CCNA Security Chapter 1 Exam

Beschreibung

CCNA Security Chapter 1 Exam
d94829 d94829
Quiz von d94829 d94829, aktualisiert more than 1 year ago
d94829 d94829
Erstellt von d94829 d94829 vor mehr als 6 Jahre
1713
4

Zusammenfassung der Ressource

Frage 1

Frage
What method can be used to mitigate ping sweeps?
Antworten
  • using encrypted or hashed authentication protocols
  • installing antivirus software on hosts
  • deploying antisniffer software on all network devices
  • blocking ICMP echo and echo-replies at the network edge

Frage 2

Frage
What are the three major components of a worm attack? (Choose three.)
Antworten
  • a penetration mechanism
  • an infecting vulnerability
  • a payload
  • an enabling vulnerability
  • a probing mechanism
  • a propagation mechanism

Frage 3

Frage
Which statement accurately characterizes the evolution of threats to network security?
Antworten
  • Internal threats can cause even greater damage than external threats
  • Threats have become less sophisticated while the technical knowledge needed by an attacker has grown
  • Early Internet users often engaged in activities that would harm other users
  • Internet architects planned for network security from the beginning.

Frage 4

Frage
What causes a buffer overflow?
Antworten
  • launching a security countermeasure to mitigate a Trojan horse
  • sending repeated connections such as Telnet to a particular device, thus denying other data sources.
  • downloading and installing too many software updates at one time
  • attempting to write more data to a memory location than that location can hold
  • sending too much information to two or more interfaces of the same device, thereby causing dropped packets

Frage 5

Frage
What commonly motivates cybercriminals to attack networks as compared to hactivists or state-sponsored hackers?
Antworten
  • status among peers
  • fame seeking
  • financial gain
  • political reasons

Frage 6

Frage
Which two network security solutions can be used to mitigate DoS attacks? (Choose two.)
Antworten
  • virus scanning
  • intrusion protection systems
  • applying user authentication
  • antispoofing technologies
  • data encryption

Frage 7

Frage
Which two statements characterize DoS attacks? (Choose two.)
Antworten
  • They are difficult to conduct and are initiated only by very skilled attackers
  • They are commonly launched with a tool called L0phtCrack.
  • Examples include smurf attacks and ping of death attacks.
  • They attempt to compromise the availability of a network, host, or application
  • They always precede access attacks

Frage 8

Frage
An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?
Antworten
  • trust exploitation
  • buffer overflow
  • man in the middle
  • port redirection

Frage 9

Frage
What functional area of the Cisco Network Foundation Protection framework is responsible for device-generated packets required for network operation, such as ARP message exchanges and routing advertisements?
Antworten
  • data plane
  • control plane
  • management plane
  • forwarding plane

Frage 10

Frage
What are the three components of information security ensured by cryptography? (Choose three.)
Antworten
  • threat prevention
  • authorization
  • confidentiality
  • countermeasures
  • integrity
  • availability

Frage 11

Frage
What is the primary method for mitigating malware?
Antworten
  • using encrypted or hashed authentication protocols
  • installing antivirus software on all hosts
  • blocking ICMP echo and echo-replies at the network edge
  • deploying intrusion prevention systems throughout the network

Frage 12

Frage
What is an objective of a state-sponsored attack?
Antworten
  • to gain financial prosperity
  • to sell operation system vulnerabilities to other hackers
  • to gain attention
  • to right a perceived wrong

Frage 13

Frage
What role does the Security Intelligence Operations (SIO) play in the Cisco SecureX architecture?
Antworten
  • identifying and stopping malicious traffic
  • authenticating users
  • enforcing policy
  • identifying applications

Frage 14

Frage
What worm mitigation phase involves actively disinfecting infected systems?
Antworten
  • Treatment
  • containment
  • inoculation
  • quarantine

Frage 15

Frage
How is a smurf attack conducted?
Antworten
  • by sending a large number of packets to overflow the allocated buffer memory of the target device
  • by sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network
  • by sending a large number of TCP SYN packets to a target device from a spoofed source address
  • by sending an echo request in an IP packet larger than the maximum packet size of 65,535 bytes

Frage 16

Frage
What is a characteristic of a Trojan horse as it relates to network security?
Antworten
  • Malware is contained in a seemingly legitimate executable program
  • Extreme quantities of data are sent to a particular network device interface.
  • An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.
  • Too much information is destined for a particular memory block causing additional memory areas to be affected.

Frage 17

Frage
What is the first step in the risk management process specified by the ISO/IEC?
Antworten
  • Create a security policy.
  • Conduct a risk assessment.
  • Inventory and classify IT assets.
  • Create a security governance model.

Frage 18

Frage
What is the significant characteristic of worm malware?
Antworten
  • A worm can execute independently
  • A worm must be triggered by an event on the host system.
  • Worm malware disguises itself as legitimate software
  • Once installed on a host system, a worm does not replicate itself.

Frage 19

Frage
Which condition describes the potential threat created by Instant On in a data center?
Antworten
  • when the primary firewall in the data center crashes
  • when an attacker hijacks a VM hypervisor and then launches attacks against other devices in the data center
  • when the primary IPS appliance is malfunctioning
  • when a VM that may have outdated security policies is brought online after a long period of inactivity

Frage 20

Frage
What are the three core components of the Cisco Secure Data Center solution? (Choose three.)
Antworten
  • mesh network
  • secure segmentation
  • visibility
  • threat defense
  • servers
  • infrastructure

Frage 21

Frage
A disgruntled employee is using Wireshark to discover administrative Telnet usernames and passwords. What type of network attack does this describe?
Antworten
  • trust exploitation
  • denial of service
  • reconnaissance
  • port redirection

Frage 22

Frage
Which two statements describe access attacks? (Choose two.)
Antworten
  • Trust exploitation attacks often involve the use of a laptop to act as a rogue access point to capture and copy all network traffic in a public location, such as a wireless hotspot.
  • To detect listening services, port scanning attacks scan a range of TCP or UDP port numbers on a host
  • Buffer overflow attacks write data beyond the hallocated buffer memory to overwrite valid data or to exploit systems to execute malicious code.
  • Password attacks can be implemented by the use os brute-force attack methods, Trojan horse, or packet sniffers.
  • Port redirection attacks use a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN.

Frage 23

Frage
What is a ping sweep?
Antworten
  • a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services.
  • a software application that enables the capture of all network packets that are sent across a LAN
  • a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain
  • a network scanning technique that indicates the live hosts in a range of IP addresses

Frage 24

Frage
As a dedicated network security tool, an intrusion ________ system can provide detection and blocking of attacks in real time.
Antworten
  • prevention
  • nonprevention
Zusammenfassung anzeigen Zusammenfassung ausblenden

ähnlicher Inhalt

CCNA Security Final Exam
Maikel Degrande
Security Guard Training
Summit College
ISACA CISM Exam Glossary
Fred Jones
Security
annelieserainey
Securities Regulation
harpratap_singh
2W151 Volume 1: Safety and Security - Quiz 7
Joseph Whilden J
Security Quiz Review
Rylan Blah
Security Policies
indysingh7285
2W151 Volume 1: Safety and Security - Quiz 6
Joseph Whilden J
Security (2)
Daniel Freedman
Certified Security Compliance Specialist
jnkdmls