03-Sy0-401-Network Security-01C

Front 1

Question:
With WPA 2, the encryption keys that are used for each client are: (Choose all that apply.)

Back 1

A) totally unique
B) client specific
C) reused only after every 3000 rounds of exchange
D) reused only after every 30000 rounds of exchange

Hint 1

A)* and
B)*Explanation: WPA 2 creates fresh session keys on every association. The encryption keys that are used for each
client are totally unique and client specific.

Front 2

Question:
What mechanism can be used to filter the MAC addresses of wireless clients that are allowed to connect to the AP?

Back 2

A) MAC filter
B) MAC table
C) CAM table filter
D) routing table poisoning
E) ARP table poisoning

Hint 2

A)*Explanation: You may use a MAC filter to filter the MAC addresses of wireless clients that are allowed to connect
to the AP. Every wireless adaptor has a MAC address hard coded into it anyway.

Front 3

Question:
Which of the following is a protection feature built into many firewalls that allows the administrator to tweak the
tolerance for unanswered login attacks?

Back 3

A) MAC filter
B) Flood guard
C) MAC limiter
D) Security posture

Hint 3

B)*Explanation: A flood guard is a protection feature built into many firewalls that allows the administrator to tweak
the tolerance for unanswered login attacks. Reducing this tolerance makes it possible to lessen the likelihood of a
successful DoS attack.

Front 4

Question:
Talking about antenna types, a __________ antenna has two identical conductive elements bilaterally symmetrical.

Back 4

A) Dipole
B) Monopole
C) Omnidirectional
D) Tripole

Hint 4

A)*Explanation: Talking about antenna types, a dipole antenna has two identical conductive elements bilaterally
symmetrical, while a monopole antenna has one conductor with one side of the feedline connected.

Front 5

Question:
To avoid potential documentary errors and security leaks, the configuration of firewalls should not be documented
unless strictly necessary.

Back 5

A) False
True
True only if you have no existing hardware inventory in place.
True only if your firewall is not from a name brand manufacturer.

Hint 5

A)* FalseExplanation: Firewall configuration, administration and operational procedures should be documented.
Configuration of multiple firewalls should be identical. Integrity checking of the configuration files of the firewall
should be performed regularly.

Front 6

Question:
Which of the following provides services similar to TCP and UDP for WAP?

Back 6

A) WTLS
B) WDP
C) WTP
D) WFMD

Hint 6

C)*Explanation: The Wireless Transaction Protocol (WTP) provides services similar to TCP and UDP for WAP.

Front 7

Question:
Which of the following services use only TCP ports and not UDP?

Back 7

A) IMAP
B) LDAP
C) FTPS
D) SFTP

Hint 7

D)*Explanation: SFTP uses only TCP ports. IMAP, LDAP, and FTPS all use both TCP and UDP ports.

Front 8

Question:
Which protocol is mainly used to enable access to the Internet from a mobile device or smartphone?

Back 8

A) WEP
B) WTLS
C) WAP
D) WPO

Hint 8

C)*Explanation: Wireless Application Protocol (WAP) is an open international standard for applications that use
wireless communication.

Front 9

Question:
Which feature of cloud computing involves dynamically provisioning (or de-provisioning) resources as needed?

Back 9

A) Multitenancy
B) Elasticity
C) CMDB
D) Sandboxing

Hint 9

B)*Explanation: Elasticity is a feature of cloud computing that involves dynamically provisioning (or deprovisioning)
resources as needed.

Front 10

Question:
Which of the following is synonymous with MAC filtering?

Back 10

A) TKIP
B) Network lock
C) EAP-TTLS
D) MAC Secure

Hint 10

B)*Explanation: The term network lock is synonymous with MAC filtering.

Front 11

Question:
Secure router configuration may be achieved if:

Back 11

A) All the latest patches are applied.
B) Hardware based routers are deployed.
C) Software based routers are deployed.
D) Routing takes place at layer 4.
E) Routing takes place at layer 7.

Hint 11

A)* Explanation: Routing takes place at layer 3. If it is compromised, then your network will be in great danger. You
should implement the necessary security measures as recommended by the vendor to secure the router. Make sure
all the latest patches are applied.

Front 12

Question:

Remote access allows your users to dial in from any place that has:

Back 12

A) a normal phone connection
B) a broadband connection only
C) an ISDN connection only
D) a FDDI connection only

Hint 12

A)*Explanation: Remote access allows your users to dial in from any place that has a normal phone connection. Once
a connection is made, the user can access programs or data on the network, subject to security clearance via the
remote access server.

Front 13

Question:
Which RAID level writes parity to two different drives, thus providing fault tolerance to the system even in the
event of the failure of two drives in the array?

Back 13

A) RAID 0+1
B) RAID 6
C) RAID 5
D) RAID 1+0

Hint 13

B)*Explanation: RAID 6 writes parity to two different drives, thus providing fault tolerance to the system even in the
event of the failure of two drives in the array.

Front 14

Question:
To protect against email spamming in an effective manner, you should install:

Back 14

A) spam filter software
B) VPN concentrator
C) event viewer
D) packet sniffer
E) None of the choices.

Hint 14

A)*Explanation: To protect against email spamming, you should install spam filter software, and consider removing
all unused mail daemons. Spam filters may work at the server side, or at the client end, depending on the software
you choose.

Front 15

Question:
Which of the following strategies involves sharing some of the risk burden with someone else, such as an insurance
company?

Back 15

A) Risk acceptance
B) Risk avoidance
C) Risk deterrence
D) Risk mitigation
E) Risk transference

Hint 15

E)*Explanation: Risk transference involves sharing some of the risk burden with someone else, such as an insurance
company.

Front 16

Question:
Which of the following are available protocols for security purposes? (Choose all that apply.)

Back 16

A)* IPSec
B)* TLS
C)* SSL
D)* SSH
E)* NetBIOS

Hint 16

All*Explanation: A protocol is a language that both hosts must follow in order to communicate. The different available
protocols include IPSec, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SCP, ICMP, IPv4, IPv6, ISCSI,
Fibre Channel, FCoE, FTP SFTP, TFTP, TELNET, HTTP, and NetBIOS. IPSec is an encryption standard. TLS is
transport layer security. SSL is for HTTPS. SSH is secure shell.

Front 17

Question:

Which of the following are multiport devices that improve network efficiency?

Back 17

A) Switches
B) Modems
C) Gateways
D) Concentrators

Hint 17

A)*Explanation: Switches are multiport devices that improve network efficiency. A switch typically has a small
amount of information about systems in a network.

Front 18

Question:
You may use a flood guard system to defend against:

Back 18

A) DDOS attacks
B) virus attacks
C) trojan horses
D) root kits
E) shoulder servings

Hint 18

A)*Explanation: Distributed denial of service (DDOS) uses a large number of compromised hosts to flood a target
system with network requests. You may use a flood guard system or software to defend against flooding attempts.

Front 19

Question:
All site surveys share the goal of:

Back 19

A) Determining the number and placement of APs for providing adequate coverage.
B) Determining the horizontal position of APs for providing adequate coverage.
C) Determining the vertical position of APs for providing adequate coverage.
D) Determining the polarization of APs for providing adequate coverage.

Hint 19

A)*Explanation: A site survey has the goal of determining the number and placement of APs for providing adequate
coverage. It is a MUST for any wireless network installation and implementation effort.

Front 20

Question:
Which of the following strategies necessitates an identified risk that those involved understand the potential
cost/damage and agree to live with it?

Back 20

A) Risk acceptance
B) Risk avoidance
C) Risk deterrence
D) Risk mitigation
E) Risk transference

Hint 20

A)*Explanation: Risk acceptance necessitates an identified risk that those involved understand the potential cost or
damage and agree to accept it.

Front 21

Question:
Segmentation and traffic isolation at layer 3 generally requires:

Back 21

A) subnetting
B) supernetting
C) route summarization
D) route reduction

Hint 21

A)* Explanation: With a router, hosts attached to the router ports are not on the same subnet. This is about
segmentation and traffic isolation. Subnetting is required for this configuration to be established.

Front 22

Question:
Which of the following are available for file transfer? (Choose all that apply.)

Back 22

A) SFTP
B) TFTP
C) FTP
D) DNS
E) FCoE
F) ISCSI

Hint 22

A)* SFTP
B)* TFTP
C)* FTPExplanation: A protocol is a language - one that both hosts must follow in order to communicate. The different
available protocols include IPSec, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SCP, ICMP, IPv4, IPv6,
ISCSI, Fibre Channel, FCoE, FTP SFTP, TFTP, TELNET, HTTP, and NetBIOS. FTP and its variations are for file
transfer over the internet.

Front 23

Question:

What can be used to offer an extra layer of protection on the network for those hosts running behind the firewall?

Back 23

A) DMZ
B) Reverse proxy
C) Caching only proxy
D) Load balancer
E) Load concentrator

Hint 23

A)*Explanation: A demilitarized zone (DMZ) is a small IP subnetwork. It sits between the trusted internal LAN and
the public Internet. It is an extra layer of protection for those hosts running behind the firewall.

Front 24

Question:
Which IDS system uses algorithms to analyze the traffic passing through the network?

Back 24

A) Arithmetical
B) Alegbraic
C) Statistical
D) Heuristic

Hint 24

D)*Explanation: A heuristic system uses algorithms to analyze the traffic passing through the network.

Front 25

Question:
Although a hybrid cloud could be any mixture of cloud delivery models, it is usually a combination of which of the
following?

Back 25

A) Public and community
B) Public and private
C) Private and community
D) Two or more communities

Hint 25

B)*Explanation: While a hybrid cloud could be any mixture of cloud delivery models, it is usually a combination of
public and private.

Front 26

Question:
You've been notified that you'll soon be transferred to another site. Before you leave, you're to audit the network
and document everything in use and the reason why it's in use. Thenext administrator will use this documentation
to keep the network running. Which of the following protocols isn't a tunneling protocol but is probably used at
your site by tunnelingprotocols for network security?

Back 26

A) IPSec
B) PPTP
C) L2TP
D) L2F

Hint 26

A)*Explanation: IPSec provides network security for tunneling protocols. IPSec can be used with many different
protocols besides TCP/IP, and it has two modes of security.

Front 27

Question:
You're outlining your plans for implementing a wireless network to upper management. Suddenly, a vice president
brings up the question of security. Which protocol was designedto provide security for a wireless network and is
considered equivalent to the security of a wired network?

Back 27

A) WAP
B) WTLS
C) WPA2
D) IR

Hint 27

C)*Explanation: Wi-Fi Protected Access 2 (WPA2) was intended to provide security that's equivalent to that on a
wired network, and it implements elements of the 802.11i standard.

Front 28

Question:
Which of the following can be implemented as a software or hardware solution and is usually associated with a
device-a router, a firewall, NAT, and so on-used to shift a load from one device to another?

Back 28

A) Proxy
B) Hub
C) Load Balancer
D) Switch

Hint 28

C)*Explanation: A load balancer can be implemented as a software or hardware solution and is usually associated
with a device-a router, a firewall, NAT, and so on. As the name implies, it is used to shift a load from one device to
another.

Front 29

Question:
Packets between the WAP server and the Internet may be intercepted. What is this vulnerability known as?

Back 29

A) Packet sniffing
B) Minding the gap
C) Middle man
D) Broken promise

Hint 29

A)*Explanation: When the interconnection between the WAP server and the Internet isn't encrypted, packets between
the devices may be intercepted; this vulnerability is known as packet sniffing.

Front 30

Question:
Talking about access control lists, an ACCESS_MASK is:

Back 30

A) specific to the object you are trying to create.
B) not specific to the object you are trying to create.
C) always encrypted.
D) always 64 bit.

Hint 30

A)*Explanation: A fundamental means of enforcing privilege separation and controlling access are access control lists
(ACLs). Under this system, an ACCESS_MASK is specific to the object you are trying to create.

Front 31

Question:
Which of the following is a method of capturing a virtual machine at a given point in time?

Back 31

A) Snapshot
B) Photograph
C) Syslog
D) WMI

Hint 31

A)*Explanation: A snapshot is a method of capturing a virtual machine at a given point in time.

Front 32

Question:
WPA is a strong form of wireless security because it uses ____________ to dynamically generate keys.

Back 32

A) TKIP
B) AES
C) 3DES
D) Blowfish

Hint 32

A)*Explanation: WPA is a stronger form of wireless security than WEP because it uses Temporal Key Integrity
Protocol (TKIP) to dynamically generate keys.

Front 33

Question:
Which cloud delivery model is implemented by a single organization, enabling it to be implemented behind a
firewall?

Back 33

A) Private
B) Public
C) Community
D) Hybrid

Hint 33

A)*Explanation: A private cloud delivery model is implemented by a single organization and can be implemented
behind a firewall.

Front 34

Question:
As more and more clients have been added to your network, the efficiency of the network has decreased
significantly. You're preparing a budget for next year, and you specificallywant to address this problem. Which of
the following devices acts primarily as a tool to improve network efficiency?

Back 34

A) Hub
B) Switch
C) Router
D) PBX

Hint 34

B)*Explanation: Switches create virtual circuits between systems in a network. These virtual circuits are somewhat
private and reduce network traffic when used.

Front 35

Question:
Talking about Antenna Placement, you want to know that the manner in which electromagnetic wave moves may
best be determined by:

Back 35

A) Polarization
B) Shape
C) Height
D) Direction

Hint 35

A)*Explanation: The manner in which electromagnetic wave moves may be determined by polarization. Vertical
polarization means the wave moves up and down, while horizontal polarization means the wave moves left and
right.

Front 36

Question:
802.1X is an IEEE standard that provides:

Back 36

A) PNAC
B) RBAC
C) CBAC
D) TBAC

Hint 36

A)*Explanation: 802.1X is an IEEE standard that provides Port-based Network Access Control (PNAC). It makes use
of the physical access characteristics of the existing LAN infrastructure to perform authentication and authorization
of devices attached to the LAN.

Front 37

Question:
Upper management has decreed that a firewall must be put in place immediately, before your site suffers an attack
similar to one that struck a sister company. Responding to thisorder, your boss instructs you to implement a packet
filter by the end of the week. A packet filter performs which function?

Back 37

A) Prevents unauthorized packets from entering the network
B) Allows all packets to leave the network
C) Allows all packets to enter the network
D) Eliminates collisions in the network

Hint 37

A)*Explanation: Packet filters prevent unauthorized packets from entering or leaving a network. Packet filters are a
type of firewall that blocks specified port traffic.

Front 38

Question:
Switches are better than hubs because:

Back 38

A) they can correct traffic jam problems
B) they can filter out viruses
C) they can filter out malware
D) they can serve as firewall
E) they can perform routing

Hint 38

A)*Explanation: A hub gathers groups of nodes together. A switch is better than a hub as it can correct traffic jam
problems, making sure data will go straight to its proper destination.

Front 39

Question:
The risk-assessment component, in conjunction with the _______, provides the organization with an accurate
picture of the situation facing it.

Back 39

A) RAC
B) ALE
C) BIA
D) RMG

Hint 39

C)*Explanation: The risk-assessment component, in conjunction with the business impact analysis (BIA), provides an
organization with an accurate picture of the situation it faces.

Front 40

Question:
Tammy is having difficulty getting a signal from the AP on the second floor of her home office to the basement.
You recommend that she replace the antenna on the AP. What measurement should she use to compare gain
between possible antenna options?

Back 40

A) ios
B) GB/s
C) MHz
D) dBi

Hint 40

D)*Explanation: The dBi number indicates the amount of gain the antenna offers.

Front 41

Question:
NIDS is an advanced version of NIPS.

Back 41

A) False
True
True only when the NIDS is vendor specific.
True only when the NIDS is patched.

Hint 41

A)* FalseExplanation: NIDS can inspect inbound and outbound network activity and identify suspicious patterns that may
be a sign of attack. NIPS is the next step up, and can carry out proactive actions against the detected threats. You
can think of NIPS as the advanced version of NIDS.

Front 42

Question:
You're the chief security contact for MTS. One of your primary tasks is to document everything related to security
and create a manual that can be used to manage the company inyour absence. Which documents should be
referenced in your manual as the ones that identify the methods used to accomplish a given task?

Back 42

A) Policies
B) Standards
C) Guidelines
D) BIA

Hint 42

C)*Explanation: Guidelines help clarify processes to maintain standards. Guidelines tend to be less formal than
policies or standards.

Front 43

Question:
Which cloud delivery model could be considered an amalgamation of other types of delivery models?

Back 43

A) Private
B) Public
C) Community
D) Hybrid

Hint 43

D)*Explanation: The hybrid delivery model can be considered an amalgamation of other types of delivery models.

Front 44

Question:

What technology is used to simplify network setup by allowing a router to have the administrator push a button on
it to allow a new host to join?

Back 44

A) WEP
B) WPA
C) WTLS
D) WPS

Hint 44

D)*Explanation: WPS (Wi-Fi Protected Setup) is intended to simplify network setup for home and small offices.

Front 45

Question:
You want to perform log analysis for what purpose?

Back 45

A) To try to make sense out of the captured traffic.
B) To try to implement IPS.
C) To try to backup the system state.
D) To try to enhance switching performance.

Hint 45

A)*Explanation: You want to capture unicast, multicast and broadcast traffic and perform log analysis - you do this to
try to make sense out of the captured traffic.

Front 46

Question:
WPA provides payload integrity via AES.

Back 46

A) False
True
True on certain devices only.
This is rather manufacturer specific.

Hint 46

A)*Explanation: WPA can provide payload integrity, but it does not use Advanced Encryption Standard (AES). It is
still more secure than WEP.

Front 47

Question:
What types of systems utilize parallel processing (improving performance and availability) and add redundancy?

Back 47

A) Loaded
B) Collected
C) Clustered
D) Dispersed

Hint 47

C)*Explanation: Clustered systems utilize parallel processing (improving performance and availability) and add
redundancy.