Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
|
You work for a retailer that sells household goods online. The company has decided to redesign its network for better security. Included in this redesign is the addition of a new firewall. Assuming the firewall is placed between the Internet connection and the Web server, which of the following should be included in the firewall's configuration so that customers can still reach the web site?
a) Allow incoming UDP-based transmissions to port 23 b) Allow incoming TCP-based transmissions to port 80 c) Allow outgoing TCP-based transmissions to port 88 d) Allow outgoing TCP-based transmissions to port 1024 |
b) allow incoming TCP-based transmissions to port 80
|
|
|
Which of the following is the most secure password?
a) 12345ABC b) dolphins c) !tlzOGS557x^^L d) A1B2C333 |
c) !tlzOGS557x^^L
|
|
|
You are alerted that suddenly 100% of the resources on your two core routers are being used and no legitimate traffic can travel into or out of your network. What kind of security attack are you most likely experiencing?
a) IP Spoofing b) Brute force attack c) flashing d) Denial-of-service attack |
d) denial of service attack
|
|
|
What type of device guards against an attack in which a hacker modifies the IP source address in the packets he's issuing so that the transmission appears to belong to your network?
a) Packet-filtering firewall b) Proxy server c) NAT gateway d) Router |
b) Proxy server
|
|
|
Which of the following devices can improve performance for certain applications, in addition to enhancing network security?
a) Packet-filtering firewall b) NAT gateway c) Proxy server d) Router |
C) Proxy server
|
|
|
If a firewall does nothing more that filter packets, at what layer of the OSI model does it operate?
a) Transport b) Network c) Data Link d) Session |
b) network
|
|
|
Which of the following encryption methods provides the best security for data traveling over VPN connections?
a) PPTP b) L2TP c) IPSec d)SLIP |
c) IPSec
|
|
|
Which of the following criteria could a router's ACL use for denying packets access to a private network?
a) Source IP address b) Authentication header c) RTT d) Source MAC address |
a) source IP address
|
|
|
Which of the following NOS logon restrictions is most likely to stop a hacker who is attempting to discover someone's password through a brute force or dictionary attack?
a) Total time logged on b) Time of day c) Period of time after which a password expires d) Number of unsuccessful logon attempts |
d) Number of unsuccessful logon attempts
|
|
|
Which of the following can automatically detect and deny network access to a host whose traffic patterns appear suspicious?
a) IPS b) NAT Gateway c) Proxy Server d) Router |
a) IPS
|
|
|
If you are entering your account number and password in a Web form to check your bank account balance online, which of the following encryption methods are you most likely using?
a) PGP b) SSL c) SSH d) Kerberos |
b) SSL
|
|
|
Which of the following encryption techniques is incorporated into IP version 6?
a) SSH b) SSL c) Kerberos d) IPSec |
d) IPSec
|
|
|
Which of the following is one reason WEP is less secure than 802.11i?
a) WEP is only capable of 16 bit encryption key, where as 802.11i can use keys up to 128 bits long b) WEP uses only one encryption method, whereas 802.11i combines two encryption methods for data transit. c) WEP uses the same key for authentication and encryption every time a client connects, whereas 802.11i assigns keys dynamically to each transmission d) WEP does not require clients to specify an SSID, whereas 802.11i requires clients to specify an SSID plus a username and password for the network's access server. |
c) WEP uses the same key for authentication and encryption every time a client connects, whereas 802.11i assigns keys dynamically to each transmission
|
|
|
Using a 20-bit key is how many times more secure than using an 18-bit key?
a) two times b) three times c) four times d) eight times |
c) four times
|
|
|
How many keys are required for public key encryption?
a) one b) two c) four d) none |
b) two
|
|
|
You are designing an 802.11n wireless network for a local cafe. You want the wireless network to be available to the cafe's customers but not to anyone with a wireless NIC that happens to be in the vicinity. Which of the following security measures require customers to enter a network key to gain access to your network via the access point?
a) SSL b) IPSec c) TLS d) WPA2 |
d) WPA2
|
|
|
Which of the following requires port-based authentication?
a) Kerberos b) Radius c) WEP d) WPA |
a) Kerberos
|
|
|
Which of the following plays a crucial role in the Public-Key Infrastructure?
a) IDS d) Certificate authority c) VPN concentrator d) PGP |
b) Certificate authority
|
|
|
Which of the following techniques would prevent an FTP bounce attack?
a) Configuring your firewall to deny requests to ports 20 and 21 b) Performing a port scan of your network using NMAP c) Configuring the FTP service to require a password d) Restricting the size of your FTP server's memory allocation table. |
a) configuring your firewall to deny requests to ports 20 and 21
|
|
|
You have decided to add a honeypot to your network. Where on the network would you place it?
a) on your company's web server b) In a decoy DMZ c) Between the access server and RADIUS server d) Attached to a workgroup switch |
b) in a decoy DMZ
|
