Copy and Edit

CCNA Security Chapter 1 Quiz & Exam

Description

CCNA Security Chapter 1 Quiz & Exam
Adeeb S
Quiz by Adeeb S, updated more than 1 year ago More Less
d94829 d94829
Created by d94829 d94829 almost 7 years ago
Adeeb S
Copied by Adeeb S almost 7 years ago
15
0
0

Resource summary

Question 1

Question
What functional area of the Cisco Network Foundation Protection framework uses protocols such as Telnet and SSH to manage network devices?
Answer
  • data plane
  • management plane
  • control plane
  • forwarding plane

Question 2

Question
Users report to the helpdesk that icons usually seen on the menu bar are randomly appearing on their computer screens. What could be a reason that computers are displaying these random graphics?
Answer
  • An access attack has occurred.
  • A virus has infected the computers.
  • A DoS attack has been launched against the network.
  • The computers are subject to a reconnaissance attack.

Question 3

Question
What type of malware has the primary objective of spreading across the network?
Answer
  • worm
  • virus
  • Trojan horse
  • botnet

Question 4

Question
What is a main purpose of launching an access attack on network systems?
Answer
  • to prevent other users from accessing the system
  • to gather information about the network
  • to scan for accessible networks
  • to retrieve data

Question 5

Question
What is the meaning of the principle of minimum trust when used to design network security?
Answer
  • All network and internetwork data communications should be encrypted.
  • Accounts should be disabled after a specific number of unsuccessful logins.
  • Devices in networks should not access and use one another unnecessarily and unconditionally.
  • Encrypted and one-time passwords should be used at all times.
  • Network access should be controlled by multifactor authentication.

Question 6

Question
How does a DoS attack take advantage of the stateful condition of target systems?
Answer
  • by executing code that corrupts or deletes system files
  • by continuously sending packets of unexpected size or unexpected data
  • by using a dictionary of passwords to attempt to access the system
  • by intercepting and analyzing or manipulating data as it is sent across the network

Question 7

Question
Which security measure is typically found both inside and outside a data center facility?
Answer
  • a gate
  • exit sensors
  • security traps
  • biometrics access
  • continuous video surveillance

Question 8

Question
What is hyperjacking?
Answer
  • taking over a virtual machine hypervisor as part of a data center attack
  • overclocking the mesh network which connects the data center servers
  • adding outdated security software to a virtual machine to gain access to a data center server
  • using processors from multiple computers to increase data processing power

Question 9

Question
Fill in the blank. The Cisco Network Foundation Protection framework has three functional areas. The __________ plane of a router is responsible for routing packets correctly.
Answer
  • Management
  • data
  • data plane
  • data plain

Question 10

Question
Which Cisco network security tool is a cloud-based service that provides alerts to network professionals about current network attacks?
Answer
  • IPS
  • Snort IDS
  • Security Intelligence Operations
  • zone-based policy firewall

Question 11

Question
True or False? Antivirus software can prevent viruses from entering the network.
Answer
  • True
  • False

Question 12

Question
What is a significant characteristic of virus malware?
Answer
  • A virus is triggered by an event on the host system.
  • Once installed on a host system, a virus will automatically propagate itself to other systems.
  • A virus can execute independently of the host system.
  • Virus malware is only distributed over the Internet.

Question 13

Question
What are two purposes of launching a reconnaissance attack on a network? (Choose two.)
Answer
  • to retrieve and modify data
  • to scan for accessibility
  • to escalate access privileges
  • to gather information about the network and devices
  • to prevent other users from accessing the system

Question 14

Question
What is the primary means for mitigating virus and Trojan horse attacks?
Answer
  • antivirus software
  • encryption
  • antisniffer software
  • blocking ICMP echo and echo-replies

Question 15

Question
Which statement describes phone freaking?
Answer
  • A hacker uses password-cracking programs to gain access to a computer via a dialup account.
  • A hacker gains unauthorized access to networks via wireless access points.
  • A hacker mimics a tone using a whistle to make free long-distance calls on an analog telephone network.
  • A hacker uses a program that automatically scans telephone numbers within a local area, dialing each one in search of computers, bulletin board systems, and fax machines.

Question 16

Question
What method can be used to mitigate ping sweeps?
Answer
  • using encrypted or hashed authentication protocols
  • installing antivirus software on hosts
  • deploying antisniffer software on all network devices
  • blocking ICMP echo and echo-replies at the network edge

Question 17

Question
What are the three major components of a worm attack? (Choose three.)
Answer
  • a penetration mechanism
  • an infecting vulnerability
  • a payload
  • an enabling vulnerability
  • a probing mechanism
  • a propagation mechanism

Question 18

Question
Which statement accurately characterizes the evolution of threats to network security?
Answer
  • Internal threats can cause even greater damage than external threats
  • Threats have become less sophisticated while the technical knowledge needed by an attacker has grown
  • Early Internet users often engaged in activities that would harm other users
  • Internet architects planned for network security from the beginning.

Question 19

Question
What causes a buffer overflow?
Answer
  • launching a security countermeasure to mitigate a Trojan horse
  • sending repeated connections such as Telnet to a particular device, thus denying other data sources.
  • downloading and installing too many software updates at one time
  • attempting to write more data to a memory location than that location can hold
  • sending too much information to two or more interfaces of the same device, thereby causing dropped packets

Question 20

Question
What commonly motivates cybercriminals to attack networks as compared to hactivists or state-sponsored hackers?
Answer
  • status among peers
  • fame seeking
  • financial gain
  • political reasons

Question 21

Question
Which two network security solutions can be used to mitigate DoS attacks? (Choose two.)
Answer
  • virus scanning
  • intrusion protection systems
  • applying user authentication
  • antispoofing technologies
  • data encryption

Question 22

Question
Which two statements characterize DoS attacks? (Choose two.)
Answer
  • They are difficult to conduct and are initiated only by very skilled attackers
  • They are commonly launched with a tool called L0phtCrack.
  • Examples include smurf attacks and ping of death attacks.
  • They attempt to compromise the availability of a network, host, or application
  • They always precede access attacks

Question 23

Question
An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?
Answer
  • trust exploitation
  • buffer overflow
  • man in the middle
  • port redirection

Question 24

Question
What functional area of the Cisco Network Foundation Protection framework is responsible for device-generated packets required for network operation, such as ARP message exchanges and routing advertisements?
Answer
  • data plane
  • control plane
  • management plane
  • forwarding plane

Question 25

Question
What are the three components of information security ensured by cryptography? (Choose three.)
Answer
  • threat prevention
  • authorization
  • confidentiality
  • countermeasures
  • integrity
  • availability

Question 26

Question
What is the primary method for mitigating malware?
Answer
  • using encrypted or hashed authentication protocols
  • installing antivirus software on all hosts
  • blocking ICMP echo and echo-replies at the network edge
  • deploying intrusion prevention systems throughout the network

Question 27

Question
What is an objective of a state-sponsored attack?
Answer
  • to gain financial prosperity
  • to sell operation system vulnerabilities to other hackers
  • to gain attention
  • to right a perceived wrong

Question 28

Question
What role does the Security Intelligence Operations (SIO) play in the Cisco SecureX architecture?
Answer
  • identifying and stopping malicious traffic
  • authenticating users
  • enforcing policy
  • identifying applications

Question 29

Question
What worm mitigation phase involves actively disinfecting infected systems?
Answer
  • Treatment
  • containment
  • inoculation
  • quarantine

Question 30

Question
How is a smurf attack conducted?
Answer
  • by sending a large number of packets to overflow the allocated buffer memory of the target device
  • by sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network
  • by sending a large number of TCP SYN packets to a target device from a spoofed source address
  • by sending an echo request in an IP packet larger than the maximum packet size of 65,535 bytes

Question 31

Question
What is a characteristic of a Trojan horse as it relates to network security?
Answer
  • Malware is contained in a seemingly legitimate executable program
  • Extreme quantities of data are sent to a particular network device interface.
  • An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.
  • Too much information is destined for a particular memory block causing additional memory areas to be affected.

Question 32

Question
What is the first step in the risk management process specified by the ISO/IEC?
Answer
  • Create a security policy.
  • Conduct a risk assessment.
  • Inventory and classify IT assets.
  • Create a security governance model.

Question 33

Question
What is the significant characteristic of worm malware?
Answer
  • A worm can execute independently
  • A worm must be triggered by an event on the host system.
  • Worm malware disguises itself as legitimate software
  • Once installed on a host system, a worm does not replicate itself.

Question 34

Question
Which condition describes the potential threat created by Instant On in a data center?
Answer
  • when the primary firewall in the data center crashes
  • when an attacker hijacks a VM hypervisor and then launches attacks against other devices in the data center
  • when the primary IPS appliance is malfunctioning
  • when a VM that may have outdated security policies is brought online after a long period of inactivity

Question 35

Question
What are the three core components of the Cisco Secure Data Center solution? (Choose three.)
Answer
  • mesh network
  • secure segmentation
  • visibility
  • threat defense
  • servers
  • infrastructure

Question 36

Question
A disgruntled employee is using Wireshark to discover administrative Telnet usernames and passwords. What type of network attack does this describe?
Answer
  • trust exploitation
  • denial of service
  • reconnaissance
  • port redirection

Question 37

Question
Which two statements describe access attacks? (Choose two.)
Answer
  • Trust exploitation attacks often involve the use of a laptop to act as a rogue access point to capture and copy all network traffic in a public location, such as a wireless hotspot.
  • To detect listening services, port scanning attacks scan a range of TCP or UDP port numbers on a host
  • Buffer overflow attacks write data beyond the hallocated buffer memory to overwrite valid data or to exploit systems to execute malicious code.
  • Password attacks can be implemented by the use os brute-force attack methods, Trojan horse, or packet sniffers.
  • Port redirection attacks use a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN.

Question 38

Question
What is a ping sweep?
Answer
  • a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services.
  • a software application that enables the capture of all network packets that are sent across a LAN
  • a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain
  • a network scanning technique that indicates the live hosts in a range of IP addresses

Question 39

Question
As a dedicated network security tool, an intrusion ________ system can provide detection and blocking of attacks in real time.
Answer
  • prevention
  • nonprevention
Show full summary Hide full summary

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

CCNA Security Final Exam
Maikel Degrande
Security Guard Training
Summit College
ISACA CISM Exam Glossary
Fred Jones
Security
annelieserainey
Securities Regulation
harpratap_singh
2W151 Volume 1: Safety and Security - Quiz 7
Joseph Whilden J
Security Quiz Review
Rylan Blah
Security Policies
indysingh7285
2W151 Volume 1: Safety and Security - Quiz 6
Joseph Whilden J
Security (2)
Daniel Freedman
Certified Security Compliance Specialist
jnkdmls
Browse Library