Which of the following best describes the purpose of using subnets?
Subnets divide an IP network into multiple network addresses.
Which of the following network services or protocols uses TCP/IP port 22?
You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall?(Select 2)
25 AND 110
To increase security on your company’s internal network…Which port needs to be enabled to allow secure transactions? (#12)
Which of the following correctly describes the most common format for expressing IPv6 addresses?(Select 2)
Hexadecimal numbers AND 32 numbers, grouped using colons
You want to maintain tight security on your internal network so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
You are an application developer creating applications for a wide variety of customers. In which two of the following situations would you select a connectionless protocol?(Select 2)
A gaming company wants to create…AND A company connects two networks through an expensive WAN link…
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 of SNMP
Routers operate at what level of the Open System Interconnect model?
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. What protocol should you implement?
Your company’s network provides HTTP, HTTPS, and SSH access to remote employees. Which ports must be opened on the firewall to allow this traffic to pass?
80, 443, 22
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2008 system using TCp/IP port 21. Which of the following actions is the remote system most likely to be performing?
Downloading a file
Which of the following are valid IPv6 addresses?
141:0:0:0:15:0:0:1 AND 6384:1319:7700:7631:446A:5511:8940:2552
Which of the following lists accurately describes TCP and UDP?
TCP: connection-oriented, reliable, sequenced, high overhead
UDP: connectionless, unreliable, unsequenced, low overhead
UDP: connectionless, unreliable, unsequenced, low overhead
Your network recently experienced a series of attacks at the Telnet and FTP services. You have rewritten the security policy to abolish the unsecured services, and now you must secure the network using your firewall and routers. Which ports must be closed to prevent traffic directed to these two services?
Which type of active scan turns off all flags in a TCP header?
Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?
Which of the following Denial of Service (DoS) attacks uses ICMP packets and will only be successful if the victim has less bandwidth than the attacker?
Which of the following Denial of Service (DoS) attacks does the victim’s system rebuild invalid UDP packets, causing the system to crash or reboot?
An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing? (#2)
Browsing the organization’s website.
What are the most common network traffic packets captured and used in a replay attack?
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received in the Internet-facing interface. This is an example of what form of attack? (#1)
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
Which of the following best describes the ping of death?
An ICMP packet that is larger than 65,536 bytes
A SYN attack or a SYN flood exploits or alters which element of the TCP three-way handshake?
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?
You suspect that an Xmas tree attack is occurring on a system. Which of the following could result if you do not stop the attack?(Select two)
The system will be unavailable to respond to legitimate requests AND the threat agent will obtain information about open ports on the system
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attacks?
Which of the following best dedscribes a man-in-the-middle attack?
A false server intercepts communications from a client by impersonating the intended server
Which of the following attacks tried to associate an incorrect MAC address with a known IP address?
You are implementing security at a local high school that is concerned with students accessing inappropriate material on the Internet from the library’s computers. The students will use the computers to search the Internet for research paper content. The school budget is limited. Which content filtering option would you choose?
Restrict content based on content categories
Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?
You are the office manager of a small financial credit business. Your company handles personal, financial information for clients seeking small loans over the Internet. You are aware of your obligation to secure clients records, but budget is an issue. Which item would provide the best security for this situation?
All-in-one security appliance
Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks?
Bastion or sacrificial host
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?
In which of the following situations would you most likely implement a demilitarized zone(DMZ)?
You want to protect a public Web server from attack
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
Which of the following is likely to be located in a DMZ?
Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer and order information. How should you place devices on the network to best protect the servers?(Select two.)
Put the database server on the Private network AND put the Web server inside the DMZ
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
Which of the following are true of a circuit proxy filter firewall?(Select two)
Operates at the Session Layer AND Verifies sequencing of session packets
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.
Source address of a packet, Destination address of a packet, AND Port Number
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
Which of the following are characteristics of a packet filtering firewall?(Select two)
Stateless AND Filters IP address and port
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-bases attacks. What solution should you use?
Host based firewall
Which of the following functions are performed by proxies?(Select two)
Block employees from accessing certain Web sites AND Cache web pages
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
You connect your computer to a wireless network available at the local library. You find that you can access all web sites you want on the Internet except two. What might be causing the problem?
A proxy server is blocking access to the web sites
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
Which of the following are characteristics of a circuit-level gateway?(Select two)
Filters based on sessions AND Stateful
Which of the following is a firewall function?
Which of the following firewall types can be a proxy between servers and clients?(Select two)
Application layer firewall AND Circuit proxy filtering firewall
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution?(Select two)
Remediation servers AND 802.1x authentication
Which step is required to configure a NAP on a Remote Desktop(RD) Gateway server?
Edit the properties for the server and select Request clients to send a statement of health.
In a NAP system, what is the function of the System Health Validator?
Compare the statement of health submitted by the client to the health requirements
How does IPsec NAP enforcement differ from other NAP enforcement methods?
Clients must be issued a valid certificate before a connection to the private network is allowed.
The process of walking around an office building with an 802.11 signal detector is known as what?
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
Rogue Access Point
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
Which of the following best describes Bluesnarfing?
Unauthorized viewing calendar, emails, and messages on a mobile device
Which of the following describes marks that attackers place outside a building to identify an open wireless network?
Network packet sniffing is often used to gain the information needed to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing?
A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While she normally works from her office, today she is trying to access the wireless network from a conference room which is across the hall and next to the elevator. What is the most likely cause of her connectivity problem?
Interference is affecting the wireless signal.
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4 GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using?(Select two)
Bluetooth AND 802.11b
Which of the following best describes an evil twin?
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information
Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building:….since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
The wireless TV system
Which of the following common network monitoring or diagnostic activity can be used as a passive malicious attack?
Which of the following is the best protection to prevent attacks on mobile phones through the Bluetooth protocol?
Disable Bluetooth on the phone