What penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes?
answer
metasploit
question
Which of the following statements correctly describes the malware characteristic of polymorphism?
answer
Polymorphic malware can change its characteristics every time it is transferred to a new system.
question
A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what type of malware?
answer
logic bomb
question
Which of the following statements describes a worm?
answer
A program that runs independently of other software and travels between computers and across networks.
question
If multiple honeypots are connected to form a larger network, what term is used to describe the network?
answer
honeynet
question
An attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack?
answer
man-in-the-middle attack
question
Which of the following scenarios represents a phishing attempt?
answer
An e-mail was sent to a manager at your company that appeared to be from the company's CTO, asking for access.
question
In a red team-blue team exercise, what is the purpose of the blue team?
answer
The blue team is charged with the defense of the network.
question
Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers?
answer
Nessus
question
`If someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking place?
answer
quid go pro
question
A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this?
answer
tailgating
question
In the typical social engineering attack cycle, what occurs at Phase 3?
answer
The attacker exploits an action undertaken by the victim in order to gain access.
question
The concept of giving employees and contractors only enough access and privileges to do their jobs is known by what term?
answer
principle of least privilege
question
What statement regarding denial-of-service (DoS) attacks is accurate?
answer
A denial-of-service attack prevents legitimate users from accessing normal network resources.
question
Utilized by China's so-called "Great Firewall", what type of attack can prevent user access to web pages, or even redirect them to illegitimate web pages?
answer
DNS poisoning
question
What is the Nmap utility used for?
answer
It is a port scanning utility that can identify open ports on a host.
question
How is a posture assessment performed on an organization?
answer
A thorough examination of each aspect of the organization's network is performed to determine how it might be compromised.
question
What type of door access control is a physical or electronic lock that requires a code in order to open the door?
answer
cipher lock
question
An RFID label on a box is an example of what type of physical security detection method?
answer
asset tracking tagging
question
What statement regarding the different versions of the SHA hashing algorithm is accurate?
answer
SHA-2 and SHA-3 both support the same hash lengths.
question
On a Linux based system, what command can you use to create a hash of a file using SHA-256?
answer
sha256sum
question
Which command can be used on a Windows system to create a hash of a file?
answer
Get-FileHash
question
VMware's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software?
answer
mobile device management software
question
A variant of BYOD, what does CYOD allow employees or students to do?
answer
They can choose a device from a limited number of options.
question
Where would restrictions regarding what users can and cannot do while accessing a network's resources be found?
answer
acceptable use policy document
question
What document addresses the specific concerns related to special access given to administrators and certain support staff?
answer
privileged user agreement
question
Which of the following scenarios would necessitate the use of a non-disclosure agreement?
answer
Your company needs to prevent a new contractor from sharing information with a potential competitor.
question
How often should you require users to change their passwords?
answer
Every 60 days
question
What type of an attack forces clients off a wireless network, creating a form of Wi-Fi DoS?
answer
deauthentication attack
question
Which type of DoS attack involves an attack that is bounced off uninfected computers before being directed at the target?
answer
distributed reflection denial-of-service attack
question
Which of the following is an example of proxy server software?
answer
Squid
question
What is NOT a variable that an network access control list can filter traffic with?
answer
The operating system used by the source or destination device.
question
In ACL statements, using the "any" keyword is equivalent to using a wildcard mask of what value?
answer
255.255.255.255
question
What kind of firewall can block designated types of traffic based on application data contained within packets?
answer
content-filtering firewall
question
On a Linux system, which command allows you to modify settings used by the built-in packet filtering firewall?
answer
iptables
question
What is a SIEM (Security Information and Event Management) system utilized for?
answer
It is a system used to evaluate data from security devices and generate alerts.
question
When using Spanning Tree Protocol, what is the first step in selecting paths through a network?
answer
STP must first select the root bridge, or master bridge.
question
In order to prevent ports that are serving network hosts from being considered as best paths, what should be enabled to block BPDUs?
answer
BPDU guard
question
Which protocol designed to replace STP operates at Layer 3 of the OSI model?
answer
Shortest Path Bridging (SPB)
question
You have been tasked with the configuration of a Juniper switch, and have been told to restrict the number of MAC addresses allowed in the MAC address table. What command should you use?
answer
mac-limit
question
Enforcing a virtual security perimeter using a client's geographic location is known by what term?
answer
geofencing
question
When using Kerberos, what is the purpose of a ticket?
answer
It is a temporary set of credentials that a client uses to prove to other servers that its identity has been validated.
question
Which legacy authentication protocol requires mutual authentication?
answer
Microsoft Challenge Handshake Authentication Protocol, version 2 (MS-CHAPv2)
question
By far the most popular AAA service, what open-source service runs in the Application layer and can use UDP or TCP in the Transport layer?
answer
RADIUS
question
Which adaptation of EAP utilizes EAP-MSCHAPv2 inside of an encrypted TLS tunnel?
answer
Protected EAP (PEAP)
question
What IEEE standard includes an encryption key generation and management scheme known as TKIP?
answer
802.11i
question
What descendant of the Spanning Tree Protocol is defined by the IEEE 802.1W standard, and can detect as well as correct for link failures in milliseconds?
answer
Rapid Spanning Tree Protocol (RSTP)
question
You have been asked by your superior to configure all Cisco network switches to allow only acceptable MAC addresses through switch access ports. How is this accomplished?
answer
Use the switchport port-security command to enable MAC filtering.
question
What aspect of AAA is responsible for determining what a user can and cannot do with network resources?
answer
authorization
question
What statement regarding role-based access control is accurate?
answer
RBAC allows a network administrator to base privileges and permissions around a detailed description of a user's roles or jobs.
question
Which encryption standard was originally utilized with WPA's TKIP?
answer
Rivest Cipher 4 (RC4)
question
The Wired Equivalent Privacy standard had what significant disadvantage?
answer
It used a shared encryption key for all clients, and the key might never change.
question
In Open System Authentication, how does authentication occur?
answer
The client "authenticates" using only the SSID name. In other words, no real authentication occurs.
question
The Group Policy utility can be opened by typing what name into a Run box?
answer
gpedit.msc
question
When using Spanning Tree Protocol, which port on non-root bridges can forward traffic toward the root bridge?
answer
Only one root port, which is the bridge's port that is closest to the root bridge, can forward.
question
Which of the following terms is used to describe the configuration of a port to copy all traffic passing through the switch to the device at the other end of the port?
answer
port mirroring
question
In regards to the use of local authentication, what statement is accurate?
answer
Local authentication is network and server failure tolerant.
question
What scenario might be ideal for the use of root guard in configuring a switch?
answer
You wish to prevent switches beyond a certain port from becoming the root bridge, but still wish to use STP.
question
When using a host-based intrusion detection system, what additional feature might be available to alert the system of any changes made to files that shouldn't change?
answer
file integrity monitoring (FIM)
question
What statement correctly describes a stateless firewall?
answer
A stateless firewall manages each incoming packet as a stand-alone entity, without regard to currently active connections.
question
When using SNMP with TLS, what port do agents receive requests on?
answer
10161
question
At what point is a packet considered to be a giant?
answer
It becomes a giant when it exceeds the medium's maximum packet size.
question
Packets that are smaller than a medium's minimum packet size are known by what term below?
answer
runts
question
When a device handles electrical signals improperly, usually resulting from a bad NIC, it is referred to by what term below?
answer
jabber
question
When using DiffServ, what type of forwarding utilizes a minimum departure rate from a given node, which is then assigned to each data stream?
answer
expedited forwarding
question
What 3-bit field in a 802.1Q tag is modified to set a frame's Class of Service (CoS)?
answer
Priority Code Point (PCP)
question
A highly available server is available what percentage of the time?
answer
99.999%
question
What happens when an NMS uses the SNMP walk command?
answer
The NMS uses get requests to move through sequential rows in the MIB database.
question
When Comcast was found to be interfering with BitTorrent traffic, what method was being used?
answer
Comcast was interjecting TCP segments with the RST (reset) field set.
question
What term is used to describe the average amount of time that will pass for a device before a failure is expected to occur?
answer
mean time between failures (MTBF)
question
The Link Aggregation Control Protocol was initially defined by what IEEE standard?
answer
IEEE 802.3ad
question
Which of the following statements describes a RAID 0 configuration?
answer
In a RAID 0, data is striped across multiple disks to improve performance.
question
What Storage Area Network (SAN) protocol runs on top of TCP, and can be used on an existing twisted-pair Ethernet network, while maintaining low cost?
answer
Internet SCSI (iSCSI)
question
A differential backup covers what data on a system?
answer
It includes data that has changed since the last full backup.
question
Which type of uninterruptible power supply uses AC power to continuously charge its battery, while also providing power to devices through the battery?
answer
online UPS
question
In planning for disaster recovery, what is the ultimate goal?
answer
The continuation of business.
question
How does a line conditioning UPS protect network equipment?
answer
It filters line noise from incoming power.
question
You are attempting to determine how available your Linux systems are, and need to find the current system uptime. What command should you use?
answer
uptime
question
What makes up the first 6 bits of the 8-bit DiffServ field?
answer
Differentiated Services Code Point (DSCP)
question
A network TAP serves what purpose on a network?
answer
It provides a mirrored port for monitoring traffic between other ports.
question
When viewing a syslog message, what does a level of 0 indicate?
answer
The message is an emergency situation on the system.
question
Each managed object on a managed device using SNMP is assigned which of the following?
answer
object identifier (OID)
question
Once a device has failed, what metric measures the average amount of time to repair?
answer
mean time to repair (MTTR)
question
What does the Common Address Redundancy Protocol do?
answer
It allows a pool of computers or interfaces to share the same IP address.
question
The grouping of multiple servers so that they appear as a single device to the rest of the network is known as which term?
answer
clustering
question
Which type of backup scheme only covers data that has changed since the last backup?
answer
incremental backup
question
What is distributed switching?
answer
It is a single distributed vSwitch that can service VMs across multiple hosts.
question
If you wish to maintain a "4 nines" availability rating, what is the maximum amount of down time you can have per day?
answer
8 seconds
question
A snapshot is most similar to which type of backup scheme?
answer
incremental backup
question
What statement regarding the use of a network attached storage device is accurate?
answer
A NAS can be easily expanded without interrupting service.
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy
