Computer Science

Q: What uses mathematical calculations to compare routes based on some measurement of distance?a. route summarization c. routing metricsb. link-state routing protocols d. distance-vector routing protocols

Q: Which of the following is true about static routes?a. the metric is higher than a dynamic route c. they are used for stub networksb. they are created by routing protocols d. they change automatically as the network changes

Q: Which of the following is NOT a type of entry found in a routing table?a. default routes c. dynamic routesb. static routes d. backup routes

Q: To what type of port on a Cisco router do you connect a rollover cable?a. auxiliary c. Frame Relayb. console d. Ethernet

Q: What is contained in ARP tables?a. IP address, MAC address c. NetBIOS name, IP addressb. DNS name, IP address d. MAC address, TCP port

Q: Which of the following is a metric routers can use to determine best path?a. datagram size c. link stateb. packet TTL d. network protocol

Q: Which of the following types of traffic does NOT travel through routers?a. DNS zone transfers c. SNMP status informationb. ARP requests d. network route information

Q: Some methods of attacking a Cisco router do not require knowledge of the IOS version, so software patching is recommended.

Q: Cisco routers support both numbered and named ACLs, starting with IOS version 11.2.

Q: Current Microsoft OSs include IPv6, but to use it, you must enable it first.

Q: A rollover cable is wired similarly to an Ethernet cable except that pins 7 and 8 are crossed.

Q: To determine best path, routers use metrics such as the value of the first octet of the destination IP address.

Q: What are the signatures of malformed packets that misuse the SYN and FIN flags? Briefly describe each.

Q: What is the difference between a vanilla port scan and a strobe port scan?

Q: List the four categories of suspicious traffic categories.

Q: Describe in detail the first three packets you would see in an FTP session between client 192.168.1.132 and server 192.168.1.110; include port numbers, flags, and any other pertinent options that would be set.

Q: What is a selective acknowledgement and how does it affect transmissions?

Q: Describe the SYN flag and how it is used in the three-way handshake.

Q: What is a multiple-packet attack and what is needed by an IDPS to detect one? Provide an example.

Q: What is signature analysis?

Q: Describe the purpose of the CVE and how it works.

Q: a. back door f. signatureb. MTU g. vanilla scanc. ping sweep h. RPCd. scan throttling i. FIN packete. packet injection j. RST packet 1. crafted packets that are inserted into network traffic2. lets the other computer know it is finished sending data3. an undocumented hidden opening through which an attacker can access a computer4. a set of characteristics that define a type of network activity5. used by attackers to delay the progression of a scan6. a standard set of communications rules that allows one computer to request a service from another computer7. sent when one computer want to stop and restart the connection8. the maximum packet size that can be transmitted9. all ports from 0 to 65,535 are probed one after another 10. a series of ICMP echo request packets in a range of IP addresses

Q: In an RPC _________, a targeted host receives an RPC set request from a source IP address of 127.0.0.1.

Q: A TCP packet with no flags set is referred to as a _________ packet.

Q: In the three-way handshake, the first packet in the sequence has the ________ flag set.

Q: The _______________ part of a packet is the actual data sent from an application on one computer to an application on another.

Q: A ______________ is made up of IP numbers and options, TCP flags, and port number that define a type of network activity.

Q: Which of the following is the description of a land attack?a. the local host source address occurs in the packet c. an illegal TCP flag is found in the segment headerb. source and destination IP address/port are the same d. the attacker uses an undefined protocol number

Q: Which type of scan has the FIN, PSH, and URG flags set?a. Xmas scan c. FIN scanb. Null scan d. SYN Scan

Q: In which type of scan does an attacker scan only ports that are commonly used by specific programs?a. random scan c. ping sweepb. vanilla scan d . strobe scan

Q: Under which suspicious traffic signature category would a port scan fall?a. informational c. denial of serviceb. reconnaissance d. unauthorized access

Q: What is the packet called where a Web browser sends a request to the Web server for Web page data?a. HTML SEND c. HTTP GETb. HTTP XFER d. HTML RELAY

Q: Which of the following correctly represents the port used by FTP control traffic and FTP file transfer traffic respectively?a. 20, 25 c. 20, 23b. 21, 23 d. 21, 20

Q: What is the sequence of packets for a successful three-way handshake?a. SYN, ACK, ACK c. SYN, SYN ACK, ACKb. SYN, SYN ACK, RST d. SYN, ACK, FIN

Q: What is the typical packet sequence for closing a TCP session?a. FIN, FIN ACK, RST c. FIN ACK, FIN, ACK, RSTb. FIN, ACK, FIN ACK, ACK d. FIN, FIN ACK

Q: Which TCP flag can be the default response to a probe on a closed port?a. RST c. PSHb. URG d. SYN

Q: Which of the following is an element of the TCP header that can indicate that a connection has been established?a. Flags c. SEQ/ACK analysisb. Stream index d. Sequence number

Q: Which element of an ICMP header would indicate that the packet is an ICMP echo request message.a. Code c. Identifierb. Type d. Data

Q: Of what category of attack is a DoS attack an example?a. bad header information c. multiple-packet attackb. single-packet attack d. suspicious data payload

Q: Under which attack category does a UNIX Sendmail exploitation fall?a. bad header information c. multiple-packet attackb. single-packet attack d. suspicious data payload

Q: What type of attack does a remote-access Trojan attempt to perpetrate?a. worm c. remote denial of serviceb. back door d. composite attack

Q: What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?a. parity bit c. checksumb. CRC value d. fragment offset

Q: Which of the following is NOT a category of suspicious TCP/IP packet?a. bad header information c. suspicious data payloadb. single-packet attacks d. suspicious CRC value

Q: What is the term used when an IDPS doesn"t recognize that an attack is underway?a. false negative c. negative activityb. true positive d. positive signature

Q: Which of the following is an accurate set of characteristics you would find in an attack signature?a. IP address, attacker's alias, UDP options c. IP address, TCP flags, port numbersb. protocol options, TCP ports, region of origin d. IP number, MAC address, TCP options

Q: Which of the following is NOT among the items of information that a CVE reference reports?a. attack signature c. description of vulnerabilityb. name of the vulnerability d. reference in other databases

Q: How does the CVE standard make network security devices and tools more effective?a. the layered approach makes attacks nearly impossible c. it requires you to use compatible devices from one vendorb. they can share information about attack signatures d. it warns an attacker that your site is being monitored

Q: Packet fragmentation is not normal, and can only occur if an attack has been initiated.

Q: Newer Trojans listen at a predetermined port on the target computer so that detection is more difficult.

Q: The signature of a normal FTP connection includes a three-way handshake.

Q: An atomic attack is a barrage of hundreds of packets directed at a host.

Q: All devices interpret attack signatures uniformly.

Q: Describe the three-way handshake.

Q: Describe the TTL field in an IP packet header.

Q: What is CIDR? Give an example.

Q: Discuss variable length subnet masking.

Q: List three reasons an administrator would want to use subnetting.

Q: What are the three private IP address ranges and their associated subnet masks?

Q: List the three classes of IP address that can be assigned to network devices and their corresponding first octet range of values.

Q: Briefly describe Network Address Translation and how it makes a network more secure.

Q: List the seven layers of the OSI model.

Q: a. broadcast f. unicastb. datagram g. stateless autoconfigurationc. fragmentation h. network identifierd. multicast i. Multicast Listener Discoverye. scopes j. Network Address Translation 1. a discrete chunk of information; each datagram contains source and destination addresses, control settings, and data 2. unicast addresses used in IPv6 to identify the application suitable for the address 3. the part of an IP address that a computer has in common with other computers in its subnet 4. a process by which internal hosts are assigned private IP addresses and communicate with the Internet using a public address 5. a transmission used for one-to-many communication, in which a single host can send packets to a group of recipients 6. a transmission in which one packet is sent from a server to each client that requests a file or application 7. enables IPv6 routers to discover multicast listeners on a directly connected link and to decide which multicast addresses are of interest to those nodes 8. a communication sent to all hosts on a specific network 9. a feature of IPv6 in which a computer can connect to a network by determining its own IP address based on the addressing of neighboring nodes 10. the division of packets into smaller sizes to accommodate routers with frame size limitations

Q: The ____________ command shows current sessions with associated port numbers.

Q: ________________ IPv6 addresses are used for one-to-one or one-to-many communication.

Q: The _____________ field in an IP header is a 3-bit value indicating whether a datagram is a fragment.

Q: The ______________________ is the part of the IP address that is the same among computers in a network segment.

Q: DNS operates at the _________________ layer of the OSI model.

Q: Which of the following is the IPv6 loopback address?a. 000:000:: b. 1000:127:0:0:1 c. ::1d. ::FFFF

Q: Which of the following is a valid IPv6 address?a. 5BA4:2391:0:0:4C3E b. 1080::8:800:200C:417A c. 24::5B1A::346Cd. 5510:ABCD::34:1::2

Q: What feature in ICMPv6 replaces ARP in IPv4?a. Multicast Listener Discovery b. Neighbor Discovery c. Echo Requestd. Authentication Header

Q: Which IPv6 header field is known as the priority field?a. Version b. Flow Label c. Hop Limitd. Traffic Class

Q: Which of the following is NOT an advantage of IPv6 versus IPv4?a. larger address space b. built-in security c. supports static configurationd. NAT is unnecessary

Q: How large is the IPv6 address space?a. 32 bits b. 128 bits c. 64 bitsd. 168 bits

Q: What should you do when configuring DNS servers that are connected to the Internet in order to improve security?a. disable zone transfers b. delete the DNS cache c. disable DNS buffersd. setup DNS proxy

Q: What does a sliding window do in a TCP packet?a. ensures all packets are delivered b. provides packet security c. provides flow controld. ensures transmission reliability

Q: Which of the following is the first packet sent in the TCP three-way handshake?a. RST b. SYN c. ACKd. PSH

Q: Which of the following is a reason that UDP is faster than TCP? a. it doesn"t use port numbers c. the header is smaller b. it has a higher priority on the network d. it doesn"t guarantee delivery

1 2 3 … 99 Next »

Subjects