Pregunta 1
Pregunta
What is a potential risk when using a free and open wireless hotspot in a public location?
Respuesta
-
Too many users trying to connect to the Internet may cause a network traffic jam.
-
The Internet connection can become too slow when many users access the wireless hotspot.
-
Network traffic might be hijacked and information stolen.
-
Purchase of products from vendors might be required in exchange for the Internet access.
Pregunta 2
Pregunta
How does a security information and event management system (SIEM) in a SOC help the personnel fight against security threats?
Respuesta
-
by integrating all security devices and appliances in an organization
-
by analyzing logging data in real time
-
by combining data from multiple technologies
-
by dynamically implementing firewall rules
Pregunta 3
Pregunta
Which statement best describes a motivation of hacktivists?
Respuesta
-
They are part of a protest group behind a political cause.
-
They are curious and learning hacking skills.
-
They are trying to show off their hacking skills.
-
They are interested in discovering new exploits.
Pregunta 4
Pregunta
If a SOC has a goal of 99.999% uptime, how many minutes of downtime a year would be considered within its goal?
Respuesta
-
Approximately 5 minutes per year.
-
Approximately 10 minutes per year.
-
Approximately 20 minutes per year.
-
Approximately 30 minutes per year.
Pregunta 5
Pregunta
Why do IoT devices pose a greater risk than other computing devices on a network?
Respuesta
-
Most IoT devices do not require an Internet connection and are unable to receive new updates.
-
IoT devices cannot function on an isolated network with only an Internet connection.
-
Most IoT devices do not receive frequent firmware updates.
-
IoT devices require unencrypted wireless connections.
Pregunta 6
Pregunta
Which two services are provided by security operations centers? (Choose two.)
Respuesta
-
managing comprehensive threat solutions
-
ensuring secure routing packet exchanges
-
responding to data center physical break-ins
-
monitoring network security threats
-
providing secure Internet connections
Pregunta 7
Pregunta
Users report that a database file on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?
Respuesta
-
man-in-the-middle attack
-
DoS attack
-
Ransomware
-
Trojan horse
Pregunta 8
Pregunta
Which organization offers the vendor-neutral CySA+ certification?
Pregunta 9
Pregunta
What was used as a cyberwarfare weapon to attack a uranium enrichment facility in Iran?
Respuesta
-
DDoS
-
SQL injection
-
PSYOPS
-
Stuxnet
Pregunta 10
Pregunta
Which three technologies should be included in a SOC security information and event management system? (Choose three.)
Respuesta
-
firewall appliance
-
security monitoring
-
log management
-
intrusion prevention
-
proxy service
-
threat intelligence
Pregunta 11
Pregunta
Which personnel in a SOC is assigned the task of verifying whether an alert triggered by monitoring software represents a true security incident?
Respuesta
-
SOC Manager
-
Tier 2 personnel
-
Tier 3 personnel
-
Tier 1 personnel
Pregunta 12
Pregunta
Which statement describes cyberwarfare?
Respuesta
-
Cyberwarfare is an attack carried out by a group of script kiddies.
-
It is a series of personal protective equipment developed for soldiers involved in nuclear war.
-
It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario.
-
It is Internet-based conflict that involves the penetration of information systems of other nations.
Pregunta 13
Pregunta
In the operation of a SOC, which system is frequently used to let an analyst select alerts from a pool to investigate?
Pregunta 14
Pregunta
What name is given to an amateur hacker?
Respuesta
-
red hat
-
script kiddie
-
black hat
-
blue team
Pregunta 15
Pregunta
Which personnel in a SOC are assigned the task of hunting for potential threats and implementing threat detection tools?
Respuesta
-
Tier 1 Analyst
-
SOC Manager
-
Tier 2 Incident Reporter
-
Tier 3 SME
Pregunta 16
Pregunta
What utility is available on a Windows PC to view current running applications and processes?
Respuesta
-
nslookup
-
ipconfig
-
Control Panel
-
Task Manager
Pregunta 17
Pregunta
A user logs in to Windows with a regular user account and attempts to use an application that requires administrative privileges. What can the user do to successfully use the application?
Respuesta
-
Right-click the application and choose Run as root.
-
Right-click the application and choose Run as Priviledge.
-
Right-click the application and choose Run as Administrator.
-
Right-click the application and choose Run as Superuser.
Pregunta 18
Pregunta
A technician can ping the IP address of the web server of a remote company but cannot successfully ping the URL address of the same web server. Which software utility can the technician use to diagnose the problem?
Respuesta
-
nslookup
-
tracert
-
netstat
-
ipconfig
Pregunta 19
Pregunta
Where are the settings that are chosen during the installation process stored?
Pregunta 20
Pregunta
What technology was created to replace the BIOS program on modern personal computer motherboards?
Pregunta 21
Pregunta
Which two things can be determined by using the ping command? (Choose two.)
Respuesta
-
the number of routers between the source and destination device
-
the destination device is reachable through the network
-
the average time it takes each router in the path between source and destination to respond
-
the IP address of the router nearest the destination device
-
the average time it takes a packet to reach the destination and for the response to return to the source
Pregunta 22
Pregunta
What function is provided by the Windows Task Manager?
Respuesta
-
It provides an active list of TCP connections.
-
It maintains system logs.
-
It selectively denies traffic on specified interfaces.
-
It provides information on system resources and processes.
Pregunta 23
Pregunta
Which type of Windows PowerShell command performs an action and returns an output or object to the next command that will be executed?
Respuesta
-
scripts
-
functions
-
cmdlets
-
routines
Pregunta 24
Pregunta
What would be displayed if the netstat -abno command was entered on a Windows PC?
Respuesta
-
all active TCP and UDP connections, their current state, and their associated process ID (PID)
-
only active TCP connections in an ESTABLISHED state
-
only active UDP connections in an LISTENING state
-
a local routing table
Pregunta 25
Pregunta
Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.)
Respuesta
-
ipconfig /flushdns
-
net cisco.com
-
nslookup cisco.com
-
ping cisco.com
-
nbtstat cisco.com
Pregunta 26
Pregunta
Refer to the exhibit. A cyber security administrator is attempting to view system information from the Windows PowerShell and recieves the error message shown. “The requested operation requires elevation.”
What action does the administrator need to take to successfully run the command?
Respuesta
-
Run the command from the command prompt.
-
Install latest Windows updates.
-
Restart the abno service in Task Manager.
-
Run PowerShell as administrator.
Pregunta 27
Pregunta
Refer to the exhibit. A cybersecurity analyst is investigating a reported security incident on a Microsoft Windows computer. Which tool is the analyst using?
Respuesta
-
Event Viewer
-
PowerShell
-
Task Manager
-
Performance Monitor
Pregunta 28
Pregunta
For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?
Respuesta
-
firewall settings
-
MAC address settings
-
smartcard settings
-
file system settings
Pregunta 29
Pregunta
Consider the path representation in Windows CLI C:\Users\Jason\Desktop\mydocu.txt. What does the Users\Jason component represent?
Pregunta 30
Pregunta
Which two user accounts are automatically created when a user installs Windows to a new computer? (Choose two.)
Respuesta
-
superuser
-
guest
-
root
-
administrator
-
system
Pregunta 31
Pregunta
What term is used to describe a logical drive that can be formatted to store data?
Respuesta
-
partition
-
track
-
sector
-
cluster
-
volume
Pregunta 32
Pregunta
What is the purpose of entering the netsh command on a Windows PC?
Respuesta
-
to create user accounts
-
to test the hardware devices on the PC
-
to change the computer name for the PC
-
to configure networking parameters for the PC
Pregunta 33
Pregunta
A technician is troubleshooting a PC unable to connect to the network. What command should be issued to check the IP address of the device?
Respuesta
-
ipconfig
-
ping
-
tracert
-
nslookup
Pregunta 34
Pregunta
Refer to the exhibit. Which Microsoft Windows application is being used?
Respuesta
-
Event Viewer
-
PowerShell
-
Task Manager
-
Performance Monitor
Pregunta 35
Pregunta
What are two reasons for entering the ipconfig command on a Windows PC? (Choose two.)
Respuesta
-
to review the network configuration on the PC
-
to check if the DNS server can be contacted
-
to ensure that the PC can connect to remote networks
-
to review the status of network media connections
-
to display the bandwidth and throughput of the network connection
Pregunta 36
Pregunta
What are two advantages of the NTFS file system compared with FAT32? (Choose two.)
Respuesta
-
NTFS allows the automatic detection of bad sectors.
-
NTFS is easier to configure.
-
NTFS allows faster formatting of drives.
-
NTFS provides more security features.
-
NTFS supports larger files.
-
NTFS allows faster access to external peripherals such as a USB drive.
Pregunta 37
Pregunta
What is the purpose of using the net accounts command in Windows?
Respuesta
-
to start a network service
-
to display information about shared network resources
-
to show a list of computers and network devices on the network
-
to review the settings of password and logon requirements for users
Pregunta 38
Pregunta
What are two reasons for entering the ping 127.0.0.1 command on a Windows PC? (Choose two.)
Respuesta
-
to check if the NIC functions as expected
-
to check if the default gateway is configured correctly
-
to display the bandwidth and throughput of the network connection
-
to check if the TCP/IP protocol suite is installed properly
-
to ensure that the PC can connect to remote networks
Pregunta 39
Pregunta
Why would a network administrator choose Linux as an operating system in the Security Operations Center (SOC)?
Respuesta
-
It is easier to use than other operating systems.
-
It is more secure than other server operating systems.
-
The administrator has more control over the operating system.
-
More network applications are created for this environment
Pregunta 40
Pregunta
Which Linux command can be used to display the name of the current working directory?
Pregunta 41
Pregunta
Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file?
ls –l analyst.txt
-rwxrw-r-- sales staff 1028 May 28 15:50 analyst.txt
Respuesta
-
write only
-
read, write, execute
-
read, write
-
read only
Pregunta 42
Pregunta
A Linux system boots into the GUI by default, so which application can a network administrator use in order to access the CLI environment?
Respuesta
-
file viewer
-
package management tool
-
terminal emulator
-
system viewer
Pregunta 43
Pregunta
The image displays a laptop that is acting as the SSH client that is communicating with an SSH server.
Refer to the exhibit. Which well-known port number is used by the server?
Pregunta 44
Pregunta
How is a server different from a workstation computer?
Respuesta
-
The server works as a standalone computer.
-
The server is designed to provide services to clients.
-
The workstation has fewer applications installed.
-
The workstation has more users who attach to it.
Pregunta 45
Pregunta
Which two methods can be used to harden a computing device? (Choose two.)
Respuesta
-
Allow default services to remain enabled.
-
Update patches on a strict annual basis irrespective of release date.
-
Enforce the password history mechanism.
-
Ensure physical security.
-
Allow USB auto-detection.
Pregunta 46
Pregunta
What is the main purpose of the X Window System?
Respuesta
-
to provide a customizable CLI environment
-
to provide a basic framework for a GUI
-
to provide remote access to a Linux-based system
-
to provide a basic set of penetration testing tools
Pregunta 47
Pregunta
Which Linux command is used to manage processes?
Pregunta 48
Pregunta
Why is Linux considered to be better protected against malware than other operating systems?
Respuesta
-
fewer deployments
-
integrated firewall
-
customizable penetration and protection tools
-
file system structure, file permissions, and user account restrictions
Pregunta 49
Pregunta
Which two Linux commands might be used before using the kill command? (Choose two.)
Pregunta 50
Pregunta
What term is used for operating system updates?
Respuesta
-
patches
-
new releases
-
penetration testing
-
packages
Pregunta 51
Pregunta
What term describes a set of software tools designed to increase the privileges of a user or to grant access to the user to portions of the operating system that should not normally be allowed?
Respuesta
-
penetration testing
-
package manager
-
rootkit
-
compiler
Pregunta 52
Pregunta
What is the well-known port address number used by DNS to serve requests?
Pregunta 53
Pregunta
Which file system is the primary file system used by Apple in current Macintosh computers? (спорный вопрос = оба варианта ответа подходят, но в книге указан лишь HFS+).
Pregunta 54
Pregunta
Which type of tool allows administrators to observe and understand every detail of a network transaction?
Respuesta
-
malware analysis tool
-
packet capture software
-
ticketing system
-
log manager
Pregunta 55
Pregunta
Which command can be utilized to view log entries of NGINX system events in real time?
Respuesta
-
sudo journalctl –u nginx.service -f
-
sudo journalctl –f
-
sudo journalctl –until "1 hour ago"
-
sudo journalctl –u nginx.services
Pregunta 56
Pregunta
What is the purpose of a Linux package manager?
Respuesta
-
It provides access to settings and the shutdown function.
-
It is used to compile code that creates an application.
-
It is used to install an application.
-
It provides a short list of tasks a particular application can perform.
Pregunta 57
Pregunta
Which user can override file permissions on a Linux computer?
Respuesta
-
only the creator of the file
-
any user that has 'group' permission to the file
-
any user that has 'other' permission to the file
-
root user
Pregunta 58
Pregunta
Which Linux file system introduced the journaled file system, which can be used to minimize the risk of file system corruption in the event of a sudden power loss?
Pregunta 59
Pregunta
What is the method employed by a Linux kernel to create new processes for multitasking of a process?
Pregunta 60
Pregunta
What is a purpose of apt-get commands?
Respuesta
-
to configure an appointment for a specific date and time
-
to configure and manage task (to-do) lists
-
to update the operating system
-
to apportion and configure a part of the hard disk for file storage
Pregunta 61
Pregunta
How is a DHCPDISCOVER transmitted on a network to reach a DHCP server?
Respuesta
-
A DHCPDISCOVER message is sent with a multicast IP address that all DHCP servers listen to as the destination address.
-
A DHCPDISCOVER message is sent with the broadcast IP address as the destination address.
-
A DHCPDISCOVER message is sent with the IP address of the default gateway as the destination address.
-
A DHCPDISCOVER message is sent with the IP address of the DHCP server as the destination address.
Pregunta 62
Pregunta
A high school in New York (school A) is using videoconferencing technology to establish student interactions with another high school (school B) in Russia. The videoconferencing is conducted between two end devices through the Internet. The network administrator of school A configures the end device with the IP address 209.165.201.10. The administrator sends a request for the IP address for the end device in school B and the response is 192.168.25.10. Neither school is using a VPN. The administrator knows immediately that this IP will not work. Why?
Respuesta
-
This is a link-local address.
-
This is a loopback address.
-
There is an IP address conflict.
-
This is a private IP address.
Pregunta 63
Pregunta
What is a socket?
Respuesta
-
the combination of the source and destination sequence numbers and port numbers
-
the combination of a source IP address and port number or a destination IP address and port number
-
the combination of the source and destination sequence and acknowledgment numbers
-
the combination of the source and destination IP address and source and destination Ethernet address
Pregunta 64
Pregunta
What part of the URL, http://www.cisco.com/index.html, represents the top-level DNS domain?
Pregunta 65
Pregunta
Refer to the exhibit. A cybersecurity analyst is viewing captured ICMP echo request packets sent from host A to host B on switch S2. What is the source MAC address of Ethernet frames carrying the ICMP echo request packets?
Respuesta
-
08-CB-8A-5C-D5-BA
-
00-D0-D3-BE-79-26
-
00-60-0F-B1-D1-11
-
01-90-C0-E4-55-BB
Pregunta 66
Pregunta
Refer to the exhibit. A cybersecurity analyst is viewing captured packets forwarded on switch S1. Which device has the MAC address 50:6a:03:96:71:22?
Respuesta
-
PC-A
-
router DG
-
DSN server
-
router ISP
-
web server
Pregunta 67
Pregunta
Which term is used to describe the process of placing one message format inside another message format?
Respuesta
-
encoding
-
multiplexing
-
encapsulation
-
segmentation
Pregunta 68
Pregunta
Which PDU format is used when bits are received from the network medium by the NIC of a host?
Respuesta
-
frame
-
file
-
packet
-
segment
Pregunta 69
Pregunta
What are two features of ARP? (Choose two.)
Respuesta
-
An ARP request is sent to all devices on the Ethernet LAN and contains the IP address of the destination host and its multicast MAC address.
-
If no device responds to the ARP request, then the originating node will broadcast the data packet to all devices on the network segment.
-
When a host is encapsulating a packet into a frame, it refers to the MAC address table to determine the mapping of IP addresses to MAC addresses.
-
If a host is ready to send a packet to a local destination device and it has the IP address but not the MAC address of the destination, it generates an ARP broadcast.
-
If a device receiving an ARP request has the destination IPv4 address, it responds with an ARP reply.
Pregunta 70
Pregunta
In NAT translation for internal hosts, what address would be used by external users to reach internal hosts?
Respuesta
-
outside global
-
outside local
-
inside local
-
inside global
Pregunta 71
Pregunta
Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC2. In this scenario, what will happen next?
Respuesta
-
SW1 will send an ARP reply with the PC2 MAC address.
-
PC2 will send an ARP reply with its MAC address.
-
RT1 will send an ARP reply with its Fa0/0 MAC address.
-
RT1 will send an ARP reply with the PC2 MAC address.
-
SW1 will send an ARP reply with its Fa0/1 MAC address.
Pregunta 72
Pregunta
Which two characteristics are associated with UDP sessions? (Choose two.)
Respuesta
-
Unacknowledged data packets are retransmitted.
-
Destination devices receive traffic with minimal delay.
-
Destination devices reassemble messages and pass them to an application.
-
Transmitted data segments are tracked.
-
Received data is unacknowledged.
Pregunta 73
Pregunta
Refer to the exhibit. What is the global IPv6 address of the host in uncompressed format?
Respuesta
-
2001:0DB8:0000:0000:0BAF:0000:3F57:FE94
-
2001:0DB8:0000:0BAF:0000:0000:3F57:FE94
-
2001:DB80:0000:0000:BAF0:0000:3F57:FE94
-
2001:0DB8:0000:0000:0000:0BAF:3F57:FE94
Pregunta 74
Pregunta
What is the purpose of the routing process?
Respuesta
-
to provide secure Internet file transfer
-
to convert a URL name into an IP address
-
to forward traffic on the basis of MAC addresses
-
to encapsulate data that is used to communicate across a network
-
to select the paths that are used to direct traffic to destination networks
Pregunta 75
Pregunta
Which application layer protocol uses message types such as GET, PUT, and POST?
Pregunta 76
Pregunta
Which transport layer feature is used to guarantee session establishment?
Respuesta
-
UDP sequence number
-
TCP 3-way handshake
-
TCP port number
-
UDP ACK flag
Pregunta 77
Pregunta
What is the prefix length notation for the subnet mask 255.255.255.224?
Pregunta 78
Pregunta
What are two potential network problems that can result from ARP operation? (Choose two.)
Respuesta
-
Multiple ARP replies result in the switch MAC address table containing entries that match the MAC addresses of hosts that are connected to the relevant switch port.
-
Network attackers could manipulate MAC address and IP address mappings in ARP messages with the intent of intercepting network traffic.
-
On large networks with low bandwidth, multiple ARP broadcasts could cause data communication delays.
-
Manually configuring static ARP associations could facilitate ARP poisoning or MAC address spoofing.
-
Large numbers of ARP request broadcasts could cause the host MAC address table to overflow and prevent the host from communicating on the network.
Pregunta 79
Pregunta
Which TCP mechanism is used to identify missing segments?
Respuesta
-
sequence numbers
-
FCS
-
acknowledgments
-
window size
Pregunta 80
Pregunta
What is the purpose of ICMP messages?
Respuesta
-
to provide feedback of IP packet transmissions
-
to monitor the process of a domain name to IP address resolution
-
to inform routers about network topology changes
-
to ensure the delivery of an IP packet
Pregunta 81
Pregunta
What happens if part of an FTP message is not delivered to the destination?
Respuesta
-
The message is lost because FTP does not use a reliable delivery method.
-
The part of the FTP message that was lost is re-sent.
-
The FTP source host sends a query to the destination host.
-
The entire FTP message is re-sent.
Pregunta 82
Pregunta
What is the primary purpose of NAT?
Respuesta
-
conserve IPv4 addresses
-
allow peer-to-peer file sharing
-
enhance network performance
-
increase network security
Pregunta 83
Pregunta
Why does a Layer 3 device perform the ANDing process on a destination IP address and subnet mask?
Respuesta
-
to identify the network address of the destination network
-
to identify the host address of the destination host
-
to identify the broadcast address of the destination network
-
to identify faulty frames
Pregunta 84
Pregunta
Refer to the exhibit. Using the network in the exhibit, what would be the default gateway address for host A in the 192.133.219.0 network?
Respuesta
-
192.135.250.1
-
192.133.219.0
-
192.133.219.1
-
192.31.7.1
Pregunta 85
Pregunta
Which three IP addresses are private ? (Choose three.)
Respuesta
-
192.167.10.10
-
10.1.1.1
-
192.168.5.5
-
172.16.4.4
-
172.32.5.2
-
224.6.6.6
Pregunta 86
Pregunta
What are two types of addresses found on network end devices? (Choose two.)
Pregunta 87
Pregunta
Which OSI layer header is rewritten with new addressing information by a router when forwarding between LAN segments?
Respuesta
-
Layer 2
-
Layer 3
-
Layer 4
-
Layer 7
Pregunta 88
Pregunta
Which protocol provides authentication, integrity, and confidentiality services and is a type of VPN?
Pregunta 89
Pregunta
What are two uses of an access control list? (Choose two.)
Respuesta
-
ACLs can control which areas a host can access on a network.
-
ACLs provide a basic level of security for network access.
-
Standard ACLs can restrict access to specific applications and ports.
-
ACLs can permit or deny traffic based upon the MAC address originating on the router.
-
ACLs assist the router in determining the best path to a destination.
Pregunta 90
Pregunta
Which protocol or service is used to automatically synchronize the software clocks on Cisco routers?
Pregunta 91
Pregunta
Which wireless parameter is used by an access point to broadcast frames that include the SSID?
Respuesta
-
passive mode
-
security mode
-
channel setting
-
active mode
Pregunta 92
Pregunta
A Cisco router is running IOS 15. What are the two routing table entry types that will be added when a network administrator brings an interface up and assigns an IP address to the interface? (Choose two.)
Respuesta
-
route that is learned via OSPF
-
route that is learned via EIGRP
-
route that is manually entered by a network administrator
-
directly connected interface
-
local route interface
Pregunta 93
Pregunta
Refer to the exhibit. The network "A" contains multiple corporate servers that are accessed by hosts from the Internet for information about the corporation. What term is used to describe the network marked as "A"?
Pregunta 94
Pregunta
What is the role of an IPS?
Respuesta
-
to detect patterns of malicious traffic by the use of signature files
-
to filter traffic based on defined rules and connection context
-
to filter traffic based on Layer 7 information
-
to enforce access control policies based on packet content
Pregunta 95
Pregunta
Which two features are included by both TACACS+ and RADIUS protocols? (Choose two.)
Pregunta 96
Pregunta
What does the TACACS+ protocol provide in a AAA deployment?
Respuesta
-
AAA connectivity via UDP
-
compatibility with previous TACACS protocols
-
authorization on a per-user or per-group basis
-
password encryption without encrypting the packet
Pregunta 97
Pregunta
Which parameter is commonly used to identify a wireless network name when a home wireless AP is being configured?
Pregunta 98
Pregunta
What information within a data packet does a router use to make forwarding decisions?
Respuesta
-
the destination service requested
-
the destination IP address
-
the destination host name
-
the destination MAC address
Pregunta 99
Pregunta
Which protocol creates a virtual point-to-point connection to tunnel unencrypted traffic between Cisco routers from a variety of protocols?
Pregunta 100
Pregunta
Which two statements are true about NTP servers in an enterprise network? (Choose two.)
Respuesta
-
NTP servers at stratum 1 are directly connected to an authoritative time source.
-
NTP servers ensure an accurate time stamp on logging and debugging information.
-
There can only be one NTP server on an enterprise network.
-
All NTP servers synchronize directly to a stratum 1 time source.
-
NTP servers control the mean time between failures (MTBF) for key network devices.
Pregunta 101
Pregunta
What is true concerning physical and logical topologies?
Respuesta
-
Physical topologies display the IP addressing scheme of each network.
-
Logical topologies refer to how a network transfers data between devices.
-
The logical topology is always the same as the physical topology.
-
Physical topologies are concerned with how a network transfers frames.
Pregunta 102
Pregunta
Which layer of the hierarchical design model is a control boundary between the other layers?
Respuesta
-
access
-
network
-
distribution
-
core
Pregunta 103
Pregunta
Which protocol or service allows network administrators to receive system messages that are provided by network devices?
Pregunta 104
Pregunta
What is a function of a proxy firewall?
Respuesta
-
uses signatures to detect patterns in network traffic
-
drops or forwards traffic based on packet header information
-
connects to remote servers on behalf of clients
-
filters IP traffic between bridged interfaces
Pregunta 105
Pregunta
What is the function of the distribution layer of the three-layer network design model?
Respuesta
-
aggregating access layer connections
-
providing high speed connection to the network edge
-
providing secure access to the Internet
-
providing direct access to the network
Pregunta 106
Pregunta
Which LAN topology requires a central intermediate device to connect end devices?
Pregunta 107
Pregunta
Which device can control and manage a large number of corporate APs?
Pregunta 108
Pregunta
For which discovery mode will an AP generate the most traffic on a WLAN?
Respuesta
-
active mode
-
mixed mode
-
passive mode
-
open mode
Pregunta 109
Pregunta
What is a feature of the TACACS+ protocol?
Respuesta
-
It utilizes UDP to provide more efficient packet transfer.
-
It hides passwords during transmission using PAP and sends the rest of the packet in plaintext.
-
It encrypts the entire body of the packet for more secure communications.
-
It combines authentication and authorization as one process.
Pregunta 110
Pregunta
What is the only attribute used by standard access control lists to identify traffic?
Respuesta
-
source MAC address
-
protocol type
-
source IP address
-
source TCP port
Pregunta 111
Pregunta
What type of malware has the primary objective of spreading across the network?
Respuesta
-
virus
-
worm
-
Trojan horse
-
botnet
Pregunta 112
Pregunta
Why would a rootkit be used by a hacker?
Respuesta
-
to gain access to a device without being detected
-
to do reconnaissance
-
to reverse engineer binary files
-
to try to guess a password
Pregunta 113
Pregunta
Which type of hacker is motivated to protest against political and social issues?
Respuesta
-
cybercriminal
-
script kiddie
-
vulnerability broker
-
hacktivist
Pregunta 114
Pregunta
What is a characteristic of a Trojan horse as it relates to network security?
Respuesta
-
Extreme quantities of data are sent to a particular network device interface.
-
An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.
-
Too much information is destined for a particular memory block, causing additional memory areas to be affected.
-
Malware is contained in a seemingly legitimate executable program.
Pregunta 115
Pregunta
What is a botnet?
Respuesta
-
a group of web servers that provide load balancing and fault tolerance
-
an online video game intended for multiple players
-
a network that allows users to bring their own technology
-
a network of infected computers that are controlled as a group
Pregunta 116
Pregunta
Which type of Trojan horse security breach uses the computer of the victim as the source device to launch other attacks?
Respuesta
-
DoS
-
FTP
-
data-sending
-
proxy
Pregunta 117
Pregunta
What is the primary goal of a DoS attack?
Respuesta
-
to prevent the target server from being able to handle additional requests
-
to scan the data on the target server
-
to facilitate access to external networks
-
to obtain all addresses in the address book within the server
Pregunta 118
Pregunta
What is a main purpose of launching an access attack on network systems?
Respuesta
-
to prevent other users from accessing the system
-
to scan for accessible networks
-
to gather information about the network
-
to retrieve data
Pregunta 119
Pregunta
What causes a buffer overflow?
Respuesta
-
launching a security countermeasure to mitigate a Trojan horse
-
attempting to write more data to a memory location than that location can hold
-
sending repeated connections such as Telnet to a particular device, thus denying other data sources
-
sending too much information to two or more interfaces of the same device, thereby causing dropped packets
-
downloading and installing too many software updates at one time
Pregunta 120
Pregunta
A company pays a significant sum of money to hackers in order to regain control of an email and data server. Which type of security attack was used by the hackers?
Respuesta
-
DoS
-
spyware
-
Trojan horse
-
ransomware
Pregunta 121
Pregunta
What is the term used to describe an email that is targeting a specific person employed at a financial institution?
Respuesta
-
spam
-
spyware
-
vishing
-
target phishing
-
spear phishing
Pregunta 122
Pregunta
Which access attack method involves a software program that attempts to discover a system password by the use of an electronic dictionary?
Respuesta
-
packet sniffer attack
-
denial of service attack
-
buffer overflow attack
-
brute-force attack
-
port redirection attack
-
IP spoofing attack
Pregunta 123
Pregunta
In what way are zombies used in security attacks?
Respuesta
-
They are infected machines that carry out a DDoS attack.
-
They are maliciously formed code segments used to replace legitimate applications.
-
They target specific individuals to gain corporate or personal information.
-
They probe a group of machines for open ports to learn which services are running
Pregunta 124
Pregunta
What are two evasion methods used by hackers? (Choose two.)
Respuesta
-
scanning
-
encryption
-
access attack
-
phishing
-
resource exhaustion
Pregunta 125
Pregunta
What are two purposes of launching a reconnaissance attack on a network? (Choose two.)
Respuesta
-
to retrieve and modify data
-
to scan for accessibility
-
to escalate access privileges
-
to prevent other users from accessing the system
-
to gather information about the network and devices
Pregunta 126
Pregunta
What are three techniques used in social engineering attacks? (Choose three.)
Respuesta
-
vishing
-
phishing
-
pretexting
-
buffer overflow
-
man-in-the-middle
-
sending junk email
Pregunta 127
Pregunta
An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?
Respuesta
-
port redirection
-
trust exploitation
-
buffer overflow
-
man in the middle
Pregunta 128
Pregunta
A user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.)
Respuesta
-
The computer emits a hissing sound every time the pencil sharpener is used.
-
The computer freezes and requires reboots.
-
No sound emits when an audio CD is played.
-
The computer gets increasingly slower to respond.
-
The computer beeps once during the boot process.
Pregunta 129
Pregunta
Which type of security attack would attempt a buffer overflow?
Respuesta
-
ransomware
-
reconnaissance
-
DoS
-
scareware
Pregunta 130
Pregunta
What is a significant characteristic of virus malware?
Respuesta
-
Virus malware is only distributed over the Internet.
-
Once installed on a host system, a virus will automatically propagate itself to other systems.
-
A virus is triggered by an event on the host system.
-
A virus can execute independently of the host system
Pregunta 131
Pregunta
A senior citizen receives a warning on the computer that states that the operating system registry is corrupt and to click a particular link to repair it. Which type of malware is being used to try to create the perception of a computer threat to the user?
Respuesta
-
DoS
-
scareware
-
phishing
-
adware
Pregunta 132
Pregunta
What is the motivation of a white hat attacker?
Respuesta
-
fine tuning network devices to improve their performance and efficiency
-
taking advantage of any vulnerability for illegal personal gain
-
studying operating systems of various platforms to develop a new system
-
discovering weaknesses of networks and systems to improve the security level of these systems
Pregunta 133
Pregunta
What is a ping sweep?
Respuesta
-
a network scanning technique that indicates the live hosts in a range of IP addresses.
-
a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain.
-
a software application that enables the capture of all network packets that are sent across a LAN.
-
a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services
Pregunta 134
Pregunta
What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?
Respuesta
-
Trojan
-
vishing
-
phishing
-
backdoor
Pregunta 135
Pregunta
What are the three major components of a worm attack? (Choose three.)
Pregunta 136
Pregunta
Which security threat installs on a computer without the knowledge of the user and then monitors computer activity?
Respuesta
-
spyware
-
viruses
-
worms
-
adware
Pregunta 137
Pregunta
What are two monitoring tools that capture network traffic and forward it to network monitoring devices? (Choose two.)
Respuesta
-
SPAN
-
network tap
-
SNMP
-
SIEM
-
Wireshark
Pregunta 138
Pregunta
Which technology is an open source SIEM system?
Respuesta
-
Wireshark
-
StealWatch
-
Splunk
-
ELK
Pregunta 139
Pregunta
What network attack seeks to create a DoS for clients by preventing them from being able to obtain a DHCP lease?
Respuesta
-
IP address spoofing
-
DHCP starvation
-
CAM table attack
-
DHCP spoofing
Pregunta 140
Pregunta
Which protocol would be the target of a cushioning attack?
Pregunta 141
Pregunta
Which network monitoring capability is provided by using SPAN?
Respuesta
-
Network analysts are able to access network device log files and to monitor network behavior.
-
Statistics on packets flowing through Cisco routers and multilayer switches can be captured.
-
Traffic exiting and entering a switch is copied to a network monitoring device.
-
Real-time reporting and long-term analysis of security events are enabled.
Pregunta 142
Pregunta
Which type of DNS attack involves the cybercriminal compromising a parent domain and creating multiple subdomains to be used during the attacks?
Pregunta 143
Pregunta
Refer to the exhibit. What protocol would be used by the syslog server service to create this type of output for security purposes?
Pregunta 144
Pregunta
What is the result of a passive ARP poisoning attack?
Respuesta
-
Confidential information is stolen.
-
Network clients experience a denial of service.
-
Data is modified in transit or malicious data is inserted in transit.
-
Multiple subdomains are created.
Pregunta 145
Pregunta
Which term is used for bulk advertising emails flooded to as many end users as possible?
Respuesta
-
spam
-
adware
-
brute force
-
phishing
Pregunta 146
Pregunta
Which capability is provided by the aggregation function in SIEM?
Respuesta
-
reducing the volume of event data by consolidating duplicate event records
-
searching logs and event records of multiple sources for more complete forensic analysis
-
presenting correlated and aggregated event data in real-time monitoring
-
increasing speed of detection and reaction to security threats by examining logs from many systems and applications
Pregunta 147
Pregunta
Which protocol is attacked when a cybercriminal provides an invalid gateway in order to create a man-in-the-middle attack?
Respuesta
-
HTTP or HTTPS
-
ICMP
-
DNS
-
DHCP
Pregunta 148
Pregunta
Which network monitoring tool can provide a complete audit trail of basic information of all IP flows on a Cisco router and forward the data to a device?
Respuesta
-
SPAN
-
Wireshark
-
NetFlow
-
SIEM
Pregunta 149
Pregunta
What are two methods used by cybercriminals to mask DNS attacks? (Choose two.)
Pregunta 150
Pregunta
Which protocol is exploited by cybercriminals who create malicious iFrames?
Pregunta 151
Pregunta
Which SIEM function is associated with speeding up detection of security threats by examining logs and events from different systems?
Respuesta
-
forensic analysis
-
retention
-
correlation
-
aggregation
Pregunta 152
Pregunta
In which TCP attack is the cybercriminal attempting to overwhelm a target host with half-open TCP connections?
Respuesta
-
reset attack
-
session hijacking attack
-
port scan attack
-
SYN flood attack
Pregunta 153
Pregunta
In which type of attack is falsified information used to redirect users to malicious Internet sites?
Pregunta 154
Pregunta
Refer to the exhibit. A junior network administrator is inspecting the traffic flow of a particular server in order to make security recommendations to the departmental supervisor. Which recommendation should be made?
Respuesta
-
A more secure protocol should be used.
-
The total length (TL) field indicates an unsecure Layer 4 protocol is being used.
-
The person accessing the server should never access it from a device using a private IP address.
-
The person accessing the server should use the private IP address of the server.
Pregunta 155
Pregunta
Which network monitoring tool saves captured packets in a PCAP file?
Respuesta
-
Wireshark
-
SIEM
-
SNMP
-
NetFlow
Pregunta 156
Pregunta
Which cyber attack involves a coordinated attack from a botnet of zombie computers?
Respuesta
-
ICMP redirect
-
MITM
-
DDoS
-
address spoofing
Pregunta 157
Pregunta
How is optional network layer information carried by IPv6 packets?
Respuesta
-
inside an options field that is part of the IPv6 packet header
-
inside the Flow Label field
-
inside the payload carried by the IPv6 packet
-
inside an extension header attached to the main IPv6 packet header
Pregunta 158
Pregunta
What type of attack targets an SQL database using the input field of a user?
Respuesta
-
Cross-site scripting
-
SQL injection
-
buffer overflow
-
XML injection
Pregunta 159
Pregunta
What network monitoring technology enables a switch to copy and forward traffic sent and received on multiple interfaces out another interface toward a network analysis device?
Respuesta
-
port mirroring
-
NetFlow
-
SNMP
-
network tap
Pregunta 160
Pregunta
A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?
Respuesta
-
availability
-
confidentiality
-
integrity
-
scalability
Pregunta 161
Pregunta
What component of a security policy explicitly defines the type of traffic allowed on a network and what users are allowed and not allowed to do?
Pregunta 162
Pregunta
What is the principle of least privilege access control model?
Respuesta
-
User access to data is based on object attributes.
-
Users are granted rights on an as-needed approach.
-
Users are granted the strictest access control possible to data.
-
Users control access to data they own.
Pregunta 163
Pregunta
Which statement describes a difference between RADIUS and TACACS+?
Respuesta
-
RADIUS is supported by the Cisco Secure ACS software whereas TACACS+ is not.
-
RADIUS encrypts only the password whereas TACACS+ encrypts all communication.
-
RADIUS separates authentication and authorization whereas TACACS+ combines them as one process.
-
RADIUS uses TCP whereas TACACS+ uses UDP.
Pregunta 164
Pregunta
What is the purpose of mobile device management (MDM) software?
Respuesta
-
It is used to create a security policy.
-
It is used to implement security policies, setting, and software configurations on mobile devices.
-
It is used by threat actors to penetrate the system.
-
It is used to identify potential mobile device vulnerabilities.
Pregunta 165
Pregunta
What service determines which resources a user can access along with the operations that a user can perform?
Respuesta
-
authentication
-
biometric
-
authorization
-
accounting
-
token
Pregunta 166
Pregunta
A company has a file server that shares a folder named Public. The network security policy specifies that the Public folder is assigned Read-Only rights to anyone who can log into the server while the Edit rights are assigned only to the network admin group. Which component is addressed in the AAA network service framework?
Respuesta
-
automation
-
accounting
-
authentication
-
authorization
Pregunta 167
Pregunta
In threat intelligence communications, what set of specifications is for exchanging cyberthreat information between organizations?
Respuesta
-
Trusted automated exchange of indicator information (TAXII)
-
Structured threat information expression (STIX)
-
Automated indicator sharing (AIS)
-
Common vulnerabilities and exposures (CVE)
Pregunta 168
Pregunta
What three items are components of the CIA triad? (Choose three.)
Respuesta
-
integrity
-
availability
-
confidentiality
-
access
-
scalability
-
intervention
Pregunta 169
Pregunta
A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?
Respuesta
-
integrity
-
scalability
-
availability
-
confidentiality
Pregunta 170
Pregunta
Which AAA component can be established using token cards?
Respuesta
-
authorization
-
authentication
-
auditing
-
accounting
Pregunta 171
Pregunta
Which method is used to make data unreadable to unauthorized users?
Pregunta 172
Pregunta
Which two areas must an IT security person understand in order to identify vulnerabilities on a network? (Choose two.)
Respuesta
-
number of systems on each network
-
network baseline data
-
data analysis trends
-
hardware used by applications
-
important applications used
Pregunta 173
Pregunta
Which three services are provided by the AAA framework? (Choose three.)
Respuesta
-
autoconfiguration
-
automation
-
authorization
-
authentication
-
autobalancing
-
accounting
Pregunta 174
Pregunta
How does BYOD change the way in which businesses implement networks?
Respuesta
-
BYOD provides flexibility in where and how users can access network resources.
-
BYOD requires organizations to purchase laptops rather than desktops.
-
BYOD users are responsible for their own network security, thus reducing the need for organizational security policies.
-
BYOD devices are more expensive than devices that are purchased by an organization.
Pregunta 175
Pregunta
Which technology provides the framework to enable scalable access security?
Respuesta
-
AutoSecure
-
role-based CLI access
-
authentication, authorization, and accounting
-
Simple Network Management Protocol
-
Cisco Configuration Professional communities
Pregunta 176
Pregunta
Which device is usually the first line of defense in a layered defense-in-depth approach?
Respuesta
-
access layer switch
-
internal router
-
edge router
-
firewall
Pregunta 177
Pregunta
In a defense-in-depth approach, which three options must be identified to effectively defend a network against attacks? (Choose three.)
Respuesta
-
assets that need protection
-
location of attacker or attackers
-
total number of devices that attach to the wired and wireless network
-
threats to assets
-
vulnerabilities in the system
-
past security breaches
Pregunta 178
Pregunta
Which section of a security policy is used to specify that only authorized individuals should have access to enterprise data?
Pregunta 179
Pregunta
Which type of access control applies the strictest access control and is commonly used in military or mission critical applications?
Respuesta
-
mandatory access control (MAC)
-
discretionary access control (DAC)
-
attribute-based access control (ABAC)
-
Non-discretionary access control
Pregunta 180
Pregunta
Which algorithm is used to automatically generate a shared secret for two systems to use in establishing an IPsec VPN?
Pregunta 181
Pregunta
A security specialist is tasked to ensure that files transmitted between the headquarters office and the branch office are not altered during transmission. Which two algorithms can be used to achieve this task? (Choose two.)
Pregunta 182
Pregunta
In which way does the use of HTTPS increase the security monitoring challenges within enterprise networks?
Respuesta
-
HTTPS traffic can carry a much larger data payload than HTTP can carry.
-
HTTPS traffic is much faster than HTTP traffic.
-
HTTPS traffic does not require authentication.
-
HTTPS traffic enables end-to-end encryption.
Pregunta 183
Pregunta
What technology has a function of using trusted third-party protocols to issue credentials that are accepted as an authoritative identity?
Respuesta
-
hashing algorithms
-
digital signatures
-
symmetric keys
-
PKI certificates
Pregunta 184
Pregunta
Which three algorithms are designed to generate and verify digital signatures? (Choose three.)
Respuesta
-
IKE
-
DSA
-
RSA
-
ECDSA
-
AES
-
3DES
Pregunta 185
Pregunta
What are two properties of a cryptographic hash function? (Choose two.)
Respuesta
-
Complex inputs will produce complex hashes.
-
Hash functions can be duplicated for authentication purposes.
-
The hash function is one way and irreversible.
-
The input for a particular hash algorithm has to have a fixed size.
-
The output is a fixed length.
Pregunta 186
Pregunta
Which statement is a feature of HMAC?
Respuesta
-
HMAC uses a secret key that is only known to the sender and defeats man-in-the-middle attacks.
-
HMAC uses protocols such as SSL or TLS to provide session layer confidentiality.
-
HMAC uses a secret key as input to the hash function, adding authentication to integrity assurance.
-
HMAC is based on the RSA hash function.
Pregunta 187
Pregunta
Which two statements describe the characteristics of symmetric algorithms? (Choose two.)
Respuesta
-
They are commonly used with VPN traffic.
-
They use a pair of a public key and a private key.
-
They are commonly implemented in the SSL and SSH protocols.
-
They provide confidentiality, integrity, and availability.
-
They are referred to as a pre-shared key or secret key.
Pregunta 188
Pregunta
Which encryption algorithm is an asymmetric algorithm?
Pregunta 189
Pregunta
Which statement describes the use of certificate classes in the PKI?
Respuesta
-
Email security is provided by the vendor, not by a certificate.
-
A vendor must issue only one class of certificates when acting as a CA.
-
A class 5 certificate is more trustworthy than a class 4 certificate.
-
The lower the class number, the more trusted the certificate.
Pregunta 190
Pregunta
What is the focus of cryptanalysis?
Pregunta 191
Pregunta
Two users must authenticate each other using digital certificates and a CA. Which option describes the CA authentication procedure?
Respuesta
-
The users must obtain the certificate of the CA and then their own certificate.
-
The CA is always required, even after user verification is complete.
-
CA certificates are retrieved out-of-band using the PSTN, and the authentication is done in-band over a network.
-
After user verification is complete, the CA is no longer required, even if one of the involved certificates expires.
Pregunta 192
Pregunta
When implementing keys for authentication, if an old key length with 4 bits is increased to 8 bits, which statement describes the new key space?
Respuesta
-
The key space is increased by 3 times.
-
The key space is increased by 8 times.
-
The key space is increased by 15 times.
-
The key space is increased by 16 times.
Pregunta 193
Pregunta
What is the service framework that is needed to support large-scale public key-based technologies?
Pregunta 194
Pregunta
What are the two important components of a public key infrastructure (PKI) used in network security? (Choose two.)
Respuesta
-
symmetric encryption algorithms
-
certificate authority
-
intrusion prevention system
-
digital certificates
-
pre-shared key generation
Pregunta 195
Pregunta
A company is developing a security policy to ensure that OSPF routing updates are authenticated with a key. What can be used to achieve the task?
Pregunta 196
Pregunta
An online retailer needs a service to support the nonrepudiation of the transaction. Which component is used for this service?
Respuesta
-
the private key of the retailer
-
the digital signatures
-
the unique shared secret known only by the retailer and the customer
-
the public key of the retailer
Pregunta 197
Pregunta
Which statement describes the Software-Optimized Encryption Algorithm (SEAL)?
Respuesta
-
It uses a 112-bit encryption key.
-
It requires more CPU resources than software-based AES does.
-
It is an example of an asymmetric algorithm.
-
SEAL is a stream cipher.
Pregunta 198
Pregunta
What role does an RA play in PKI?
Respuesta
-
a super CA
-
a subordinate CA
-
a backup root CA
-
a root CA
Pregunta 199
Pregunta
What technology allows users to verify the identity of a website and to trust code that is downloaded from the Internet?
Respuesta
-
encryption
-
asymmetric key algorithm
-
digital signature
-
hash algorithm
Pregunta 200
Pregunta
Which three services are provided through digital signatures? (Choose three.)
Respuesta
-
accounting
-
authenticity
-
compression
-
nonrepudiation
-
integrity
-
encryption