Transcript Chapter four review

Chapter 4 Review
McKinley Technology High School – Ms. Wiscount
What can an administrator use to detect
malicious activity after it occurred?
• Firewall
• Sniffer
• Port scanner
• IDS
Of the following choices, what would
detect compromises on a local server?
• HIDS
• NIPS
• Firewall
• Protocol Analyzer
Of the following choices, what represents
the best choice for a system to detect
attacks on a network, but not block them?
• NIDS
• NIPS
• HIDS
• HIPS
Your organization is using a NIDS. The NIDS vendor
regularly provides updates for the NIDS to detect
known attacks. What type of NIDS is this?
• Anomaly-based
• Signature-based
• Prevention-based
• Honey-based
You are preparing to deploy an anomaly-based
detection system to monitor network activity.
What would you create first?
• Flood guards
• Signatures
• Baseline
• Honeypot
Of the following choices, what can you use to divert
malicious attacks on your networks away from valuable
resources to relatively worthless resources?
• IDS
• Proxy server
• Web application firewall
• Honeypot
Of the following choices, what best describes
the function of an IPS?
• Detect attacks
• Stop attacks in progress
• Prevent attackers from attacking
• Notify appropriate personnel of attacks
Of the following choices, what provides active
protection for an operating system?
• NIDS
• NIPS
• HIDS
• HIPS
Of the following choices, what most accurately
describes a NIPS?
• Detects and takes action against threats
• Provides notification of threats
• Detects and eliminates threats
• Identifies zero day vulnerabilities
You’ve recently completed a wireless audit and
realize that the wireless signal from your company’s
WAP reaches the parking lot. What can you do to
ensures that the signal doesn’t reach outside your
building?
• Increase the WAP’s power level
• Decrease the WAP’s power level
• Enable SSID broadcasting
• Disable SSID broadcasting
Which of the following secure protocols did WEP
implement incorrectly, allowing attackers to crack
it?
• SSL
• RC4
• CCMP
• AES
Your organization is designing an 802.11n network and
wants to use the strongest security. What would you
recommend?
• FTPS
• SSL
• WEP
• WPA2
Which of the following authentication mechanisms can
provide centralized authentication for a wireless
network?
• WPA2
• RADIUS
• Multifactor authentication
• Kerberos
You want to ensure that only specific wireless
clients can access your wireless networks. Of the
following choices, what provides the best solution?
• MAC filtering
• Content filtering
• NAT
• NIPS
You recently completed a wireless audit of your
company’s wireless network. You’ve identified several
unknown devices connected to the network and realize
they are devices owned by company employees. What can
you use to prevent these devices from connecting?
• MAC filtering
• Enable SSID broadcast
• Enable isolation mode on the WAP
• Reduce the power levels on the WAP
What can you do to prevent the easy discovery of
a WAP?
• Enable MAC filtering
• Disable SSID broadcast
• Enable SSID broadcast
• Enable 802.1X authentication
What troubleshooting a problem with a WAP in your
organization, you discover a rogue access point with
the same SSID as the organization’s WAP. What is the
second access point?
• IDS
• War chalking
• Evil twin
• Packet sniffer
You want to identify the physical location of a rogue
access point you discovered in the footprint of your
company. What would you use?
• Bluesnarfing
• Bluejacking
• War chalking
• War driving
You are hosting a wireless hotspot, and you want to
segment wireless users from each other. What should
you use?
• Personal mode
• Enterprise mode
• Isolation mode
• WEP
Which of the following best describes
bluejacking?
• Bluejacking involves accessing data on a phone
• Bluejacking involves checking a WAP’s antenna
placement, power levels and encryption
techniques
• Bluejacking involves sending unsolicited messages
to a phone
• Bluejacking involves a rogue access point with the
same SSID as your production WAP
Someone stole an executive’s smartphone, and the
phone includes sensitive data. What should you do to
prevent the thief from reading the data?
• Password protect the phone
• Encrypt the data on the phone
• Use remote wipe
• Track the location of the phone
You are deploying a remote access server for your
organization. Employees will use this to access the
network while on the road. Of the following choices,
what must you configure?
• NAC
• ACLs
• MACs
• NAT-T
Your organization is creating a site-to-site VPN
tunnel between the main business location and a
remote office. What can it use to create the tunnel?
• WAP2-Enterprise
• RADIUS
• NAC
• IPsec
You are planning to deploy a VPN with IPsec. Users
will use the VPN to access corporate resources while
they are on the road. How should you use IPsec?
• With AH in tunnel mode
• With AH in transport mode
• With ESP in tunnel mode
• With ESP in transport mode
An employee connect to the corporate network using a
VPN. However, the client is not able to access
internal resources, but instead receives a warning
indicating their system is not up to date with
current patches. What is causing the behavior?
• The VPN is using IPsec
• The VPN is not using IPsec
• NAC is disabled on the network and remediation
must take place before the client can access
internal resources
• NAC is enabled on the network and remdeiation
must take place before the client can access
internal resources
In order to provide flexible working conditions, a
company has decided to allow some employees
remote access into corporate headquarters. Which of
the following security technologies could be
used to provide remote access? (Select TWO).
• Subnetting
• NAT
• Firewall
• NAC
• VPN
Which of the following can prevent an unauthorized
person from accessing the network by
plugging into an open network jack?
• 802.1X
• DHCP
• 802.1q
• NIPS
A targeted email attack sent to Sara, the company’s
Chief Executive Officer (CEO), is known as
which of the following?
• Whaling
• Bluesnarfing
• Vishing
• Dumpster diving
Which of the following specifications would Sara, an
administrator, implement as a network access
control?
• 802.1q
• 802.3
• . 802.11n
• 802.1x
Configuring the mode, encryption methods, and
security associations are part of which of the
following?
• IPSec
• Full disk encryption
• 802.1x
• PKI
Which of the following would an antivirus company use
to efficiently capture and analyze new and
unknown malicious attacks?
• Fuzzer
• IDS
• Proxy
• Honeypot
Which of the following provides the HIGHEST
level of confidentiality on a wireless network?
• Disabling SSID broadcast
• MAC filtering
• WPA2
• Packet switching
Matt, an IT administrator, wants to protect a newly
built server from zero day attacks. Which of the
following would provide the BEST level of protection?
• HIPS
• Antivirus
• NIDS
• ACL
Mike, a network administrator, has been asked to
passively monitor network traffic to the
company’s sales websites. Which of the following
would be BEST suited for this task?
• HIDS
• Firewall
• NIPS
• Spam filter
Mike, a security professional, is tasked with
actively verifying the strength of the security
controls on a company’s live modem pool. Which of the
following activities is MOST appropriate?
• War dialing
• War chalking
• War driving
• Bluesnarfing
Jane, a security administrator, has observed repeated
attempts to break into a server. Which of
the following is designed to stop an intrusion on a
specific server?
• HIPS
• NIDS
• HIDS
• NIPS
Which of the following devices can Sara, an
administrator, implement to detect and stop known
attacks?
• Signature-based NIDS
• Anomaly-based NIDS
• Signature-based NIPS
• Anomaly-based NIPS
While setting up a secure wireless corporate network,
which of the following should Pete, an
administrator, avoid implementing?
• EAP-TLS
• PEAP
• WEP
• WPA
Which of the following are used to implement
VPNs? (Select TWO).
• SFTP
• IPSec
• HTTPS
• SNMP
• SSL
Which of the following describes how Sara, an
attacker, can send unwanted advertisements to a
mobile device?
• Man-in-the-middle
• Bluejacking
• Bluesnarfing
• Packet sniffing
Which of the following protocols can be used to
secure traffic for telecommuters?
• WPA
• IPSec
• ICMP
• SMTP
Which of the following allows Pete, a security
technician, to provide the MOST secure wireless
implementation?
• Implement WPA
• Disable SSID
• Adjust antenna placement
• Implement WEP
Which of the following technologies would allow for a
secure tunneled connection from one site to
another? (Select TWO).
• SFTP
• IPSec
• SSH
• HTTPS
• ICMP
Which of the following network design elements
provides for a one-to-one relationship between an
internal network address and an external network
address?
• NAT
• NAC
• VLAN
• PAT
Which of the following is true concerning WEP
security?
• WEP keys are transmitted in plain text.
• The WEP key initialization process is flawed.
• The pre-shared WEP keys can be cracked with
rainbow tables.
• WEP uses the weak RC4 cipher.
Jane, a security analyst, is reviewing logs from
hosts across the Internet which her company uses
to gather data on new malware. Which of the following
is being implemented by Jane’s company?
• Vulnerability scanner
• Honeynet
• Protocol analyzer
• Port scanner
The information security department regularly walks
the campus and around the buildings looking
for unauthorized open wireless networks. This is an
example of which of the following?
• A site survey
• Antenna placement
• War dialing
• War driving
Matt must come up with a design solution which will
enable remote users to securely access
network resources. Which of the following design
elements will enable Matt to meet this objective?
• DMZ
• VLAN
• VPN
• NAT
Pete, the security engineer, would like to prevent
wireless attacks on his network. Pete has
implemented a security control to limit the
connecting MAC addresses to a single port. Which of
the following wireless attacks would this address?
• Interference
• Man-in-the-middle
• Evil twin
• Rogue access point
Matt, the security administrator, wants to secure the
wireless network. Which of the following
encryption methods offers the MOST security?
• WPA2 ENT AES
• WPA2 PSK AES
• WPA2 ENT TKIP
• WPA2 PSK TKIP