1 / 51

Cybersecurity Test Review

Cybersecurity Test Review. Chapter Three. Question 1. Which of the following protocols is a file transfer protocol using SSH? SFTP TFTP SICMP CCMP. Question 2. Of the following choices, which one provides the most security for FTP? FTP active mode FTPS TFTP SCP. Question 3.

benny
Download Presentation

Cybersecurity Test Review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cybersecurity Test Review Chapter Three

  2. Question 1 Which of the following protocols is a file transfer protocol using SSH? • SFTP • TFTP • SICMP • CCMP

  3. Question 2 • Of the following choices, which one provides the most security for FTP? • FTP active mode • FTPS • TFTP • SCP

  4. Question 3 • Of the following choices, what is a benefit for IPsec? • MAC filtering • Flood guard • Load balancing • Payload encryption

  5. Question 4 • What protocol is used to monitor and configure network devices? • ICMP • SFTP • SNMP • DNS

  6. Question 5 • Which of the following is an IPv6 address? • 192.168.1.100 • 192.168.1.100/128 • FE80:20D4:3FF7:003F:DE62 • FE80:0000:0000:0000:20D4:3FF7:003F:DE62

  7. Question 6 • Which of the following IP addresses are on the same subnet? (Choose all that apply) • 192.168.5.50, 255.255.255.192 • 192.168.1.100, 255.255.255.192 • 192.168.1.165, 255.255.255.192 • 192.168.1.189, 255.255.255.192

  8. Question 7 • An administrator decides to block Telnet access to an internal network from any remote device on the internet. Which of the following is the best choice to accomplish this? • Block port 22 at the host firewall • Block port 22 on the internal routers • Block port 23 at the network firewall • Block port 23 on internal routers

  9. Question 8 • What port does SFTP use? • 22 • 23 • 443 • 1443

  10. Question 9 • What ports do HTTP and HTTPS use? • 20 and 21 • 22 and 25 • 80 and 443 • 80 and 1433

  11. Question 10 • What port does SMTP use? • 22 • 25 • 110 • 143

  12. Question 11 • Of the following choices, what ports are used by NetBIOS? (Choose two.) • 80 • 137 • 139 • 3389

  13. Question 12 • Your organization uses switches for connectivity. Of the following choices, what will protect the switch? • Disable unused MAC addresses • Disable unused ports • Disable unused IPv4 addresses • Disable unused IPv6 addresses

  14. Question 13 • YA user unplugged a cable into two RJ-45 wall jacks connected to unused ports on a switch. In a short period, this disrupted the overall network performance. What should you do to protect against this problem in the future? • Enable loop protection on the switch • Disable port security • Use a VLAN • Create DMZ

  15. Question 14 • What can you use to logically separate computers in two different departments within a company? • A hub • A VLAN • NAT • A flood guard

  16. Question 15 • Most firewalls have a default rule placed at the end of the firewall’s ACL. Which of the following is the most likely default rule? • Deny any any • Deny ICMP all • Allow all all • Allow TCP all

  17. Question 16 • Of the following choices, what best describes a method of managing the flow of network traffic by allowing or denying traffic based on ports, protocols and addresses? • Implicit deny • Firewall rules • Proxy server content filter • Firewall logs

  18. Question 17 • Of the following choices, what represents the best choice to prevent intrusions on an individual computer? • HIDS • NIDS • Host-based firewall • Network-based firewalls

  19. Question 18 • Your network includes a subnet that hosts accounting server with sensitive data. You want to ensure that users in the Marketing Department (on a separate subnet) cannot access these servers. Of the following choices, what would be the easiest to achieve the goal? • Enable load balancing • Enable port security • Use an ACL • Add a host-based firewall to each server

  20. Question 19 • Of the following choices, what controls traffic between networks? • A firewall • Load balancer • VPN connector • Protocol analyzer

  21. Question 20 • An organization has a web security gateway installed. What function is this performing? • MAC filtering • Caching content • Hiding internal IP addresses • Content filtering

  22. Question 21 • Your organization hosts a large website served by multiple servers. They need to optimize the workload and distribute it equally among all servers. What should they use? • Proxy server • Load balancer • Web security gateway • Security appliance

  23. Question 22 • Of the following choices, what can be used to allow access to specific servers from the internet while protecting access to an internal network? • SSH • Implicit deny • DMZ • Port security

  24. Question 23 • Of the following choices, what hides the IP addresses of computers inside a network from computers outside the network? • Web security gateway • Replacing all hubs with switches • WAF • NAT

  25. Question 24 • Of the following choices, what is the best choice for a device to filter and cache content from web pages? • Web security gateway • VPN connector • Proxy server • MAC filtering

  26. Question 25 • In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access? (Select TWO). • Subnetting • NAT • Firewall • NAC • VPN

  27. Question 26 • Which of the following can prevent an unauthorized person from accessing the network by plugging into an open network jack? • 802.1x • DHCP • 802.1q • NIPS

  28. Question 27 • After verifying that the server and database are running, Jane, the administrator, is still unable tomake a TCP connection to the database. Which of the following is the MOST likely cause for this? • The server has data execution prevention enabled • The server has TPM based protection enabled • The server has HIDS installed • The server is running a host-based firewall

  29. Question 28 • A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check? • Firewall • Application • IDS • Security

  30. Question 29 • Which of the following devices would MOST likely have a DMZ interface? • Firewall • Switch • Load balancer • Proxy

  31. Question 30 • Which of the following tools would Matt, a security administrator, MOST likely use to analyze a malicious payload? • Vulnerability scanner • Fuzzer • Port scanner • Protocol analyzer

  32. Question 31 • Which of the following BEST describes a protective countermeasure for SQL injection? • Eliminating cross-site scripting vulnerabilities • Installing an IDS to monitor network traffic • Validating user input in web applications • Placing a firewall between the Internet and database servers

  33. Question 32 • Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? • Connect the WAP to a different switch. • Create a voice VLAN. • Create a DMZ. • Set the switch ports to 802.1q mode.

  34. Question 33 • Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO). • 10.4.4.125 • 10.4.4.158 • 10.4.4.165 • 10.4.4.189 • 10.4.4.199

  35. Question 34 • Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue? • Spam filter • Protocol analyzer • Web application firewall • Load balancer

  36. Question 35 • An ACL placed on which of the following ports would block IMAP traffic? • 110 • 143 • 389 • 465

  37. Question 36 • Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task? • HIDS • Firewall • NIPS • Spam filter

  38. Question 37 • Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers? • Packet filtering firewall • VPN gateway • Switch • Router

  39. Question 38 • Matt, the IT Manager, wants to create a new network available to virtual servers on the samehypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished? • Create a VLAN without a default gateway. • Remove the network from the routing table. • Create a virtual switch. • Commission a stand-alone switch.

  40. Question 39 • A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? • 20 • 21 • 22 • 23

  41. Question 40 • Which of the following protocols would be implemented to secure file transfers using SSL? • TFTP • SCP • SFTP • FTPS

  42. Question 41 • Which of the following are used to implement VPNs? (Select TWO). • SFTP • IPSec • HTTPS • SNMP • SSL

  43. Question 42 • Matt, a security administrator, is receiving reports about several SQL injections and buffer overflows through his company’s website. Which of the following would reduce the amount of these attack types? • Antivirus • Anti-spam • Input validation • Host based firewalls

  44. Question 43 • Pete, the security administrator, wants to ensure that traffic to the corporate intranet is secure using HTTPS. He configures the firewall to deny traffic to port 80. Now users cannot connect to the intranet even through HTTPS. Which of the following is MOST likely causing the issue? • The web server is configured on the firewall’s DMZ interface. • The VLAN is improperly configured. • The firewall’s MAC address has not been entered into the filtering list. • The firewall executes an implicit deny.

  45. Question 44 • Which of the following protocols can be used to secure traffic for telecommuters? • WPA • IPSec • ICMP • SMTP

  46. Question 45 • Which of the following must Jane, a security administrator, implement to ensure all wired ports are authenticated before a user is allowed onto the network? • Intrusion prevention system • Web security gateway • Network access control • IP access control lists

  47. Question 46 • A security administrator needs to open ports on the firewall to allow for secure data transfer. Which of the following TCP ports would allow for secure transfer of files by default? • 21 • 22 • 23 • 25

  48. Question 47 • Which of the following technologies would allow for a secure tunneled connection from one site to another? (Select TWO). • SFTP • IPSec • SSH • HTTPS • ICMP

  49. Question 48 • Which of the following network design elements provides for a one-to-one relationship between an internal network address and an external network address? • NAT • NAC • VLAN • PAT

  50. Question 49 • Sara, a security administrator, needs to implement the equivalent of a DMZ at the datacenter entrance. Which of the following must she implement? • Video surveillance • Mantrap • Access list • Alarm

More Related