Networking

Q: a. ACE f. inverse maskb. ARP table g. metricsc. banner h. routingd. console port i. stub routere. convergence j. virtual terminal1/ the port on a Cisco device that permits direct physical access from a nearby computer using the serial RS-232 protocol2/ cost values that help routers assess the desirability of a link3/ virtual session access points for simultaneous access to a Cisco device4/ a state in which all routers on a network have up-to-date routing tables5/ a router that connects a stub network to the larger network6/ a network system tool that lists the MAC and IP address resolutions of otherdevices on the network, making the resolution process more efficient7/ the number in an access control list that specifies which part of an IP address is considered significant8/ an individual rule in an ACL9/ the process of transporting packets of information across a network from thesource node to the destination node10/ a message, usually a warning about appropriate use, presented to users of a digital system before authentication

Q: The enable ___________ password uses type 5 encryption and overrides the enable password.

Q: Rather than using classful routing, ________________ subnet masks allow you to divide your network into different sizes to make better use of available addresses.

Q: ____________ routes are manually configured routes that direct all packets not specifically configured in the routing table.

Q: An ARP broadcast is sent to the local subnet in an attempt to discover the destination computer's ______________ address.

Q: During the routing process, the router strips off ______________________ layer header information and then examines the Network layer address.

Q: Which protocol that runs on Cisco routers shares information between Cisco devices?a. CDP c. bootpb. TCP d. SSH

Q: What Cisco router command encrypts all passwords on the router?a. enable secret password c. crypto key passwordsb. secure passwords enable d. service password-encryption

Q: What remote shell program should you use if security is a consideration?a. rlogin c. rcpb. ssh d. rsh

Q: Which of the following types of password prevents a user from accessing privileged exec mode on a Cisco router?a. console c. enableb. AUX d. TTY

Q: Which of the following is an open standard used for authentication on Cisco routers?a. RADIUS b. ATM c. CHAPd. ACE

Q: Which of the following is a command you would find in an antispoofing ACL for network 172.31.0.0/16?a. permit ip any 172.31.0.0 0.0.255.255 log b. deny TCP 172.31.0.0 0.0.0.0 any log c. deny ip 172.31.0.0 0.0.255.255 any logd. permit icmp any any redirect

Q: What should you set up if you want to store router system log files on a server?a. AAA server b. syslog server c. TTY connectiond. buffered logging

Q: Which of the following is true about extended IP ACLs?a. the "˜established" keyword is not available except on standard ACLs b. you can apply multiple outbound ACLs on a single interface c. the default inverse mask for the source is 0.0.0.0d. they should be applied to an interface close to the traffic source

Q: Which of the following is true about standard IP ACLs?a. they can filter on source and destination IP address b. they automatically apply to all active interfaces c. a 0.0.0.0 inverse mask means all bits are significantd. they can filter on IP address and port

Q: Which of the following is true about ACLs on Cisco routers?a. there is an implicit deny any statement at the end of the ACL b. there is an explicit permit any statement at the beginning of the ACL c. ACLs are processed in reverse order so place high priority statements lastd. ACLs bound to an interface apply to inbound and outbound traffic by default

Q: Which feature of a router provides traffic flow and enhances network security?a. VLSMs c. TCPb. ACLs d. CIDR

Q: What feature does RIPng support that is not supported by RIP?a. gigabit Ethernet c. IPv6b. supernetting d. 32-bit addresses

Q: Which of the following makes routing tables more efficient?a. route summarization c. CIDRb. VLSM d. host routing

Q: What uses mathematical calculations to compare routes based on some measurement of distance?a. route summarization c. routing metricsb. link-state routing protocols d. distance-vector routing protocols

Q: Which of the following is true about static routes?a. the metric is higher than a dynamic route c. they are used for stub networksb. they are created by routing protocols d. they change automatically as the network changes

Q: Which of the following is NOT a type of entry found in a routing table?a. default routes c. dynamic routesb. static routes d. backup routes

Q: To what type of port on a Cisco router do you connect a rollover cable?a. auxiliary c. Frame Relayb. console d. Ethernet

Q: What is contained in ARP tables?a. IP address, MAC address c. NetBIOS name, IP addressb. DNS name, IP address d. MAC address, TCP port

Q: Which of the following is a metric routers can use to determine best path?a. datagram size c. link stateb. packet TTL d. network protocol

Q: Which of the following types of traffic does NOT travel through routers?a. DNS zone transfers c. SNMP status informationb. ARP requests d. network route information

Q: Some methods of attacking a Cisco router do not require knowledge of the IOS version, so software patching is recommended.

Q: Cisco routers support both numbered and named ACLs, starting with IOS version 11.2.

Q: Current Microsoft OSs include IPv6, but to use it, you must enable it first.

Q: A rollover cable is wired similarly to an Ethernet cable except that pins 7 and 8 are crossed.

Q: To determine best path, routers use metrics such as the value of the first octet of the destination IP address.

Q: What are the signatures of malformed packets that misuse the SYN and FIN flags? Briefly describe each.

Q: What is the difference between a vanilla port scan and a strobe port scan?

Q: List the four categories of suspicious traffic categories.

Q: Describe in detail the first three packets you would see in an FTP session between client 192.168.1.132 and server 192.168.1.110; include port numbers, flags, and any other pertinent options that would be set.

Q: What is a selective acknowledgement and how does it affect transmissions?

Q: Describe the SYN flag and how it is used in the three-way handshake.

Q: What is a multiple-packet attack and what is needed by an IDPS to detect one? Provide an example.

Q: What is signature analysis?

Q: Describe the purpose of the CVE and how it works.

Q: a. back door f. signatureb. MTU g. vanilla scanc. ping sweep h. RPCd. scan throttling i. FIN packete. packet injection j. RST packet 1. crafted packets that are inserted into network traffic2. lets the other computer know it is finished sending data3. an undocumented hidden opening through which an attacker can access a computer4. a set of characteristics that define a type of network activity5. used by attackers to delay the progression of a scan6. a standard set of communications rules that allows one computer to request a service from another computer7. sent when one computer want to stop and restart the connection8. the maximum packet size that can be transmitted9. all ports from 0 to 65,535 are probed one after another 10. a series of ICMP echo request packets in a range of IP addresses

Q: In an RPC _________, a targeted host receives an RPC set request from a source IP address of 127.0.0.1.

Q: A TCP packet with no flags set is referred to as a _________ packet.

Q: In the three-way handshake, the first packet in the sequence has the ________ flag set.

Q: The _______________ part of a packet is the actual data sent from an application on one computer to an application on another.

Q: A ______________ is made up of IP numbers and options, TCP flags, and port number that define a type of network activity.

Q: Which of the following is the description of a land attack?a. the local host source address occurs in the packet c. an illegal TCP flag is found in the segment headerb. source and destination IP address/port are the same d. the attacker uses an undefined protocol number

Q: Which type of scan has the FIN, PSH, and URG flags set?a. Xmas scan c. FIN scanb. Null scan d. SYN Scan

Q: In which type of scan does an attacker scan only ports that are commonly used by specific programs?a. random scan c. ping sweepb. vanilla scan d . strobe scan

Q: Under which suspicious traffic signature category would a port scan fall?a. informational c. denial of serviceb. reconnaissance d. unauthorized access

Q: What is the packet called where a Web browser sends a request to the Web server for Web page data?a. HTML SEND c. HTTP GETb. HTTP XFER d. HTML RELAY

Q: Which of the following correctly represents the port used by FTP control traffic and FTP file transfer traffic respectively?a. 20, 25 c. 20, 23b. 21, 23 d. 21, 20

Q: What is the sequence of packets for a successful three-way handshake?a. SYN, ACK, ACK c. SYN, SYN ACK, ACKb. SYN, SYN ACK, RST d. SYN, ACK, FIN

Q: What is the typical packet sequence for closing a TCP session?a. FIN, FIN ACK, RST c. FIN ACK, FIN, ACK, RSTb. FIN, ACK, FIN ACK, ACK d. FIN, FIN ACK

Q: Which TCP flag can be the default response to a probe on a closed port?a. RST c. PSHb. URG d. SYN

Q: Which of the following is an element of the TCP header that can indicate that a connection has been established?a. Flags c. SEQ/ACK analysisb. Stream index d. Sequence number

Q: Which element of an ICMP header would indicate that the packet is an ICMP echo request message.a. Code c. Identifierb. Type d. Data

Q: Of what category of attack is a DoS attack an example?a. bad header information c. multiple-packet attackb. single-packet attack d. suspicious data payload

Q: Under which attack category does a UNIX Sendmail exploitation fall?a. bad header information c. multiple-packet attackb. single-packet attack d. suspicious data payload

Q: What type of attack does a remote-access Trojan attempt to perpetrate?a. worm c. remote denial of serviceb. back door d. composite attack

Q: What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?a. parity bit c. checksumb. CRC value d. fragment offset

Q: Which of the following is NOT a category of suspicious TCP/IP packet?a. bad header information c. suspicious data payloadb. single-packet attacks d. suspicious CRC value

Q: What is the term used when an IDPS doesn"t recognize that an attack is underway?a. false negative c. negative activityb. true positive d. positive signature

Q: Which of the following is an accurate set of characteristics you would find in an attack signature?a. IP address, attacker's alias, UDP options c. IP address, TCP flags, port numbersb. protocol options, TCP ports, region of origin d. IP number, MAC address, TCP options

Q: Which of the following is NOT among the items of information that a CVE reference reports?a. attack signature c. description of vulnerabilityb. name of the vulnerability d. reference in other databases

Q: How does the CVE standard make network security devices and tools more effective?a. the layered approach makes attacks nearly impossible c. it requires you to use compatible devices from one vendorb. they can share information about attack signatures d. it warns an attacker that your site is being monitored

Q: Packet fragmentation is not normal, and can only occur if an attack has been initiated.

1 2 3 … 25 Next »

Subjects