Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
100 Cards in this Set
- Front
- Back
QUESTION NO: 301 Which port does the Post Office Protocol Version 3 (POP3) make use of? A. 110 B. 109 C. 139 D. 119 |
A. 110 |
|
QUESTION NO: 302 Which of the following are WELL KNOWN PORTS assigned by the IANA? A. Ports 0 to 255 B. Ports 0 to 1024 C. Ports 0 to 1023 D. Ports 0 to 127 |
C. Ports 0 to 1023 |
|
QUESTION NO: 303 What is the maximum length of cable that can be used for a twisted-pair, Category 5 10Base-T cable? A. 80 meters B. 100 meters C. 185 meters D. 500 meters |
B. 100 meters |
|
QUESTION NO: 304 Secure Sockets Layer (SSL) is very heavily used for protecting which of the following? A. Web transactions. B. EDI transactions. C. Telnet transactions. D. Electronic Payment transactions. |
A. Web transactions. |
|
QUESTION NO: 305 Transport Layer Security (TLS) is a two-layered socket layer security protocol that contains the TLS Record Protocol and the:: A. Transport Layer Security (TLS) Internet Protocol. B. Transport Layer Security (TLS) Data Protocol. C. Transport Layer Security (TLS) Link Protocol. D. Transport Layer Security (TLS) Handshake Protocol. |
D. Transport Layer Security (TLS) Handshake Protocol. |
|
QUESTION NO: 306 Similar to Secure Shell (SSH-2), Secure Sockets Layer (SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses asymmetric or public key cryptography for: A. Peer Authentication B. Peer Identification C. Server Authentication D. Name Resolution |
A. Peer Authentication |
|
QUESTION NO: 307 Secure Sockets Layer (SSL) uses a Message Authentication Code (MAC) for what purpose? A. message non-repudiation. B. message confidentiality. C. message interleave checking. D. message integrity. |
D. message integrity. |
|
QUESTION NO: 308 Packet Filtering Firewalls can also enable access for: A. only authorized application port or service numbers. B. only unauthorized application port or service numbers. C. only authorized application port or ex-service numbers. D. only authorized application port or service integers. |
A. only authorized application port or service numbers. |
|
QUESTION NO: 309 A packet filtering firewall looks at the data packet to get information about the source and destination addresses of an incoming packet, the protocol (TCP, UDP, or ICMP), and the source and destination port for the: A. desired service. B. dedicated service. C. delayed service. D. distributed service. |
A. desired service. |
|
QUESTION NO: 310 A Packet Filtering Firewall system is considered a: A. first generation firewall. B. second generation firewall. C. third generation firewall. D. fourth generation firewall. |
A. first generation firewall. |
|
QUESTION NO: 311 Proxies works by transferring a copy of each accepted data packet from one network to another, thereby masking the: A. data's payload. B. data's details. C. data's owner. D. data's origin. |
D. data's origin. |
|
QUESTION NO: 312 An application layer firewall is also called a: A. Proxy B. A Presentation Layer Gateway. C. A Session Layer Gateway. D. A Transport Layer Gateway. |
A. Proxy |
|
QUESTION NO: 313 Application Layer Firewalls operate at the: A. OSI protocol Layer seven, the Application Layer. B. OSI protocol Layer six, the Presentation Layer. C. OSI protocol Layer five, the Session Layer. D. OSI protocol Layer four, the Transport Layer. |
A. OSI protocol Layer seven, the Application Layer. |
|
QUESTION NO: 314 One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. decide what to do with each application. B. decide what to do with each user. C. decide what to do with each port. D. decide what to do with each packet. |
D. decide what to do with each packet. |
|
QUESTION NO: 315 A circuit level proxy is ___________________ when compared to an application level proxy. A. lower in processing overhead. B. more difficult to maintain. C. more secure. D. slower. |
A. lower in processing overhead. |
|
QUESTION NO: 316 In a stateful inspection firewall, data packets are captured by an inspection engine that is operating at the: A. Network or Transport Layer. B. Application Layer. C. Inspection Layer. D. Data Link Layer. |
A. Network or Transport Layer. |
|
QUESTION NO: 317 When an outgoing request is made on a port number greater than 1023, this type of firewall creates an ACL to allow the incoming reply on that port to pass: A. packet filtering B. Circuit level proxy C. Dynamic packet filtering D. Application level proxy |
C. Dynamic packet filtering |
|
QUESTION NO: 318 A demilitarized zone is: A. a part of a network perfectly safe from hackers B. a militarized network segment C. a firewall D. the network segment between the Internet and a private network |
D. the network segment between the Internet and a private network |
|
QUESTION NO: 319 A DMZ is located: A. right behind your first Internet facing firewall B. right in front of your first Internet facing firewall C. right behind your first network active firewall D. right behind your first network passive Internet http firewall |
A. right behind your first Internet facing firewall |
|
QUESTION NO: 320 The DMZ does not normally contain: A. encryption server B. web server C. external DNS server D. mail relay |
A. encryption server |
|
QUESTION NO: 321 Good security is built on which of the following concept? A. The concept of a pass-through device that only allows certain traffic in and out B. The Concept of defense in depth C. The Concept of Preventative controls D. The Concept of Defensive Controls |
B. The Concept of defense in depth |
|
QUESTION NO: 322 A DMZ is also known as a A. screened subnet B. three legged firewall C. a place to attract hackers D. bastion host |
A. screened subnet |
|
QUESTION NO: 323 The Telecommunications Security Domain of information security is also concerned with the prevention and detection of the misuse or abuse of systems, which poses a threat to the tenets of: A. Confidentiality, Integrity, and Entity (C.I.E.). B. Confidentiality, Integrity, and Authenticity (C.I.A.). C. Confidentiality, Integrity, and Availability (C.I.A.). D. Confidentiality, Integrity, and Liability (C.I.L.). |
C. Confidentiality, Integrity, and Availability (C.I.A.). |
|
QUESTION NO: 324 Network-based Intrusion Detection systems: A. Commonly reside on a discrete network segment and monitor the traffic on that network segment. B. Commonly will not reside on a discrete network segment and monitor the traffic on that network segment. C. Commonly reside on a discrete network segment and does not monitor the traffic on that network segment. D. Commonly reside on a host and monitor the traffic on that specific host. |
A. Commonly reside on a discrete network segment and monitor the traffic on that network segment. |
|
QUESTION NO: 325 Which of the following are additional terms used to describe knowledge-based IDS and behavior- based IDS? A. signature-based IDS and statistical anomaly-based IDS, respectively. B. signature-based IDS and dynamic anomaly-based IDS, respectively. C. anomaly-based IDS and statistical-based IDS, respectively. D. signature-based IDS and motion anomaly-based IDS, respectively. |
A. signature-based IDS and statistical anomaly-based IDS, respectively. |
|
QUESTION NO: 326 Knowledge-based Intrusion Detection Systems (IDS) are more common than: A. Network-based IDS B. Host-based IDS C. Behavior-based IDS D. Application-Based IDS |
C. Behavior-based IDS |
|
QUESTION NO: 327 Which RAID Level often implements a one-for-one disk to disk ratio? A. RAID Level 1 B. RAID Level 0 C. RAID Level 2 D. RAID Level 5 |
A. RAID Level 1 |
|
QUESTION NO: 328 Which cable technology refers to the CAT3 and CAT5 categories? A. Coaxial cables B. Fiber Optic cables C. Axial cables D. Twisted Pair cables |
D. Twisted Pair cables |
|
QUESTION NO: 329 The older coaxial cable has been widely replaced with twisted pair, which is extremely easy to work with, inexpensive, and also resistant to multiple host failure at once, especially when used in one of the following topology: A. Token Passing Configuration. B. Star Configuration. C. Ring Configuration. D. Point to Point Configuration. |
B. Star Configuration. |
|
QUESTION NO: 330 Which of the following was designed as a more fault-tolerant topology than Ethernet, and very resilient when properly implemented? A. Token Link. B. Token system. C. Token Ring. D. Duplicate ring. |
C. Token Ring. |
|
QUESTION NO: 331 Frame relay uses a public switched network to provide: A. Local Area Network (LAN) connectivity. B. Metropolitan Area Network (MAN) connectivity. C. Wide Area Network (WAN) connectivity. D. World Area Network (WAN) connectivity. |
C. Wide Area Network (WAN) connectivity. |
|
QUESTION NO: 332 Which of the following items is NOT primarily used to ensure integrity? A. Cyclic Redundancy Check (CRC) B. Redundant Array of Inexpensive Disks (RAID) system C. Hashing Algorithms D. The Biba Security model |
B. Redundant Array of Inexpensive Disks (RAID) system |
|
QUESTION NO: 333 Which of the following is most affected by denial-of-service (DOS) attacks? A. Confidentiality B. Integrity C. Accountability D. Availability |
D. Availability |
|
QUESTION NO: 334 Which conceptual approach to intrusion detection system is the most common? A. Behavior-based intrusion detection B. Knowledge-based intrusion detection C. Statistical anomaly-based intrusion detection D. Host-based intrusion detection |
B. Knowledge-based intrusion detection |
|
QUESTION NO: 335 Several analysis methods can be employed by an IDS, each with its own strengths and weaknesses, and their applicability to any given situation should be carefully considered. There are two basic IDS analysis methods that exist. Which of the basic method is more prone to false positive? A. Pattern Matching (also called signature analysis) B. Anomaly Detection C. Host-based intrusion detection D. Network-based intrusion detection |
B. Anomaly Detection |
|
QUESTION NO: 336 What is the primary purpose of using redundant array of inexpensive disks (RAID) level zero? A. To improve system performance. B. To maximize usage of hard disk space. C. To provide fault tolerance and protection against file server hard disk crashes. D. To implement integrity. |
A. To improve system performance. |
|
QUESTION NO: 337 Which RAID implementation stripes data and parity at block level across all the drives? A. RAID level 1 B. RAID level 2 C. RAID level 4 D. RAID level 5 |
D. RAID level 5 |
|
QUESTION NO: 338 Which RAID level concept is considered more expensive and is applied to servers to create what is commonly known as server fault tolerance? A. RAID level 0 B. RAID level 1 C. RAID level 2 D. RAID level 5 |
B. RAID level 1 |
|
QUESTION NO: 339 Which backup method only copies files that have been recently added or changed and also leaves the archive bit unchanged? A. Full backup method B. Incremental backup method C. Fast backup method D. Differential backup method |
D. Differential backup method |
|
QUESTION NO: 340 Which backup method does not reset the archive bit on files that are backed up? A. Full backup method B. Incremental backup method C. Differential backup method D. Additive backup method |
C. Differential backup method |
|
QUESTION NO: 341 Which of the following is a drawback of fiber optic cables? A. It is affected by electromagnetic interference (EMI). B. It can easily be tapped. C. The expertise needed to install it. D. The limited distance at high speeds. |
C. The expertise needed to install it. |
|
QUESTION NO: 342 What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse |
D. Logon abuse |
|
QUESTION NO: 343 What is called an attack in which an attacker floods a system with connection requests but does not respond when the target system replies to those requests? A. Ping of death attack B. SYN attack C. Smurf attack D. Buffer overflow attack |
B. SYN attack |
|
QUESTION NO: 344 Which type of attack involves hijacking a session between a host and a target by predicting the target's choice of an initial TCP sequence number? A. IP spoofing attack B. SYN flood attack C. TCP sequence number attack D. Smurf attack |
C. TCP sequence number attack |
|
QUESTION NO: 345 Which OSI/ISO layer defines how to address the physical devices on the network? A. Session layer B. Data Link layer C. Application layer D. Transport layer |
B. Data Link layer |
|
QUESTION NO: 346 Which layer defines how packets are routed between end systems? A. Session layer B. Transport layer C. Network layer D. Data link layer |
C. Network layer |
|
QUESTION NO: 347 At which of the OSI/ISO model layer is IP implemented? A. Session layer B. Transport layer C. Network layer D. Data link layer |
C. Network layer |
|
QUESTION NO: 348 Which ISO/OSI layer establishes the communications link between individual devices over a physical link or channel? A. Transport layer B. Network layer C. Data link layer D. Physical layer |
C. Data link layer |
|
QUESTION NO: 349 Which OSI/ISO layer is the Media Access Control (MAC) sublayer part of? A. Transport layer B. Network layer C. Data link layer D. Physical layer |
C. Data link layer |
|
QUESTION NO: 350 Which OSI/OSI layer defines the X.24, V.35, X.21 and HSSI standard interfaces? A. Transport layer B. Network layer C. Data link layer D. Physical layer |
D. Physical layer |
|
QUESTION NO: 351 How many layers are defined within the US Department of Defense (DoD) TCP/IP Model? A. 7 B. 5 C. 4 D. 3 |
C. 4 |
|
QUESTION NO: 352 Which layer of the TCP/IP protocol model defines the IP datagram and handles the routing of data across networks? A. Application layer B. Host-to-host transport layer C. Internet layer D. Network access layer |
C. Internet layer |
|
QUESTION NO: 353 Which layer of the TCP/IP protocol model would best correspond to the OSI/ISO model's network layer? A. Network access layer B. Application layer C. Host-to-host transport layer D. Internet layer |
D. Internet layer |
|
QUESTION NO: 354 Which layer of the DoD TCP/IP model controls the communication flow between hosts? A. Internet layer B. Host-to-host transport layer C. Application layer D. Network access layer |
B. Host-to-host transport layer |
|
QUESTION NO: 355 How many bits compose an IPv6 address? A. 32 bits B. 64 bits C. 96 bits D. 128 bits |
D. 128 bits |
|
QUESTION NO: 356 What protocol is used on the Local Area Network (LAN) to obtain an IP address from it's known MAC address? A. Reverse address resolution protocol (RARP) B. Address resolution protocol (ARP) C. Data link layer D. Network address translation (NAT) |
A. Reverse address resolution protocol (RARP) |
|
QUESTION NO: 357 Which of the following security-focused protocols has confidentiality services operating at a layer different from the others? A. Secure HTTP (S-HTTP) B. FTP Secure (FTPS) C. Secure socket layer (SSL) D. Sequenced Packet Exchange (SPX) |
A. Secure HTTP (S-HTTP) |
|
QUESTION NO: 358 Which of the following is the most secure firewall implementation? A. Dual-homed host firewalls B. Screened-subnet firewalls C. Screened-host firewalls D. Packet-filtering firewalls |
B. Screened-subnet firewalls |
|
QUESTION NO: 359 Which of the following is NOT a VPN communications protocol standard? A. Point-to-point tunnelling protocol (PPTP) B. Challenge Handshake Authentication Protocol (CHAP) C. Layer 2 tunnelling protocol (L2TP) D. IP Security |
B. Challenge Handshake Authentication Protocol (CHAP) |
|
QUESTION NO: 360 What layer of the OSI/ISO model does Point-to-point tunneling protocol (PPTP) work at? A. Data link layer B. Transport layer C. Session layer D. Network layer |
A. Data link layer |
|
QUESTION NO: 361 Which of the following statements pertaining to VPN protocol standards is false? A. L2TP is a combination of PPTP and L2F. B. L2TP and PPTP were designed for single point-to-point client to server communication. C. L2TP operates at the network layer. D. PPTP uses native PPP authentication and encryption services. |
C. L2TP operates at the network layer. |
|
QUESTION NO: 362 Which IPSec operational mode encrypts the entire data packet (including header and data) into an IPSec packet? A. Authentication mode B. Tunnel mode C. Transport mode D. Safe mode |
B. Tunnel mode |
|
QUESTION NO: 363 Which of the following category of UTP cables is specified to be able to handle gigabit Ethernet (1 Gbps) according to the EIA/TIA-568-B standards? A. Category 5e UTP B. Category 2 UTP C. Category 3 UTP D. Category 1e UTP |
A. Category 5e UTP |
|
QUESTION NO: 364 In which LAN transmission method is a source packet copied and sent to specific multiple destinations but not ALL of the destinations on the network? A. Overcast B. Unicast C. Multicast D. Broadcast |
C. Multicast |
|
QUESTION NO: 365 Which of the following can prevent hijacking of a web session? A. RSA B. SET C. SSL D. PPP |
C. SSL |
|
QUESTION NO: 366 What is defined as the rules for communicating between computers on a Local Area Network (LAN)? A. LAN Media Access methods B. LAN topologies C. LAN transmission methods D. Contention Access Control |
A. LAN Media Access methods |
|
QUESTION NO: 367 Which of the following is a LAN transmission method? A. Broadcast B. Carrier-sense multiple access with collision detection (CSMA/CD) C. Token ring D. Fiber Distributed Data Interface (FDDI) |
A. Broadcast |
|
QUESTION NO: 368 In what LAN topology do all the transmissions of the network travel the full length of cable and are received by all other stations? A. Bus topology B. Ring topology C. Star topology D. FDDI topology |
A. Bus topology |
|
QUESTION NO: 369 Which of the following IEEE standards defines the token ring media access method? A. 802.3 B. 802.11 C. 802.5 D. 802.2 |
C. 802.5 |
|
QUESTION NO: 370 Which of the following LAN devices only operates at the physical layer of the OSI/ISO model? A. Switch B. Bridge C. Hub D. Router |
C. Hub |
|
QUESTION NO: 371 Which of the following technologies has been developed to support TCP/IP networking over lowspeed serial interfaces? A. ISDN B. SLIP C. xDSL D. T1 |
B. SLIP |
|
QUESTION NO: 372 Which xDSL flavor, appropriate for home or small offices, delivers more bandwidth downstream than upstream and over longer distance? A. VDSL B. SDSL C. ADSL D. HDSL |
C. ADSL |
|
QUESTION NO: 373 Which of the following services is provided by S-RPC? A. Availability B. Accountability C. Integrity D. Authentication |
D. Authentication |
|
QUESTION NO: 374 A. DS-0 B. DS-1 C. DS-2 D. DS-3 |
B. DS-1 |
|
QUESTION NO: 375 Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks |
B. Complex configuration rules leading to misconfiguration |
|
QUESTION NO: 376 Which of the following is the simplest type of firewall? A. Stateful packet filtering firewall B. Packet filtering firewall C. Dual-homed host firewall D. Application gateway |
B. Packet filtering firewall |
|
QUESTION NO: 377 Which of the following devices enables more than one signal to be sent out simultaneously over one physical circuit? A. Router B. Multiplexer C. Channel service unit/Data service unit (CSU/DSU) D. Wan switch |
B. Multiplexer |
|
QUESTION NO: 378 Which of the following is NOT an advantage that TACACS+ has over TACACS? A. Event logging B. Use of two-factor password authentication C. User has the ability to change his password D. Ability for security tokens to be resynchronized |
A. Event logging |
|
QUESTION NO: 379 Which of the following remote access authentication systems is the most robust? A. TACACS+ B. RADIUS C. PAP D. TACACS |
A. TACACS+ |
|
QUESTION NO: 380 Which of the following is true about link encryption? A. Each entity has a common key with the destination node. B. Encrypted messages are only decrypted by the final node. C. This mode does not provide protection if anyone of the nodes along the transmission path is compromised. D. Only secure nodes are used in this type of transmission. |
C. This mode does not provide protection if anyone of the nodes along the transmission path is compromised. |
|
QUESTION NO: 381 Which of the following protects Kerberos against replay attacks? A. Tokens B. Passwords C. Cryptography D. Time stamps |
D. Time stamps |
|
QUESTION NO: 382 Which of the following offers security to wireless communications? A. S-WAP B. WTLS C. WSP D. WDP |
B. WTLS |
|
QUESTION NO: 383 Which of the following offers confidentiality to an e-mail message? A. The sender encrypting it with its private key. B. The sender encrypting it with its public key. C. The sender encrypting it with the receiver's public key. D. The sender encrypting it with the receiver's private key. |
C. The sender encrypting it with the receiver's public key. |
|
QUESTION NO: 384 Which of the following is a Wide Area Network that was originally funded by the Department of Defense, which uses TCP/IP for data interchange? A. the Internet. B. the Intranet. C. the extranet. D. the Ethernet. |
A. the Internet. |
|
QUESTION NO: 385 An intranet is an Internet-like logical network that uses: A. a firm's internal, physical network infrastructure. B. a firm's external, physical network infrastructure. C. a firm's external, physical netBIOS infrastructure. D. a firm's internal, physical netBIOS infrastructure. |
A. a firm's internal, physical network infrastructure. |
|
QUESTION NO: 386 An intranet provides more security and control than which of the following: A. private posting on the Internet. B. public posting on the Ethernet. C. public posting on the Internet. D. public posting on the Extranet. |
C. public posting on the Internet. |
|
QUESTION NO: 387 Which of the following Common Data Network Services is used to share data files and subdirectories on file servers? A. File services. B. Mail services. C. Print services. D. Client/Server services. |
A. File services. |
|
QUESTION NO: 388 Which of the following Common Data Network Services is used to send and receive email internally or externally through an email gateway device? A. File services. B. Mail services. C. Print services. D. Client/Server services. |
B. Mail services. |
|
QUESTION NO: 389 Asynchronous Communication transfers data by sending: A. bits of data sequentially B. bits of data sequentially in irregular timing patterns C. bits of data in sync with a heartbeat or clock D. bits of data simultaneously |
B. bits of data sequentially in irregular timing patterns |
|
QUESTION NO: 390 Communications devices must operate: A. at different speeds to communicate. B. at the same speed to communicate. C. at varying speeds to interact. D. at high speed to interact. |
B. at the same speed to communicate. |
|
QUESTION NO: 391 The basic language of modems and dial-up remote access systems is: A. Asynchronous Communication. B. Synchronous Communication. C. Asynchronous Interaction. D. Synchronous Interaction. |
A. Asynchronous Communication. |
|
QUESTION NO: 392 Which of the following Common Data Network Services is used to print documents to a shared printer or a print queue/spooler? A. Mail services. B. Print services. C. Client/Server services. D. Domain Name Service. |
B. Print services. |
|
QUESTION NO: 393 Which of the following Common Data Network Services allocates computing power resources among workstations with some shared resources centralized on a server? A. Print services B. File services C. Client/Server services D. Domain Name Service |
C. Client/Server services |
|
QUESTION NO: 394 Domain Name Service is a distributed database system that is used to map: A. Domain Name to IP addresses. B. MAC addresses to domain names. C. MAC Address to IP addresses. D. IP addresses to MAC Addresses. |
A. Domain Name to IP addresses. |
|
QUESTION NO: 395 The Domain Name System (DNS) is a global network of: A. servers that provide these Domain Name Services. B. clients that provide these Domain Name Services. C. hosts that provide these Domain Name Services. D. workstations that provide these Domain Name Services. |
A. servers that provide these Domain Name Services. |
|
QUESTION NO: 396 The communications products and services, which ensure that the various components of a network (such as devices, protocols, and access methods) work together refers to: A. Netware Architecture. B. Network Architecture. C. WAN Architecture. D. Multiprotocol Architecture. |
B. Network Architecture. |
|
QUESTION NO: 397 Unshielded Twisted Pair cabling is a: A. four-pair wire medium that is used in a variety of networks. B. three-pair wire medium that is used in a variety of networks. C. two-pair wire medium that is used in a variety of networks. D. one-pair wire medium that is used in a variety of networks. |
A. four-pair wire medium that is used in a variety of networks. |
|
QUESTION NO: 398 In the UTP category rating, the tighter the wind: A. the higher the rating and its resistance against interference and crosstalk. B. the slower the rating and its resistance against interference and attenuation. C. the shorter the rating and its resistance against interference and attenuation. D. the longer the rating and its resistance against interference and attenuation. |
A. the higher the rating and its resistance against interference and crosstalk. |
|
QUESTION NO: 399 What works as an E-mail message transfer agent? A. SMTP B. SNMP C. S-RPC D. S/MIME |
A. SMTP |
|
QUESTION NO: 400 Which of the following statements pertaining to packet switching is incorrect? A. Most data sent today uses digital signals over network employing packet switching. B. Messages are divided into packets. C. All packets from a message travel through the same route. D. Each network node or point examines each packet for routing. |
C. All packets from a message travel through the same route. |