit trail What is a list of individual users and groups associated with an object, and the rights that each user or group has when accessing that object? - Correct answer Access Control List (ACL) What type of attack involves code being intentionally and secretly inserted into an application or operating systems by developers? - Correct answer Back door What malware involves code that activates only when a certain condition is met? - Correct answer logic bomb What type of flooding attack involves overwhelming a system with massive amounts ICMP packets? - Correct answer Ping Flood What attack involves an attacker injecting false information into the database of a DNS server during a zone transfer? - Correct answer DNS Poisoning What is a widely used technique that is effective in distinguishing between a human user and a bot. - Correct answer Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) What process attempts to verify the identity of a user, system, or system process? - Correct answer Authentication