Network Security Practices and Tools, Exams of Network Programming

Various network security practices and tools used to assess and secure network environments. It discusses network access control (nac) solutions, vulnerability scanning, penetration testing, network enumeration techniques, and the components of a security information and event management (siem) system. The document also explores the features and components of a security orchestration, automation, and response (soar) system, including the role of playbooks in documenting incident response procedures. Additionally, it covers the use of port scanners, packet sniffers, and vulnerability scanners to identify and mitigate security risks on network systems. The information provided in this document can be valuable for network administrators, security professionals, and students interested in understanding and implementing effective network security practices.

Typology: Exams

2023/2024

Available from 07/28/2024

Lectjoshua
Lectjoshua šŸ‡ŗšŸ‡ø

4.5

(9)

24K documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
TestOut Network Pro 12.2.10 Practice
Questions with correct answers
A nnnetwork nnutilizes nna nnnetwork nnaccess nncontrol nn(NAC) nnsolution nnto nndefend nnagainst nnmalware.
When nna nnwired nnor nnwireless nnhost nntries nnto nnconnect nnto nnthe nnnetwork, nna nnNAC nnagent nnon nnthe nnhost
nnchecks nnit nnto nnmake nnsure nnit nnhas nnall nnof nnthe nnlatest nnoperating nnsystem nnupdates nninstalled nnand nnthat
nnthe nnlatest nnantivirus nndefinitions nnhave nnbeen nnapplied.
What nnis nnthis nnprocess nncalled? nn- nncorrect nnanswer-Posture nnassessment
When nna nnwired nnor nnwireless nnhost nntries nnto nnconnect nnto nna nnnetwork, nna nnNAC nnagent nnon nnthe nnhost
nnchecks nnit nnto nnmake nnsure nnit nnhas nnall nnof nnthe nnlatest nnoperating nnsystem nnupdates nninstalled nnand nnthat
nnthe nnlatest nnantivirus nndefinitions nnhave nnbeen nnapplied. nnThis nnis nncalled nna nnposture nnassessment. nnThe
nnagent nnthen nnsubmits nnthe nnresults nnof nnthe nnassessment nnas nna nnStatement nnof nnHealth nn(SoH) nnto nnthe
nnsystem nnhealth nnvalidator nn(SHV).
If nnthe nnhost nndoes nnnot nnmeet nnthe nnclient nnhealth nnrequirements nnconfigured nnin nnthe nnNAC nnsystem, nnthe
nnhost nnis nnplaced nnon nna nnquarantine nnnetwork nnto nnbe nnremediated.
Port nnsecurity nnis nnconfigured nnon nna nnswitch nnto nnrestrict nnconnections nnto nnhosts nnwith nnspecific nnMAC
nnaddresses.
When nnanalyzing nnassets, nnwhich nnanalysis nnmethod nnassigns nnfinancial nnvalues nnto nnassets? nn- nncorrect
nnanswer-Quantitative
Quantitative nnanalysis nnassigns nna nnfinancial nnvalue, nnor nna nnreal nnnumber nn(and nnthe nncost nnrequired nnto
nnrecover nnfrom nna nnloss) nnto nneach nnasset.
Qualitative nnanalysis nnseeks nnto nnidentify nncosts nnthat nncannot nnbe nnconcretely nndefined.
Transfer nnand nnacceptance nnare nnresponses nnto nnrisk, nnnot nnrisk nnanalysis nnmethods.
What nnis nnthe nnmain nndifference nnbetween nnvulnerability nnscanning nnand nnpenetration nntesting? nn- nncorrect
nnanswer-Vulnerability nnscanning nnis nnperformed nnwithin nnthe nnsecurity nnperimeter; nnpenetration nntesting
nnis nnperformed nnoutside nnof nnthe nnsecurity nnperimeter.
pf3
pf4
pf5

Partial preview of the text

Download Network Security Practices and Tools and more Exams Network Programming in PDF only on Docsity!

TestOut Network Pro 12.2.10 Practice

Questions with correct answers

A nnnetwork nnutilizes nna nnnetwork nnaccess nncontrol nn(NAC) nnsolution nnto nndefend nnagainst nnmalware.

When nna nnwired nnor nnwireless nnhost nntries nnto nnconnect nnto nnthe nnnetwork, nna nnNAC nnagent nnon nnthe nnhost

nnchecks nnit nnto nnmake nnsure nnit nnhas nnall nnof nnthe nnlatest nnoperating nnsystem nnupdates nninstalled nnand nnthat

nnthe nnlatest nnantivirus nndefinitions nnhave nnbeen nnapplied.

What nnis nnthis nnprocess nncalled? nn- nncorrect nnanswer-Posture nnassessment

When nna nnwired nnor nnwireless nnhost nntries nnto nnconnect nnto nna nnnetwork, nna nnNAC nnagent nnon nnthe nnhost

nnchecks nnit nnto nnmake nnsure nnit nnhas nnall nnof nnthe nnlatest nnoperating nnsystem nnupdates nninstalled nnand nnthat

nnthe nnlatest nnantivirus nndefinitions nnhave nnbeen nnapplied. nnThis nnis nncalled nna nnposture nnassessment. nnThe

nnagent nnthen nnsubmits nnthe nnresults nnof nnthe nnassessment nnas nna nnStatement nnof nnHealth nn(SoH) nnto nnthe

nnsystem nnhealth nnvalidator nn(SHV).

If nnthe nnhost nndoes nnnot nnmeet nnthe nnclient nnhealth nnrequirements nnconfigured nnin nnthe nnNAC nnsystem, nnthe

nnhost nnis nnplaced nnon nna nnquarantine nnnetwork nnto nnbe nnremediated.

Port nnsecurity nnis nnconfigured nnon nna nnswitch nnto nnrestrict nnconnections nnto nnhosts nnwith nnspecific nnMAC

nnaddresses.

When nnanalyzing nnassets, nnwhich nnanalysis nnmethod nnassigns nnfinancial nnvalues nnto nnassets? nn- nncorrect

nnanswer-Quantitative

Quantitative nnanalysis nnassigns nna nnfinancial nnvalue, nnor nna nnreal nnnumber nn(and nnthe nncost nnrequired nnto

nnrecover nnfrom nna nnloss) nnto nneach nnasset.

Qualitative nnanalysis nnseeks nnto nnidentify nncosts nnthat nncannot nnbe nnconcretely nndefined.

Transfer nnand nnacceptance nnare nnresponses nnto nnrisk, nnnot nnrisk nnanalysis nnmethods.

What nnis nnthe nnmain nndifference nnbetween nnvulnerability nnscanning nnand nnpenetration nntesting? nn- nncorrect

nnanswer-Vulnerability nnscanning nnis nnperformed nnwithin nnthe nnsecurity nnperimeter; nnpenetration nntesting

nnis nnperformed nnoutside nnof nnthe nnsecurity nnperimeter.

Penetration nntesting nnsimulates nnan nnactual nnattack nnon nnthe nnnetwork nnand nnis nnconducted nnfrom nnoutside

nnthe nnorganization's nnsecurity nnperimeter. nnVulnerability nnscanning nnis nntypically nnperformed nninternally nnby

nnusers nnwith nnadministrative nnaccess nnto nnthe nnsystem.

The nngoal nnof nnboth nnvulnerability nnscanning nnand nnpenetration nntesting nnis nnto nnidentify nnthe nneffectiveness

nnof nnsecurity nnmeasures nnand nnidentify nnweaknesses nnthat nncan nnbe nnfixed. nnWhile nnsome nnpenetration

nntesting nnis nnperformed nnwith nnno nnknowledge nnof nnthe nnnetwork, nnpenetration nntesting nncould nnbe

nnperformed nnby nntesters nnwith nndetailed nninformation nnabout nnthe nnsystems. nnBoth nnvulnerability

nnscanning nnand nnpenetration nntesting nncan nnuse nnsimilar nntools, nnalthough nnyou nnshould nnavoid nnillegal

nntools nnin nnboth nnactivities.

A nnsecurity nnadministrator nnis nnconducting nna nnpenetration nntest nnon nna nnnetwork. nnShe nnconnects nna

nnnotebook nnsystem nnrunning nnLinux nnto nnthe nnwireless nnnetwork nnand nnthen nnuses nnNmap nnto nnprobe

nnvarious nnnetwork nnhosts nnto nnsee nnwhich nnoperating nnsystem nnthey nnare nnrunning.

Which nnprocess nndid nnthe nnadministrator nnuse nnfor nnthe nnpenetration nntest nnin nnthis nnscenario? nn- nncorrect

nnanswer-Active nnfingerprinting

The nnadministrator nnin nnthis nnscenario nnused nnactive nnfingerprinting. nnActive nnfingerprinting nnis nna nnform nnof

nnsystem nnenumeration nnthat nnis nndesigned nnto nngain nnas nnmuch nninformation nnabout nna nnspecific nncomputer

nnas nnpossible. nnIt nnidentifies nnoperating nnsystems nnbased nnupon nnICMP nnmessage nnquoting nncharacteristics.

nnPortions nnof nnan nnoriginal nnICMP nnrequest nnare nnrepeated nn(or nnquoted) nnwithin nnthe nnresponse, nnand

nneach nnoperating nnsystem nnquotes nnthis nninformation nnback nnin nna nnslightly nndifferent nnmanner. nnActive

nnfingerprinting nncan nndetermine nnthe nnoperating nnsystem nnand nneven nnthe nnpatch nnlevel.

Passive nnfingerprinting nnworks nnin nnmuch nnthe nnsame nnmanner nnas nnactive nnfingerprinting. nnHowever, nnthis

nntechnique nndoes nnnot nnutilize nnactive nnprobes nnof nnspecific nnsystems. nnNetwork nnenumeration nn(also

nncalled nnnetwork nnmapping) nninvolves nna nnthorough nnand nnsystematic nndiscovery nnof nnas nnmuch nnof nnthe

nncorporate nnnetwork nnas nnpossible, nnusing:

Social nnengineering

Wardriving

War nndialing

Banner nngrabbing

Firewalking

Firewalking nnuses nntraceroute nntechniques nnto nndiscover nnwhich nnservices nncan nnpass nnthrough nna nnfirewall

nnor nna nnrouter. nnHping nnand nnFirewalk nnare nncommon nnfirewalking nntools.

nndocument nnthe nnprocesses nnand nnprocedures nnthat nnare nnto nnbe nnused nnby nna nnhuman nnduring nna nnmanual

nnintervention.

Runbooks nnconsist nnof nna nnseries nnof nnconditional nnsteps nnto nnperform nnactions, nnsuch nnas nnsending

nnnotifications nnor nnthreat nncontainment. nnThey nnare nnnot nnused nnto nndocument nnthe nnprocesses nnand

nnprocedures nnfor nna nnmanual nnintervention.

The nnOrchestration nncomponent nnof nnthe nnSecurity nnOrchestration, nnAutomation, nnand nnResponse nn(SOAR)

nnsystem nnis nnresponsible nnfor nngathering nndata nnand nninformation nnfrom nnacross nnthe nnnetwork. nnThis nnis

nnnot nnused nnto nndocument nnthe nnprocesses nnand nnprocedures nnfor nna nnmanual nnintervention.

The nnResponse nncomponent nnof nna nnSOAR nnsystem nnallows nnthe nnsystem nnto nnautomatically nntake nnactions

nnagainst nnthreats. nnIt nnis nnnot nnused nnto nndocument nnthe nnprocesses nnand nnprocedures nnfor nna nnmanual

nnintervention.

You nnwant nnto nnmake nnsure nnthat nna nnset nnof nnservers nnonly nnaccepts nntraffic nnfor nnspecific nnnetwork

nnservices. nnYou nnhave nnverified nnthat nnthe nnservers nnare nnonly nnrunning nnthe nnnecessary nnservices, nnbut nnyou

nnalso nnwant nnto nnmake nnsure nnthat nnthe nnservers nndo nnnot nnaccept nnpackets nnsent nnto nnthose nnservices.

Which nntool nnshould nnyou nnuse? nn- nncorrect nnanswer-Port nnscanner

Use nna nnport nnscanner nnto nncheck nnfor nnopen nnports nnon nna nnsystem nnor nnfirewall. nnCompare nnthe nnlist nnof

nnopen nnports nnwith nnthe nnlist nnof nnports nnallowed nnby nnyour nnNetwork nnDesign nnand nnSecurity nnPolicy.

nnTypically, nna nnport nnis nnopen nnwhen nna nnservice nnstarts nnor nnis nnconfigured nnon nna nndevice. nnOpen nnports nnfor

nnunused nnservices nnexpose nnthe nnserver nnto nnattacks nndirected nnat nnthat nnport.

Use nna nnpacket nnsniffer nnto nnexamine nnpackets nnon nna nnnetwork. nnWith nna nnpacket nnsniffer, nnyou nncan

nnidentify nnpackets nndirected nntoward nnspecific nnports, nnbut nnyou nnwon't nnbe nnable nnto nntell nnif nnthose nnports

nnare nnopen. nnExamine nnsystem nnlogs nnto nnlook nnfor nnevents nnthat nnhave nnhappened nnon nnyour nnsystem.

nnThese nnevents nnmight nninclude nna nnservice nnstarting nnup, nnbut nnthis nnwould nnnot nnlikely nnreflect nnopen

nnports.

An nnintrusion nndetection nnsystem nn(IDS) nnis nna nnspecial nnnetwork nndevice nnthat nncan nndetect nnattacks nnand

nnsuspicious nnactivity. nnA nnpassive nnIDS nnmonitors, nnlogs, nnand nndetects nnsecurity nnbreaches, nnbut nnit nntakes

nnno nnaction nnto nnstop nnor nnprevent nnan nnattack. nnAn nnactive nnIDS nn(also nncalled nnan nnintrusion nnprotection

nnsystem, nnor nnIPS) nnperforms nnthe nnfunctions nnof nnan nnIDS nnbut nncan nnalso nnreact nnwhen nnsecurity nnbreaches

nnoccur.

A nnsecurity nnadministrator nnlogs nnon nnto nna nnWindows nnserver nnon nnher nnorganization's nnnetwork. nnThen

nnshe nnruns nna nnvulnerability nnscan nnon nnthat nnserver.

Which nntype nnof nnscan nndid nnshe nnconduct nnin nnthis nnscenario? nn- nncorrect nnanswer-Credentialed nnscan

In nna nncredentialed nnscan, nnthe nnsecurity nnadministrator nnauthenticates nnto nnthe nnsystem nnprior nnto nnstarting

nnthe nnscan. nnA nncredentialed nnscan nnusually nnprovides nndetailed nninformation nnabout nnpotential

nnvulnerabilities. nnFor nnexample, nna nncredentialed nnscan nnof nna nnWindows nnworkstation nnallows nnyou nnto

nnprobe nnthe nnRegistry nnfor nnsecurity nnvulnerabilities.

With nna nnnon-credentialed nnscan, nnthe nnsecurity nnadministrator nndoes nnnot nnauthenticate nnto nnthe nnsystem

nnprior nnto nnrunning nnthe nnscan.

A nnnon-intrusive nnscan nnis nnthe nnmost nncommon nntype nnof nnscan nnyou nnwill nnsee nnperformed. nnIt nnlooks nnfor

nnvulnerabilities nnand nngives nnyou nna nnreport nnon nnwhat nnit nnfound.

An nnintrusive nnscan nnfinds nna nnpotential nnvulnerability nnand nnthen nnactively nnattempts nnto nnexploit nnit.

You nnwant nnto nnbe nnable nnto nnidentify nnthe nnservices nnrunning nnon nna nnset nnof nnservers nnon nnyour nnnetwork.

nnWhich nntool nnwould nnBEST nngive nnyou nnthe nninformation nnyou nnneed? nn- nncorrect nnanswer-Vulnerability

nnscanner

Use nna nnvulnerability nnscanner nnto nngather nninformation nnabout nnsystems, nnsuch nnas nnthe nnrunning

nnapplications nnor nnservices. nnA nnvulnerability nnscanner nnoften nncombines nnfunctions nnfound nnin nnother

nntools nnand nncan nnperform nnadditional nnfunctions, nnsuch nnas nnidentifying nnopen nnfirewall nnports, nnmissing

nnpatches, nnand nndefault nnor nnblank nnpasswords.

A nnport nnscanner nnis nna nntool nnthat nnprobes nnsystems nnfor nnopen nnports. nnA nnport nnscanner nntells nnyou nnwhich

nnports nnare nnopen nnin nnthe nnfirewall, nnbut nnit nncannot nnidentify nnservices nnrunning nnon nna nnserver nnif nnthe

nnfirewall nnport nnhas nnbeen nnclosed.

A nnnetwork nnmapper nnis nna nntool nnthat nncan nndiscover nndevices nnon nna nnnetwork nnand nnshow nnthose nndevices

nnin nna nngraphical nnrepresentation. nnNetwork nnmappers nntypically nnuse nna nnping nnscan nnto nndiscover nndevices

nnand nna nnport nnscanner nnto nnidentify nnopen nnports nnon nnthose nndevices.

Use nna nnprotocol nnanalyzer nnto nnidentify nntraffic nnthat nnis nnsent nnon nnthe nnnetwork nnmedium nnand nntraffic

nnsources. nnServices nncould nnstill nnbe nnrunning nnon nna nnserver nnthat nndo nnnot nngenerate nnthe nnnetwork nntraffic

nnthat nna nnprotocol nnanalyzer nnwould nncatch.