Security Pro Chapter 5 – 5.1.7, 5.2.9, 5.3.8, 5.4.5, 5.5.5, 5.6.5, 5.7.8, 5.8.5, 5.9.4, 5.10.8, 5.11.6, 5.12.9 Practice Questions

Your page rank:

Total word count: 4492
Pages: 16

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

Which of the following is the main difference between a DOS attack and a DDoS attack?

The DDoS attack uses zombie computers.

Which of the following are denial of service attacks? (Select two.)

Fraggle Smurf

Which attack form either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?

Denial of service attack

As the victim of a Smurf attack, what protection measure is the most effective during the attack?

Communicate with your upstream provider

You suspect that an Xmas tree attack is occurring on a system. Which of the following could result if you do not stop the attack? (Select two.)

The system will be unavailable to respond to legitimate requests. The threat agent will obtain information about open ports on the system.

You need to enumerate the devices on your network and display the network’s configuration details.

Which of the following utilities should you use?


An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing?

Browsing the organization’s website

Which type of active scan turns off all flags in a TCP header?


Which of the following denial of service (DOS) attacks uses ICMP packets and is only successful if the victim has less bandwidth than the attacker?

Ping flood

In which of the following denial of service (DoS) attacks does the victim’s system rebuild invalid UDP packets, causing the system to crash or reboot?


A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?

Land attack

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?


A SYN attack or SYN flood exploits or alters which element of the TCP three-way handshake?


When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what?

Land attack

Which of the following best describes the ping of death?

An ICMP packet that is larger than 65,536 bytes

Which of the following is the best countermeasure against man-in-the-middle attacks?


What is modified in the most common form of spoofing on a typical IP packet?

Source address

Which type of activity changes or falsifies information in order to mislead or re-direct traffic?


Which of the following describes a man-in-the-middle attack?

A false server intercepts communications from a client by impersonating the intended server.

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which attack type?

Man-in-the-middle attack

When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack has occurred?


What is the goal of a TCP/IP hijacking attack?

Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access.

Which of the following is not a protection against session hijacking?

DHCP reservations

Which of the following is the most effective protection against IP packet spoofing on a private network?

Ingress and egress filters

While using the internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address of the web server, the correct site is displayed.

Which type of attack has likely occurred?

DNS poisoning

Which of the following attacks tries to associate an incorrect MAC address with a known IP address?

ARP poisoning

What are the most common network traffic packets captured and used in a replay attack?


When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?

An unauthorized user gaining access to sensitive resources

A router on the border of your network detects a packet with a source address that is from an internal client, but the packet was received on the internet-facing interface. This is an example of what form of attack?


An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information.

What kind of exploit has been used in this scenario? (Choose two. Both responses are different names for the same exploit.)

Pharming DNS poisoning

Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?


You are the office manager of a small financial credit business. Your company handles personal financial information for clients seeking small loans over the internet. You are aware of your obligation to secure clients records. Budget is an issue for your company.

Which item would provide the best security for this situation?

All-in-one security appliance

You are implementing security at a local high school that is concerned with students accessing inappropriate material on the internet from the library’s computers. The students Will use the computers to search the internet for research paper content. The school budget is limited.

Which content filtering option would you choose?

Restrict content based on content categories

Match the application-aware network device on the right with the appropriate description on the left.
Each description may be used once, more than once, or not at all.

Application-aware proxy: – Improves application performance Application-aware firewall: – Enforces security rules based on the application that is generating network traffic instead of the traditional port and protocol Application-aware IDS: – Analyzes network packets to detect malicious payloads targeted at application-layer services

Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks.

You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches are installed.

Which solution should you use?


You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to internet users.

Which solution should you use?

Use firewalls to create a DMZ. Place the web server inside the DMZ and the private network behind the DMZ.

You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information.

How should you place devices on the network to best protect the servers? (Select two.)

Put the database server on the private network. Put the web server inside the DMZ.

Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted internet?


Which of the following is likely to be located in a DMZ?

FTP Server

In which of the following situations would you most likely implement a demilitarized zone (DMZ)?

You want to protect a public web server from attack.

Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks?

Bastion or sacrificial host

Your company has a connection to the internet that allows users to access the internet. You also have a web server and an email server that you want to make available to internet users. You want to create a DMZ for these two
Which type of device should you use to create the DMZ?

Network-based firewall

Which of the following is a firewall function?

Packet filtering

You manage a small network at work. Users use workstations connected to your network No portable computers are allowed.
As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-
mails and prevent any e-mails with malicious attachments from being received by users.
Your solution should minimize administration, allowing you to centrally manage the scan settings.
Which solution should you use?

Network based firewall

Which of the following are characteristics of a circuit-level gateway? (Select two.)

Stateful Filters based on sessions

Which of the following are characteristics of a packet filtering firewall? (Select two.)

Stateless Filters IP address and port

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?


You provide internet access for a local school. You want to control Internet access based on user, and prevent
access to specific URLs.
Which type of firewall should you install?

Application level

Which of the following is the best device to deploy to protect your private network from a public untrusted network?


You have been given laptop to use for work. You connect the laptop to your company network, use it from home,
and use it while traveling.
You want to protect the laptop from Internet-based attacks.
Which solution should you use?

Host based firewall

Which of the following are true of a circuit proxy filter firewall? (Select two.)

Verifies sequencing of session packets. Operates at the Session layer.

You would like to control Internet access based on users, time of day, and websites visited. How can you do this?

Install a proxy server. Allow Internet access only through the proxy server.

Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?


Which of the following describes how access lists can be used to improve network security?

An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

When designing a firewall, what is the recommended approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ.

Which of the following firewall types can be a proxy between servers and clients? (Select two.)

Application layer firewall Circuit proxy filtering firewall

You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55. lgg/16. You have a Single public address that IS shared by all hosts on your private network.
You want to configure the sewer as a web server and allow internet hosts to contact the server to browse a
personal website.
What should use to allow access?

Static NAT

You are the administrator for a small company that implements NAT to access the internet. However, you
recently acquired five servers that must be accessible from outside your network. Your ISP has provided you With five additional registered IP addresses to support these new servers, but you don’t want the public to access these servers directly. You want to place these servers behind your firewall on the Inside network, yet still allow them to be accessible to the public from the outside.
Which method of NAT translation should you implement for these servers?


You want to connect your small company network to the internet. Your ISP provides with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate
connection to internal hosts. What type of address translation (NAT) should you implement?


Which of the following is not one of the IP address ranges defined in RFC 1918 that are commonly used behind a
NAT server? –

Which of the following networking devices or services prevents the use of IPSec in most cases?


Which of the following is not a benefit of NAT?

Improving the throughput rate of traffic

A group of salesmen would like to access your private network through the internet while they are traveling. You want to control access to the private network through a single server.
Which solution should you implement?

VPN concentrator

A VPN is primarily used for what purpose?

Support secured communications over an untrusted network

Which VPN protocol typically employs IPSec as its data encryption mechanism?


Which statement best describes IPSec when used in tunnel mode?

The entire data packet, including headers, is encapsulated

Which IPSec subprotocol provides data encryption?


Which is the best countermeasure for someone attempting to view your network traffic?


PPTP (Point-to-Point Tunneling Protocol) is quickly becoming obsolete because of which VPN protocol?

L2TP (Layer 2 Tunneling Protocol)

What is the primary use of tunneling?

Supporting private traffic through a public communication medium

In addition to Authentication Header (AH), IPSec is comprised of what other service?

Encapsulating Security Payload (ESP)

A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization’s order database.

Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports.

Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection.

Which key steps should you take when implementing this configuration? (Select two.)

Configure the browser to send HTTPS requests through the VPN connection Configure the VPN connection to use IPSec

Which of the following is a valid security measure to protect email from viruses?

Use blockers on email gateways

Which of the following prevents access based on website ratings and classifications?

Content Filter

Drag the web threat protection method on the left to the correct definition on the right.

Prevents users from visiting malicious [Web threat filtering] Prevents outside attempts to access confidential information [Anti-phishing software] Identifies and disposes of infected content [Virus blockers] Prevents unwanted email from reaching your network [Gateway email spam blockers] Prevents users from visiting restricted websites [URL content filtering]

You are investigating the use of website and URL content filtering to prevent users from visiting certain websites.

Which benefits are the result of implementing this technology in your organization? (Choose two.)

An increase in bandwidth availability Enforcement of the organization’s internet usage policy

Which of the following are functions of gateway email spam blockers? (Select two.)

Filters messages containing specific content Blocks email from specific senders

You have a company network with a single switch. All devices connect to the network through the switch.

You want to control which devices are able to connect to your rän.’ork. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download.

Which of the following components will be part of your solution? (Select two.)

Remediation servers 802.1x authentication

Which step is required to configure a NAP on a Remote Desktop (RD) gateway server?

Edit the properties for the server and select Request clients to send a statement of health

In a NAP system, which is the function of the System Health Validator?

Compare the statement of health submitted by the client to the health requirements

How does IPSec NAP enforcement differ from other NAP enforcement methods?

Clients must be issued a valid certificate before a connection to the private network is allowed

Your organization’s security policy requires you to restrict network access to allow only clients that have their firewall enabled.

Which of the following is a collection of components that would allow you to meet this requirement?

Network access protection

Which of the following specifications identify security that can be added to wireless networks? (Select two.)

802.1x 802.11i

Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?

WEP, WPA Personal, and WPA2 Personal

Which of the following offers the weakest form of encryption for an 802.11 wireless network?


What encryption method is used by WPA for wireless networks?


Which of the following features are supplied by WPA2 on a wireless network?


You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? (Select two.)

802.1x AES encryption

You need to configure the wireless network card to connect to your network at work. The connection should use a user name and password for authentication with AES encryption.

What should you do?

Configure the connection to use WPA2-Enterprise.

Match the wireless networking security standard on the left to its associated characteristics on the right. Each standard can be used more than once.

Short initialization vector makes key vulnerable. [WEP] Uses AES for encryption. [WPA2] Uses RC4 for encryption. [WEP] Uses TKIP for encryption. [WPA] Uses CBC-MAC for data integrity. [WPA2] Uses CCMP for key rotation. [WPA2]

Which of the following are typically used for encrypting data on a wireless network? (Select two.)


You want to connect a laptop computer running Windows to a wireless network.

The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled.

What should you do?

Configure the connection with a pre-shared key and AES encryption.

Which of the following is used on a wireless network to identify the network name?


Which of the following are true about Wi-Fi Protected Access 2 (WPA2)? (Select two.)

WPA2 uses AES for encryption and CBC-MAC for data integrity. Upgrading from a network using WEP typically requires installing new hardware.

WiMAX is an implementation of which IEEE committee?


You have a small wireless network that uses multiple access points. The network uses WPA and broadcasts the
SSID. WPA2 is not supported by the wireless access points.
You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop? (Select two.)

Pre-shared key TKIP encryption

Your company security policy states that wireless are not to be used because of the potential security risk they present to your network.
One day, you find that an employee has connected a wireless access point to the in his office.
What type of security risk is this?

Rogue Access Point

Which of the following best describes //bluesnarfing?//

Viewing calendar, emails, and messages on a mobile device without authorization

Which of the following sends unsolicited business cards and messages to a Bluetooth device?


Which of the following is the best protection to prevent attacks on mobile phones through the Bluetooth protocol?

Disable Bluetooth on the phone

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4 GHz cordless phones used in the office are interfering with the wireless network transmissions.
If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)

Bluetooth 802.11g

Your organization uses an 802.1 lg wireless network. Recently, other tenants installed the following equipment in your building:
• A wireless television distribution system running at 2.4 GHz
• A wireless phone system running at 5.8 GHz
• A wireless phone system running at goo MHz
• An 802.1 In wireless network running in the 5 GHz frequency range
Since this equipment was installed, your wireless has been experiencing significant interference. Which system is to blame?

The wireless TV system

A user calls to report that she is experiencing intermittent problems while accessing the wireless from her laptop computer. While she normally works from her office, today she is trying to access the wireless network from a conference room across the hall and next to the elevator.
What is the most likely cause of her connectivity problem?

Interference is affecting the wireless signal.

Which of the following best describes an //evil twin//?

An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.

Network packet sniffing is often used to gain the information necessary to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing?


Which of the following common network monitoring or diagnostic activities can be used as a passive malicious attack?


Match the malicious interference type on the right with the appropriate characteristic on the left. Each characteristic can be used once, more than once, or not at all.

[Spark Jamming] Repeatedly blasts receiving equipment with high-intensity, short-duration RF bursts at a rapid pace [Random Noise Jamming] Produces RF signals using random amplitudes and frequencies [Random Pulse Jamming] Uses radio signal pulses of random amplitude and frequency

An attacker has hidden an NFC reader behind an NFC-based kiosk in an airport.
The attacker uses the device to capture NFC data in transit between end user devices and the reader in the kiosk. She then uses that information to masquerade as the original end user device and establish an NFC connection to the kiosk.

What kind of attack has occurred in this scenario?

NFC relay attack

You are implementing a wireless in a dentist’s office. The dentist’s practice is small, so you choose to use an inexpensive consumer-grade access point.
While reading the documentation, you notice that the access point supports Wi-Fi Protected Setup (WPS) using a PIN. You are concerned about the security Implications of this functionality.

What should you do to reduce risk?

Disable WPS in the access point’s configuration

You are concerned that wireless access points may have been deployed within your organization without authorization.
What should you do? (Select two. Each response is a complete solution.)

Check the MAC addresses of devices connected to your wired switch Conduct a site survey

Which of the following locations contributes the greatest amount of interference for a wireless access point? (Select two.)

Near cordless phones Near backup generators

Which of the following wireless network protection methods prevents the wireless network name from being broadcast?

SSID broadcast

Which of the following do switches and wireless access points use to control access through the device?

MAC address filtering

You have physically added a wireless access point to your network and installed a wireless networking card in laptops that run Windows. Neither laptop can find the network. You have come to the conclusion that you must manually configure the wireless access point (AP).
Which of the following values uniquely identifies the network AP?


You want to implement 802.1x authentication on your wireless network. Which of the following will be required?


You are the wireless administrator for your organization. As the size of the organization has grown, you’ve decide to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys.
You’ve decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the necessary Cisco client software on each RADIUS client.
Which of the following is true concerning this implementation?

The system is vulnerable because LEAP is susceptible to dictionary attacks

You are the wireless administrator for your organization. As the size of the organization has grown, you’ve decide to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys.
To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other.
What should you do? (Select two. Each response is a part of the complete solution.)

Configure the RADIUS server with a server certificate Configure all wireless access points with client certificates

You need to place a wireless access point in your building. While trying avoid interference, which of the
following is the best location for the access point?

On the top floor

Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?

Place access points above where most clients are.

You are designing a wireless network implementation for a small business. The business deals with sensitive customer information, so data emanation must be reduced as much as possible.
The floor plan of the office is shown below. Match each type of access point antenna on the left with the appropriate location on the floor plan on the right. Each antenna type can be used once, more than once, or not at all.

A= Directional B= Directional C=Omnidirectional D= Directional E= Directional F= Directional G= Directional

The owner of a hotel has contracted with you to implement a wireless network to provide internet access for guests.
The owner has asked that you implement security controls so that only paying guests are allowed to use the wireless network. She wants guests ta be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, guests should then be allowed full access to the Internet. If a user does not provide the correct code, they should not be allowed to access the Internet.
What should you do?

Implement a captive portal

You are replacing a wired business network with an 802.1 lg wireless network. You currently use Active Directory on the company network as your directory service. The new wireless network will have multiple wireless access points.
You want to use WPA2 on the network. What should you do to configure the wireless network? (Select two.)

Configure devices to run in infrastructure mode Install a RADIUS server and use 802.1x authentication

Which of the following features on a wireless network allows or rejects client connections based on the hardware address?

MAC address filtering

A customer has called and indicated that he thinks his neighbor is connecting to his wireless access point (AP) to use his high-speed internet connection. Which of the following will resolve this issue? (Select two.)

Disable SSID broadcast on the AP Implement MAC address filters

You’ve just installed a wireless access point (AP) for your organization’s network. You know that the radio signals used by the AP extend beyond your organization’s building and are concerned that unauthorized users outside may be able to access your internal network.
What can you do to protect the wireless network? (Select two.)

Disable DHCP on the AP Configure the AP to filter out unauthorized MAC addresses

You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing?

WPA2 with AES

Share This

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more


A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message