Chapter 4 ReviewMcKinley Technology High School – Ms. Wiscount

What can an administrator use to detect malicious activity after it occurred?

• Firewall

• Sniffer

• Port scanner

• IDS

Of the following choices, what would detect compromises on a local server?

•HIDS

•NIPS

• Firewall

• Protocol Analyzer

Of the following choices, what represents the best choice for a system to detect attacks on a network, but not block them?

•NIDS

•NIPS

•HIDS

•HIPS

Your organization is using a NIDS. The NIDS vendor regularly provides updates for the NIDS to detect known attacks. What type of NIDS is this?

• Anomaly-based

• Signature-based

• Prevention-based

•Honey-based

You are preparing to deploy an anomaly-based detection system to monitor network activity. What would you create first?

• Flood guards

• Signatures

• Baseline

•Honeypot

Of the following choices, what can you use to divert malicious attacks on your networks away from valuable resources to relatively worthless resources?

• IDS

• Proxy server

•Web application firewall

•Honeypot

Of the following choices, what best describes the function of an IPS?

•Detect attacks

• Stop attacks in progress

• Prevent attackers from attacking

•Notify appropriate personnel of attacks

Of the following choices, what provides active protection for an operating system?

•NIDS

•NIPS

•HIDS

•HIPS

Of the following choices, what most accurately describes a NIPS?

•Detects and takes action against threats

• Provides notification of threats

•Detects and eliminates threats

• Identifies zero day vulnerabilities

You’ve recently completed a wireless audit and realize that the wireless signal from your company’s WAP reaches the parking lot. What can you do to ensures that the signal doesn’t reach outside your building?

• Increase the WAP’s power level

•Decrease the WAP’s power level

• Enable SSID broadcasting

•Disable SSID broadcasting

Which of the following secure protocols did WEP implement incorrectly, allowing attackers to crack it?

• SSL

• RC4

• CCMP

• AES

Your organization is designing an 802.11n network and wants to use the strongest security. What would you recommend?

• FTPS

• SSL

•WEP

•WPA2

Which of the following authentication mechanisms can provide centralized authentication for a wireless network?

•WPA2

• RADIUS

•Multifactor authentication

• Kerberos

You want to ensure that only specific wireless clients can access your wireless networks. Of the following choices, what provides the best solution?

•MAC filtering

• Content filtering

•NAT

•NIPS

You recently completed a wireless audit of your company’s wireless network. You’ve identified several unknown devices connected to the network and realize they are devices owned by company employees. What can you use to prevent these devices from connecting?

•MAC filtering

• Enable SSID broadcast

• Enable isolation mode on the WAP

• Reduce the power levels on the WAP

What can you do to prevent the easy discovery of a WAP?

• Enable MAC filtering

•Disable SSID broadcast

• Enable SSID broadcast

• Enable 802.1X authentication

What troubleshooting a problem with a WAP in your organization, you discover a rogue access point with the same SSID as the organization’s WAP. What is the second access point?

• IDS

•War chalking

• Evil twin

• Packet sniffer

You want to identify the physical location of a rogue access point you discovered in the footprint of your company. What would you use?

• Bluesnarfing

• Bluejacking

•War chalking

•War driving

You are hosting a wireless hotspot, and you want to segment wireless users from each other. What should you use?

• Personal mode

• Enterprise mode

• Isolation mode

•WEP

Which of the following best describes bluejacking?

• Bluejacking involves accessing data on a phone

• Bluejacking involves checking a WAP’s antenna placement, power levels and encryption techniques

• Bluejacking involves sending unsolicited messages to a phone

• Bluejacking involves a rogue access point with the same SSID as your production WAP

Someone stole an executive’s smartphone, and the phone includes sensitive data. What should you do to prevent the thief from reading the data?

• Password protect the phone

• Encrypt the data on the phone

•Use remote wipe

• Track the location of the phone

You are deploying a remote access server for your organization. Employees will use this to access the network while on the road. Of the following choices, what must you configure?

•NAC

• ACLs

•MACs

•NAT-T

Your organization is creating a site-to-site VPN tunnel between the main business location and a remote office. What can it use to create the tunnel?

•WAP2-Enterprise

• RADIUS

•NAC

• IPsec

You are planning to deploy a VPN with IPsec. Users will use the VPN to access corporate resources while they are on the road. How should you use IPsec?

•With AH in tunnel mode

•With AH in transport mode

•With ESP in tunnel mode

•With ESP in transport mode

An employee connect to the corporate network using a VPN. However, the client is not able to access internal resources, but instead receives a warning indicating their system is not up to date with current patches. What is causing the behavior?

• The VPN is using IPsec

• The VPN is not using IPsec

•NAC is disabled on the network and remediation must take place before the client can access internal resources

•NAC is enabled on the network and remdeiation must take place before the client can access internal resources

In order to provide flexible working conditions, a company has decided to allow some employeesremote access into corporate headquarters. Which of the following security technologies could beused to provide remote access? (Select TWO).

• Subnetting

•NAT

• Firewall

•NAC

• VPN

Which of the following can prevent an unauthorized person from accessing the network byplugging into an open network jack?

• 802.1X

•DHCP

• 802.1q

•NIPS

A targeted email attack sent to Sara, the company’s Chief Executive Officer (CEO), is known aswhich of the following?

•Whaling

• Bluesnarfing

• Vishing

•Dumpster diving

Which of the following specifications would Sara, an administrator, implement as a network accesscontrol?

• 802.1q

• 802.3

• . 802.11n

• 802.1x

Configuring the mode, encryption methods, and security associations are part of which of thefollowing?

• IPSec

• Full disk encryption

• 802.1x

• PKI

Which of the following would an antivirus company use to efficiently capture and analyze new andunknown malicious attacks?

• Fuzzer

• IDS

• Proxy

•Honeypot

Which of the following provides the HIGHEST level of confidentiality on a wireless network?

•Disabling SSID broadcast

•MAC filtering

•WPA2

• Packet switching

Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of thefollowing would provide the BEST level of protection?

•HIPS

• Antivirus

•NIDS

• ACL

Mike, a network administrator, has been asked to passively monitor network traffic to thecompany’s sales websites. Which of the following would be BEST suited for this task?

•HIDS

• Firewall

•NIPS

• Spam filter

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?

•War dialing

•War chalking

•War driving

• Bluesnarfing

Jane, a security administrator, has observed repeated attempts to break into a server. Which ofthe following is designed to stop an intrusion on a specific server?

•HIPS

•NIDS

•HIDS

•NIPS

Which of the following devices can Sara, an administrator, implement to detect and stop knownattacks?

• Signature-based NIDS

• Anomaly-based NIDS

• Signature-based NIPS

• Anomaly-based NIPS

While setting up a secure wireless corporate network, which of the following should Pete, anadministrator, avoid implementing?

• EAP-TLS

• PEAP

•WEP

•WPA

Which of the following are used to implement VPNs? (Select TWO).

• SFTP

• IPSec

•HTTPS

• SNMP

• SSL

Which of the following describes how Sara, an attacker, can send unwanted advertisements to amobile device?

•Man-in-the-middle

• Bluejacking

• Bluesnarfing

• Packet sniffing

Which of the following protocols can be used to secure traffic for telecommuters?

•WPA

• IPSec

• ICMP

• SMTP

Which of the following allows Pete, a security technician, to provide the MOST secure wirelessimplementation?

• Implement WPA

•Disable SSID

• Adjust antenna placement

• Implement WEP

Which of the following technologies would allow for a secure tunneled connection from one site toanother? (Select TWO).

• SFTP

• IPSec

• SSH

•HTTPS

• ICMP

Which of the following network design elements provides for a one-to-one relationship between aninternal network address and an external network address?

•NAT

•NAC

• VLAN

• PAT

Which of the following is true concerning WEP security?

•WEP keys are transmitted in plain text.

• The WEP key initialization process is flawed.

• The pre-shared WEP keys can be cracked with rainbow tables.

•WEP uses the weak RC4 cipher.

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company usesto gather data on new malware. Which of the following is being implemented by Jane’s company?

• Vulnerability scanner

•Honeynet

• Protocol analyzer

• Port scanner

The information security department regularly walks the campus and around the buildings lookingfor unauthorized open wireless networks. This is an example of which of the following?

• A site survey

• Antenna placement

•War dialing

•War driving

Matt must come up with a design solution which will enable remote users to securely accessnetwork resources. Which of the following design elements will enable Matt to meet this objective?

•DMZ

• VLAN

• VPN

•NAT

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete hasimplemented a security control to limit the connecting MAC addresses to a single port. Which ofthe following wireless attacks would this address?

• Interference

•Man-in-the-middle

• Evil twin

• Rogue access point

Matt, the security administrator, wants to secure the wireless network. Which of the followingencryption methods offers the MOST security?

•WPA2 ENT AES

•WPA2 PSK AES

•WPA2 ENT TKIP

•WPA2 PSK TKIP