d94829 d94829
Quiz by , created more than 1 year ago

CCNA Security Chapter 1 Exam

1713
4
0
d94829 d94829
Created by d94829 d94829 over 6 years ago
Close

CCNA Security Chapter 1 Exam

Question 1 of 24

1

What method can be used to mitigate ping sweeps?

Select one of the following:

  • using encrypted or hashed authentication protocols

  • installing antivirus software on hosts

  • deploying antisniffer software on all network devices

  • blocking ICMP echo and echo-replies at the network edge

Explanation

Question 2 of 24

1

What are the three major components of a worm attack? (Choose three.)

Select one or more of the following:

  • a penetration mechanism

  • an infecting vulnerability

  • a payload

  • an enabling vulnerability

  • a probing mechanism

  • a propagation mechanism

Explanation

Question 3 of 24

1

Which statement accurately characterizes the evolution of threats to network security?

Select one of the following:

  • Internal threats can cause even greater damage than external threats

  • Threats have become less sophisticated while the technical knowledge needed by an attacker has grown

  • Early Internet users often engaged in activities that would harm other users

  • Internet architects planned for network security from the beginning.

Explanation

Question 4 of 24

1

What causes a buffer overflow?

Select one of the following:

  • launching a security countermeasure to mitigate a Trojan horse

  • sending repeated connections such as Telnet to a particular device, thus denying other data sources.

  • downloading and installing too many software updates at one time

  • attempting to write more data to a memory location than that location can hold

  • sending too much information to two or more interfaces of the same device, thereby causing dropped packets

Explanation

Question 5 of 24

1

What commonly motivates cybercriminals to attack networks as compared to hactivists or state-sponsored hackers?

Select one of the following:

  • status among peers

  • fame seeking

  • financial gain

  • political reasons

Explanation

Question 6 of 24

1

Which two network security solutions can be used to mitigate DoS attacks? (Choose two.)

Select one or more of the following:

  • virus scanning

  • intrusion protection systems

  • applying user authentication

  • antispoofing technologies

  • data encryption

Explanation

Question 7 of 24

1

Which two statements characterize DoS attacks? (Choose two.)

Select one or more of the following:

  • They are difficult to conduct and are initiated only by very skilled attackers

  • They are commonly launched with a tool called L0phtCrack.

  • Examples include smurf attacks and ping of death attacks.

  • They attempt to compromise the availability of a network, host, or application

  • They always precede access attacks

Explanation

Question 8 of 24

1

An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?

Select one of the following:

  • trust exploitation

  • buffer overflow

  • man in the middle

  • port redirection

Explanation

Question 9 of 24

1

What functional area of the Cisco Network Foundation Protection framework is responsible for device-generated packets required for network operation, such as ARP message exchanges and routing advertisements?

Select one of the following:

  • data plane

  • control plane

  • management plane

  • forwarding plane

Explanation

Question 10 of 24

1

What are the three components of information security ensured by cryptography? (Choose three.)

Select one or more of the following:

  • threat prevention

  • authorization

  • confidentiality

  • countermeasures

  • integrity

  • availability

Explanation

Question 11 of 24

1

What is the primary method for mitigating malware?

Select one of the following:

  • using encrypted or hashed authentication protocols

  • installing antivirus software on all hosts

  • blocking ICMP echo and echo-replies at the network edge

  • deploying intrusion prevention systems throughout the network

Explanation

Question 12 of 24

1

What is an objective of a state-sponsored attack?

Select one of the following:

  • to gain financial prosperity

  • to sell operation system vulnerabilities to other hackers

  • to gain attention

  • to right a perceived wrong

Explanation

Question 13 of 24

1

What role does the Security Intelligence Operations (SIO) play in the Cisco SecureX architecture?

Select one of the following:

  • identifying and stopping malicious traffic

  • authenticating users

  • enforcing policy

  • identifying applications

Explanation

Question 14 of 24

1

What worm mitigation phase involves actively disinfecting infected systems?

Select one of the following:

  • Treatment

  • containment

  • inoculation

  • quarantine

Explanation

Question 15 of 24

1

How is a smurf attack conducted?

Select one of the following:

  • by sending a large number of packets to overflow the allocated buffer memory of the target device

  • by sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network

  • by sending a large number of TCP SYN packets to a target device from a spoofed source address

  • by sending an echo request in an IP packet larger than the maximum packet size of 65,535 bytes

Explanation

Question 16 of 24

1

What is a characteristic of a Trojan horse as it relates to network security?

Select one of the following:

  • Malware is contained in a seemingly legitimate executable program

  • Extreme quantities of data are sent to a particular network device interface.

  • An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.

  • Too much information is destined for a particular memory block causing additional memory areas to be affected.

Explanation

Question 17 of 24

1

What is the first step in the risk management process specified by the ISO/IEC?

Select one of the following:

  • Create a security policy.

  • Conduct a risk assessment.

  • Inventory and classify IT assets.

  • Create a security governance model.

Explanation

Question 18 of 24

1

What is the significant characteristic of worm malware?

Select one of the following:

  • A worm can execute independently

  • A worm must be triggered by an event on the host system.

  • Worm malware disguises itself as legitimate software

  • Once installed on a host system, a worm does not replicate itself.

Explanation

Question 19 of 24

1

Which condition describes the potential threat created by Instant On in a data center?

Select one of the following:

  • when the primary firewall in the data center crashes

  • when an attacker hijacks a VM hypervisor and then launches attacks against other devices in the data center

  • when the primary IPS appliance is malfunctioning

  • when a VM that may have outdated security policies is brought online after a long period of inactivity

Explanation

Question 20 of 24

1

What are the three core components of the Cisco Secure Data Center solution? (Choose three.)

Select one or more of the following:

  • mesh network

  • secure segmentation

  • visibility

  • threat defense

  • servers

  • infrastructure

Explanation

Question 21 of 24

1

A disgruntled employee is using Wireshark to discover administrative Telnet usernames and passwords. What type of network attack does this describe?

Select one of the following:

  • trust exploitation

  • denial of service

  • reconnaissance

  • port redirection

Explanation

Question 22 of 24

1

Which two statements describe access attacks? (Choose two.)

Select one or more of the following:

  • Trust exploitation attacks often involve the use of a laptop to act as a rogue access point to capture and copy all network traffic in a public location, such as a wireless hotspot.

  • To detect listening services, port scanning attacks scan a range of TCP or UDP port numbers on a host

  • Buffer overflow attacks write data beyond the hallocated buffer memory to overwrite valid data or to exploit systems to execute malicious code.

  • Password attacks can be implemented by the use os brute-force attack methods, Trojan horse, or packet sniffers.

  • Port redirection attacks use a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN.

Explanation

Question 23 of 24

1

What is a ping sweep?

Select one of the following:

  • a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services.

  • a software application that enables the capture of all network packets that are sent across a LAN

  • a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain

  • a network scanning technique that indicates the live hosts in a range of IP addresses

Explanation

Question 24 of 24

1

As a dedicated network security tool, an intrusion ________ system can provide detection and blocking of attacks in real time.

Select one of the following:

  • prevention

  • nonprevention

Explanation