Computer test final

You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do?
Install a network virus detection software solution
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
Denial of Service
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?
Man in the middle attack
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
Rogue access point
What is the primary countermeasure to social engineering?
Awareness
Which of the following describes a man-in-the-middle attack?
A false server intercept communications from a client by impersonating the intended server
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Denial of service attack
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?
Virus
How can an organization help prevent social engineering attacks?
Educate employees on the risks and countermeasures and Publish and enforce clearly written security policies
Users on your network report that they have received an email stating that the company has just launched a new website for employees, and to access the website they need to go there and enter their username and password information. No one in your company has sent this email. What type of attack is this?
Phishing
Which of the following statements about the use of anti-virus software is correct?
Antivirus software should be configured to download updated virus definition files as soon as they become available
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
Smurf
A smurf attack requires all but which of the following elements to be implemented?
Padded cell
Which of the following measures are you most likely to implement in order to protect against a worm or Trojan horse?
Antivirus software
Which of the following is the best countermeasure against man in the attacks?
IPSec
What is the main difference between a worm and a virus?
A worm can replicate itself and does not need a host for distrubution
Which of the following are examples of social engineering?
Shoulder surfing and dumpster diving
Which of the following is NOT a primary characteristic of a worm?
It infects the MBR of a hard drive
What port does telnet use?
23
Your company leases a very fast internet connection and pays for it based on usage. You have been asked by the company president to reduce internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?
Install a proxy server
Which of the following functions are performed by proxies?
Block employees from accessing certain websites and cache web pages
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit level
Which port number is used by SNMP?
161
You have a company network that is connected to the internet. You want all users to have internet access, but need to protect your private network and users. You also need to make a web server publicly available to internet users. Which solution should you use?
Use firewalls to create a DMZ place the web server inside the DMZ and the private network behind the DMZ
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP address
To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
443
You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open TCP/IP ports 80, 25, 110 and 143. Assuming that no other ports on the firewall need to be configured to provide access , what applications are most likely to be hosted on the server?
Web server and email server
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from internet based attacks. Which solution should you use?
Host based firewall
Which of the following are characteristics of a paclet filtering firewall?
Filters IP address and port and stateless
You administer a web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the website as follows:
IP address: 192.168.23.8
HTTP Port: 1030
SSL Port: 443
Users complain that they can’t connect to the website when they type www.westsim.com. What is the most likely source of the problem?
The HTTP port should be changed to 80
Which of the following network services or protcols uses network port 69?
TFTP
How does a proxy server differ from a packet filtering firewall?
A proxy server operates at the application layer while a packet filtering firewall operates at the network layer
You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. the web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers?
Put the database server on the private network and put the web server inside the DMZ
Using the Netstat command, you notice that a remote system has made a connection to your windows server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?
Downloading a file
Which of the following are characteristics of a circuit level gateway?
Stateful and filters based on sessions
You are the administrator for a secure network that uses firewall filtering. Several network users have requested to access internet usenet groups but are unable. What needs to be done to allow users to access the newsgroup?
Open port 119 to allow NNTP service
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of emails for all users. You want to scan the emails and prevent any emails with malicious attachments from being recieved by users. Your solution should minimize administration, allowing you to certainly manage the scan settings. Which solution should you use?
Network based firewall
You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you wont be able to configure the firewalls that might be controlling access to the internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
SSL
A VPN is used primarily for what purpose?
Support secured communications over an untrusted network
You have a group of salesmen who would like to access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
VPN concentrator
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task?
PPTP
Which of the following protocols can your portable computer use to connect to your company’s network via a virtual tunnel through the internet?
PPTP and L2TP
Which of the following network layer protocols provides authentication and encryption services for IP based network traffic?
IPSec
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?
RDP
IPSec is implemented through two separate protocols. What are these protocols called?
AH and ESP
Which type of device is required to implement port authentication through a switch?
RADIUS server
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug into their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication
Which of the following best describes the concept of a virtual LAN?
Devices on the same network logically grouped as if they were on separate networks
You manage a network that uses a single switch. All ports within your building connect through the single. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access. What feature should you implement?
VLANs
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
Switch port
You manage a network with two switches. The switches are connected are together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch on VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?
Routing
You manage a network with two switches. The switches are connected are together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these rwo devices through the switches?
Trunking
Which of the following connectivity hardware is used to create a VLAN?
Switch
Which switch features are typically used with VoIP?
VLAN and Poe
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?
Trunking
When configuring vlans on a switch, waht type of switch ports are members of all VLANs defines on the switch?
Trunk Ports
You run a small network for your business that has a single router connected to the internet and a single switch.You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. what should you use for this situation?
VLAN
Your company is a small start up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
VLAN
Which of the following do switches and wireless access points use to control access through the device?
MAC filtering
you want to increase the security of your network by only allowing authenticated users to be able to access network devices through a switch. Which of the following should you implement?
802.1x
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
Ticket
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?
EAP
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?
Mutual authentication
Which of the following authentication methods used tickets to provide single sign-on?
Kerberos
Which of the following applications typically use 802.1x authentication?
Controlling access through a wireless access point and controlling access through a switch
You have been contracted by a firm to implement a new remote access solution based on a windows server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?
EAP
Which of the following authentication protocols uses a three way handshake to authenticate users to the network?
CHAP and MS CHAP
Which of the following are used when implementing kerberos for authentication and authorization?
Time server and ticket granting server
Which of the following is a mechanism for granting and validating certificates?
PKI
You have a web server that will be used for secure transactions for customers who access the website over the internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
Obtain a certificate from a public PKI
Which protocol is used for securely browsing a website?
HTTPS
Which protocol does HTTPs use to offer greater security in web transactions?
SSL
Which of the following protocols are often added to other protocols to provide secure transmission of data?
TLS and SSL
Which of the following protocols can be used to securely manage a network device from a remote connection?
SSH
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
SSH
Which of the following are improvements to SNMP that are included within SNMP version 3?
Authentication for agents and managers and encryption of SNMP messages
You have been using SNMP on your network for montoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 of SNMP
Which of the following are improvements to SNMP that are included within SNMP version 3?
Authentication for agentsand managers and Encryption of SNMP messages
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 of SNMP
What security mechanism can be used to detect attacks originating on the internet or from within an internal trusted subnet?
IDS
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Host based IDS
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
Port scanner
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?
IDS
Which of the following devices can monitor a network and detect potential security attacks?
IDS
What is the most common form of host based IDS that employs signature or pattern matching detection methods?
Anti virus software
You are concerned about protecting your network from network based attacks from the internet. Specifically, you are concerned about zero day attacks. which type of device should you use?
Anomaly based IDS
Which of the following functions can a port scanner provide?
Discovering unadvertised servers and determining which ports are open on a firewall
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. What tool should you use?
IPS
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identifies listed in a database?
Signature based
What actions can a typical passive Intrusion detection system take when it detects an attack?
the ids logs all pertinent data about the intrusion and an alert is generated and delivered via email the console or an snmp trap
Which of the following devices is capable of detecting and responding to security threats?
ips
You want to make sure that the correct ports on a firewall have been opened or closed.Which document should you check?
Configuration documentation
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
Wiring schematic
Which of the following information are you likely to find in a policy document?
A requirement for using encrypted communications for web transcations
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of file should you update?
Wiring schematic
Which of the following information are you likely to find in a procedure document?
details on how to test and deploy patches
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
Regulation
A new law was recently passed that states that all businesses must keep a history of all emails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law?
Policy
You are troubleshooting the connection of a computer in an office to the punchdown block in the distribution closet. Which document would you consult to identify the termination of the cable on the punchdown block based on the wall jack location in the office?
Wiring Schematic
Which type of documentation would you consult to fine the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?
Wiring Schematic
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
Network diagram
You are concerned about the amount of traffic that through a router on your network. you want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?
Baseline
You are in the habit of regularly monitoring performance statistics of your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?
Baseline
You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?
Change documentation
Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze the data from a central network host. What protocol will the software use to detect the problem?
SNMP
Which protocol uses traps to sent notifications from network devices?
SNMP
Which of the following protocols or services would you associate with Windows remote desktop services network traffic?
RDP
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed serveral times during the last week. You think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem. Which of the following protocols would you use for remote management?
ICA and VNC
You are an administrator for a large company. You are setting up a computer at a workers home so he can telecommute while he recovers from surgery. You want to connect to the UNIX server at the office to update his account information. Which utility should you use to accomplish this task?
Telnet
You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feauture should you enable on the switch so you can see frames from all devices connected to the switch?
Mirroring
You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use?
Load Tester
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host a and host b. What should you do?
Run the application sniffer on Host B
You have a WAN link that connects two sites. The wan link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?
Throughout tester
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices.Which feature should you configure?
promiscuous mode
You want to know what protocols are being used on your network. You’d like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
Packet sniffer
You want to be able to identify traffic that is being generated and sent through the network by specific application running on a device. Which tool Should you use?
Protocol analyzer
You manage a firewall that connects your private network to the internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?
Event Log
You decide to use a packet sniffer to identify the type of traffic sent to a royter. You run the packet sniffing software on a device which is connected to a hub with three other companies. The hub is connected to the same switch that is connected to the router. When you run the software, you only see frames addressed to the four workstations but not to the router. Which feature Should you configure?
Mirroring
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
Application log
You are concerned about attacks directed against the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use?
Packet sniffer
You manage a server that runs your company Web Site. The web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that static web content can be offloaded to a different server, while the server continues to process dynamic content. Which solution should you implement?
proxy server
A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?
Send it out all ports except for the port it was received on
You have a network server with two network interface cards. You want both network adapters to be used at the same time to connect to the same network to double the amount of data the server can send. Which feature would you use?
Ethernet bonding
Which of the following solutions are most likely implemented with VoIP to ensure timely delivery of voice data?
Traffic shaper and Qos
You manage a server that runs your company website. The website includes streaming video that shows features of some of your products. The link connecting your server to the internet charges based on bandwidth use. When the bandwidth spikes, so does your bill. You would like to implement a solution to prevent the amount of traffic sent over the WAN link from exceeding a specific level. Which solution should you implement?
Traffic shaper
Which of the following devices is capable of performing routing of IP packets at wire speeds using an ASIC module instead of the CPU or software?
Layer 3 switch
Which of the following devices does not segment the network?
hub
Angela is the network administrator for a rapidly growing company with a 100BaseT network. Users have recently complained about slow file transfers. In a check of network traffic, Angela discovers a high number of collisions. Which connectivity device would best reduce the number of collisions and provide for future growth?
Switch
You have a web server on your network that hosts the public website for your company. You want to make sure that a failure of the NIC in the server data does not prevent the website from being accessible on the internet. Which solution should you implement?
Ethernet bonding
QoS provides which of the following on a network?
Reduces latency of time sensitive traffic
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?
Spanning tree
What is the purpose of using Ethernet bonding?
increases network performance and provides a failover solution for network adapters
You manage a single subnet with three switches. the switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?
Spanning tree
You manage a server that runs your company website. The web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that a second server can respond to requests for website content. Which solution should you implement?
Load balancing
Which of the following allows you to save frequently accessed websites on your local network for later retrieval?
Proxy
You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you use?
Switch
Which of the following features dynamically places switch ports in blocking of forwarding states?
Spanning tree
Which of the following devices accepts incoming client requests and distrubutes those requests to specific servers?
Load balancer
Long question that starts with You have a website that uses multiple servers…
Content Switch
Your network conducts training sessions for high profile clients. As part of the training, clients connect to get a video feed of the instructor and other class activities. You want to make sure that video traffic related tot the training is not delayed on the network. Which solution should you implement?
QoS
You have a webserver on your network that hosts the public website for your company. You want to make sure that the website will continue to be available even if a NIC, hard drive, or other problem prevents the server from responding. Which solution should you implement?
Load balancing