













Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The differences between the secure shell (ssh) and telnet protocols. Ssh is a secure, encrypted protocol used for remote access and file transfer, while telnet transmits both authentication credentials and data in clear text. The use of ssh for remote server maintenance, the differences between ssh and telnet, and the ports and protocols used by various secure file transfer methods like sftp and scp. It also discusses the importance of securing network protocols and the risks associated with using clear-text protocols like telnet. A good overview of the key concepts and differences between these two network protocols, which are important for network security and administration.
Typology: Exams
1 / 21
This page cannot be seen from the preview
Don't miss anything!














Matt, a security administrator, wants to configure all the switches and routers in the network in order to securely monitor their status. Which of the following protocols would he need to configure on each device? A. SMTP B. SNMPv C. IPSec D. SNMP - - correct ans- - Answer: B Explanation: Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities. A recent vulnerability scan found that Telnet is enabled on all network devices. Which of the following protocols should be used instead of Telnet? A. SCP B. SSH C. SFTP D. SSL - - correct ans- - Answer: B Explanation: SSH transmits both authentication traffic and data in a secured encrypted form, whereas Telnet transmits both authentication credentials and data in clear text.
Which of the following is BEST used as a secure replacement for TELNET? A. HTTPS B. HMAC C. GPG D. SSH - - correct ans- - Answer: D Explanation: SSH transmits both authentication traffic and data in a secured encrypted form, whereas Telnet transmits both authentication credentials and data in clear text A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access? A. SCP B. SSH C. SFTP D. HTTPS - - correct ans- - Answer: B Explanation: Secure Shell (SSH) is a tunneling protocol originally used on Unix systems. It's now available for both Unix and Windows environments. SSH is primarily intended for interactive terminal sessions. SSH is used to establish a command-line, text-only interface connection with a server, router, switch, or similar device over any distance. A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO).
A. DNSSEC record B. IPv4 DNS record C. IPSEC DNS record D. IPv6 DNS record - - correct ans- - Answer: D Explanation: The AAAA Address record links a FQDN to an IPv6 address. Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network? A. Single sign on B. IPv C. Secure zone transfers D. VoIP - - correct ans- - Answer: C Explanation: C: A primary DNS server has the "master copy" of a zone, and secondary DNS servers keep copies of the zone for redundancy. When changes are made to zone data on the primary DNS server, these changes must be distributed to the secondary DNS servers for the zone. This is done through zone transfers. If you allow zone transfers to any server, all the resource records in the zone are viewable by any host that can contact your DNS server. Thus you will need to secure the zone transfers to stop an attacker from mapping out your addresses and devices on your network. A security engineer, Joe, has been asked to create a secure connection between his mail server and the mail server of a business partner. Which of the following protocol would be MOST appropriate? A. HTTPS B. SSH
D. TLS - - correct ans- - Answer: D Explanation: Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. It uses X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom it is communicating, and to exchange a symmetric key. The TLS protocol allows client-server applications to communicate across a network in a way designed to prevent eavesdropping and tampering. Which of the following protocols is used to authenticate the client and server's digital certificate? A. PEAP B. DNS C. TLS D. ICMP - - correct ans- - Answer: C Explanation: Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. It uses X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom it is communicating, and to exchange a symmetric key. An administrator configures all wireless access points to make use of a new network certificate authority. Which of the following is being used? A. WEP B. LEAP C. EAP-TLS
FTP/S uses which of the following TCP ports by default? A. 20 and 21 B. 139 and 445 C. 443 and 22 D. 989 and 990 - - correct ans- - Answer: D Explanation: FTPS uses ports 989 and 990. Which of the following protocols allows for secure transfer of files? (Select TWO). A. ICMP B. SNMP C. SFTP D. SCP E. TFTP - - correct ans- - Answer: C,D Explanation: Standard FTP is a protocol often used to move files between one system and another either over the Internet or within private networks. SFTP is a secured alternative to standard FTP. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP). After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely. Which of the following is the MOST likely reason the PC technician is unable to ping those devices?
A. ICMP is being blocked B. SSH is not enabled C. DNS settings are wrong D. SNMP is not configured properly - - correct ans- - Answer: A Explanation: ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. ICMP offers no information If ICMP request queries go unanswered, or ICMP replies are lost or blocked. A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario? A. WPA B. WPA C. IPv D. IPv4 - - correct ans- - Answer: C Explanation: IPSec security is built into IPv A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68. Which of the following replies has the administrator received? A. The loopback address B. The local MAC address C. IPv4 address
The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv address is 128 bits, compared with 32 bits in IPv4. Pete, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host? A. TCP port 443 and IP protocol 46 B. TCP port 80 and TCP port 443 C. TCP port 80 and ICMP D. TCP port 443 and SNMP - - correct ans- - Answer: B Explanation: HTTP and HTTPS, which uses TCP port 80 and TCP port 443 respectively, is necessary for Communicating with Web servers. It should therefore be allowed through the firewall Which of the following ports and protocol types must be opened on a host with a host- based firewall to allow incoming SFTP connections? A. 21/UDP B. 21/TCP C. 22/UDP D. 22/TCP - - correct ans- - Answer: D Explanation: SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. A network administrator is asked to send a large file containing PII to a business associate. Which of the following protocols is the BEST choice to use?
D. FTP - - correct ans- - Answer: B Explanation: SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server. Which of the following is a difference between TFTP and FTP? A. TFTP is slower than FTP. B. TFTP is more secure than FTP. C. TFTP utilizes TCP and FTP uses UDP. D. TFTP utilizes UDP and FTP uses TCP. - - correct ans- - Answer: D Explanation: FTP employs TCP ports 20 and 21 to establish and maintain client-to-server communications, whereas TFTP makes use of UDP port 69. Which of the following is the default port for TFTP? A. 20 B. 69 C. 21 D. 68 - - correct ans- - Answer: B
Explanation: B: The Telnet program parameters are: telnet
D. LDAP - - correct ans- - Answer: D Explanation: LDAP makes use of port 389. A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed? A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS - - correct ans- - Answer: B Explanation: The question states that traffic on port 21, 69, 80, and 137-139 is blocked, while ports 22 and 443 are allowed. Port 21 is used for FTP by default. Port 69 is used for TFTP. Port 80 is used for HTTP. Ports 137-139 are used for NetBIOS. VMM uses SFTP over default port 22. Port 22 is used for SSH by default. SCP runs over TCP port 22 by default. Port 443 is used for HTTPS.
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? A. 20 B. 21 C. 22 D. 23 - - correct ans- - Answer: B Explanation: When establishing an FTP session, clients start a connection to an FTP server that listens on TCP port 21 by default. Which of the following ports is used for SSH, by default? A. 23 B. 32 C. 12 D. 22 - - correct ans- - Answer: D Explanation: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22. By default, which of the following uses TCP port 22? (Select THREE). A. FTPS B. STELNET C. TLS
H. SFTP - - correct ans- - Answer: D,G,H Explanation: G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22. D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22. H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22. Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall? A. TCP 23 B. UDP 69 C. TCP 22 D. TCP 21 - - correct ans- - Answer: C Explanation: SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer
commandline, text-only interface connection with a server, router, switch, or similar device can be established over any distance. SSH makes use of TCP port 22. Which of the following ports is used to securely transfer files between remote UNIX systems? A. 21 B. 22 C. 69 D. 445 - - correct ans- - Answer: B Explanation: SCP copies files securely between hosts on a network. It uses SSH for data transfer, and uses the same authentication and provides the same security as SSH. Unlike RCP, SCP will ask for passwords or passphrases if they are needed for authentication. SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Which of the following secure file transfer methods uses port 22 by default? A. FTPS B. SFTP C. SSL D. S/MIME - - correct ans- - Answer: B Explanation: SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic? A. FTP B. DNS C. Email D. NetBIOS - - correct ans- - Answer: B Explanation: DNS (Domain Name System) uses port 53. A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO). A. TCP 21 B. TCP 23 C. TCP 53 D. UDP 23 E. UDP 53 - - correct ans- - Answer: C,E Explanation: DNS uses TCP and UDP port 53. TCP port 53 is used for zone transfers, whereas UDP port 53 is used for queries. A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue? A. HTTP