Question Banks 16-20 PDF

Summary

This document contains question banks on various security topics, such as network security, cyber security, and physical security.

Full Transcript

Question Bank 16: Common Security Concepts
1. What are the three pillars of network security?

a. Confidentiality, Integrity, availability

b. Reliability, classified, accessibility

c. Integrated, restricted, obtainable

d. Veracity, dependability, unrestricted

Answer: a. Confidentiality, Integrity, availability

Explanation: Because almost all (if not all) corporate networks require network security, consider the three
primary goals of network security: confidentiality, integrity, and availability.

Data confidentiality implies keeping data private. Data integrity ensures that data has not been modified in transit.
The availability of data is a measure of the data's accessibility.

2. What aspect of modern cyber security focuses on ensuring that data was not manipulated in transit?

a. Integrity
b. Confidentiality
c. Authentication
d. Availability

Answer: a. Integrity

Explanation: Integrity ensures that data was not manipulated in transit.

3. What security approach would require creating multiple accounts for your own access to the network
and to its devices?

a. 802.1X
b. Least privilege
c. Network access control
d. SIEM

Answer: b. Least privilege

Explanation: The principle of least privilege means that you will use a user account with the fewest possible
permissions. For key personnel to have the required access for their jobs while maintaining a secure posture, they
would need to be in a select set of groups with least privilege access or to have multiple accounts, each with least
privilege for a specific need.

4. What is a device that is meant to attract security attacks?

a. SIEM
b. Next Generation Firewall
c. IPS
d. Honeypot

Answer: d. Honeypot

Explanation: A honeypot is a network device that tries to attract security attacks. This allows us to analyze the
attackers and their strategies.
5. What security protocol is used in 802.1X in order to securely transport the credentials used in the
exchange?

a. IPsec
b. EAP
c. SSH
d. HTTPS

Answer: b. EAP

Explanation: EAP is used as the security protocol to carry the credentials of the system (supplicant) that is trying
to access the network.

6. Which provides real-time analysis of security alerts generated by applications and network hardware
and can log security data and generate reports for compliance purposes?

a. SIEM
b. Screened subnets
c. VRF
d. Defense in depth

Answer: a. SIEM

Explanation: A. Security Information and Event Management (SIEM) systems provide real-time analysis of security
alerts generated by applications and network hardware. SIEMS can log security data and generate reports for
compliance purposes.

7. Which is a client/server authentication protocol that supports mutual authentication between a client
and a server and hands out tickets that are used instead of a username and password combination?

a. TACACS+
b. RADIUS
c. Kerberos
d. LDAP

Answer: c. Kerberos

Explanation: Kerberos is a client/server authentication protocol that supports mutual authentication between a
client and a server. Kerberos uses the concept of a trusted third party (a key distribution center) that hands out
tickets that are used instead of a username and password combination.

8. A main way to provide for data confidentiality is ____________.

a. Three way handshake
b. Encryption
c. Hashing
d. Authentication

Answer: b. Encryption

Hashing verifies data integrity. Authentication provides for authorization of credentials to provide access.
Confidentiality is ensured through encryption.

9. To access some cash, you put your bank card into an ATM machine and enter your PIN number. What
examples of multifactor authentication have you used? (Select two.)

a. Something you are
 b. Something you have
c. Something you know
d. Somewhere you are

Answer: b. Something you have; c. Something you know

Explanation: Multifactor authentication system requires both a “something you have” physical key (your ATM card)
and a “something you know” personal identification number (PIN).

10. What policy would be best to help you ensure that all areas of control and compliance don’t end up in the
hands of a single individual?

a. Role-based access
b. Zero Trust
c. Posture assessment
d. Separation of duties

Answer: d. Separation of duties

Explanation: It is important to include a separation of duties when planning for security policy compliance.
Control and compliance tasks should not end up in the hands of a single individual.

11. Which of the following is not an example of an integrity violation?

a. Modifying the appearance of a corporate website

b. Intercepting and altering an e-commerce transaction

c. Sending improperly formatted data to a networked device, resulting in an unhandled exception error

d. Modifying financial records that are stored electronically

Answer: c. Sending improperly formatted data to a networked device, resulting in an unhandled exception error

Explanation: Examples of integrity violations include the following: Modifying the appearance of a corporate
website, intercepting and altering an e-commerce transaction, and modifying financial records that are stored
electronically.

12. Which of the following is a symmetric encryption algorithm available in 128-bit, 192-bit, and 256-bit key
versions?

a. RSA
b. 3DES
c. AES
d. TKIP

Answer: c. AES

Explanation: The Advanced Encryption Standard (AES) permits the configuration of various strength levels. This
includes 128, 192, and 256-bit key versions.

13. Which policy uses the assignment of rights and permissions based on a job title or a common set of
restrictions?

a. Role-based access
b. Zero Trust
c. Posture assessment
d. Separation of duties
Answer: a. Role-based access

Explanation: It is important to include a separation of duties when planning for security policy compliance.
Control and compliance tasks should not end up in the hands of a single individual.

14. Which two of the following are examples of symmetric encryption?

a. Advanced Encryption Standard (AES)

b. Triple Data encryption Standard (3DES)

c. RSA

d. Pretty Good Privacy (PGP)

Answer: a. Advanced Encryption Standard (AES); b. Triple Data encryption Standard (3DES)

Explanation: Triple DES (3DES) and Advanced Encryption Standard (AES) are symmetric encryption types; RSA
and Pretty Good Privacy (PGP) are examples of asymmetric encryption.

15. Which of these is a popular asymmetric encryption algorithm used today?

a. RSA

b. AES

c. RC4

d. MD5

e. WEP

Answer: a. RSA

Explanation: The Rivest, Shamir, and Adleman (RSA) asymmetric encryption algorithm is one of the most popular
in use today.

16. Verifying the integrity of data in transit can be accomplished by which of these?

a. Encryption

b. Hashing

c. Tunneling

d. Factoring

e. Decryption

Answer: b. Hashing

Explanation: The use of a hashing algorithm verifies the integrity of data payloads. The result of a hash is the hash
digest, which can then be compared on both sides of a connection. Encryption and tunneling can be used to hide
the contents but cannot verify that the contents have not been altered.

17. What are the two most common hashing algorithms? (Choose two.)

a. RC4

b. CRC

c. SHA-1
 d. MD5

Answer: c. SHA-1; d. MD5

Explanation: Two common hashing algorithms are used today: Secure Hash Algorithm 1 (SHA-1) and message
digest 5 (MD5).

18. What is the name of the UDP-based protocol that is used to communicate with an AAA server?

a. RADIUS

b. TACACS+

c. DAP

d. TFTP

e. RIP

Answer: a. RADIUS

Explanation: The Remote Authentication Dial-In User Service (RADIUS) server is UDP based and is used to
communicate with an AAA server; another common protocol option is Terminal Access Controller Access Control
System Plus (TACACS+), but it uses TCP

19. Which provides excellent search tools to leverage a large database of publicly known information-
security vulnerabilities and exposures?

a. ACL
b. AWS
c. SHA-256
d. CVE

Answer: d. CVE

Explanation: The Common Vulnerabilities and Exposures (CVE) system is a helpful free to utilize. It provides
excellent search tools within a large database of known information-security vulnerabilities and exposures.

Question Bank 17: Common Types of Attacks
1. Which of the following is intentionally placed into a network by a hacker for the purpose diverting network
traffic so as to capture credentials and other data flows.

a. Honey Pot
b. Proxy Server
c. DDOS
d. Rogue DHCP

Answer: d. Rogue DHCP

Explanation: A rogue DHCP server could attract packets attempting to lease an IP Address and become a source
machine for redirecting the packets to an alternate default gateway for further manipulation.

2. Which type of attack exploits vulnerabilities in a native VLAN using 802.1Q?

a. Evil twin
b. Tailgating
c. Deauthentication
 d. VLAN hopping

Answer: d. VLAN hopping

Explanation: A VLAN hopping attack leverages two technologies in its operation: Q-in-Q tunneling and the native
VLAN feature.

3. In which of these attacks would the attacker have the goal of bypassing a port security configuration?

a. ARP Spoofing
b. IP Address spoofing
c. Port Scanning
d. Evil Twin
e. Sticky

Answer: a. ARP Spoofing

Explanation: Port Security is a layer 2 configuration, meaning only the MAC address information is of interest.
Spoofing the MAC address on a source machine causes the ARP resolution request to provide errant information
that bypasses the port security mechanism.

4. What kind of device could be used to initiate an unauthorized wireless network authentication request via
the beaconing process?

a. WAP
b. Tailgating
c. DNS Poisoning
d. DDOS
e. Sniffer

Answer: a. WAP

Explanation: A wireless access point placed in proximity to a user could be configured with the same SSID. The
user to mistakenly connects to the wrong WAP and the authentication process causes valuable information to be
captured.

5. In what type of attack does the attacker try all possible password combinations until a match is made?

a. Dictionary
b. MAC spoofing
c. IP spoofing
d. Brute-force

Answer: d. Brute-force

Explanation: In a brute-force password attack, the attacker tries all possible password combinations until a
match is made. For example, the brute-force attack might start with the letter a and go through the letter z. Then
the letters aa through zz are attempted, until the password is determined. Therefore, using a mixture of upper- and
lowercase, in addition to special characters and numbers, can help mitigate a brute-force attack.

6. What type of an attack often seeks a payment in untraceable Bitcoin or other cryptocurrency?

a. Malware
b. DDoS
c. Ransomware
d. DNS poisoning
Answer: c. Ransomware

Explanation: Ransomware is an attack that involves the demand of a ransom (often in cryptocurrency) for access
to files or systems to be restored.

7. Which of the following involving a session hijacking attempt by a hacker involves the capture and
replaying of legitimately secure credentials?

a. ARP Spoofing
b. Tailgating
c. VLAN hopping
d. Man-in-the-middle/On path

Answer: d. Man-in-the-middle/On path

Explanation: In a Man-in-the-middle/On path attack, the hacker intercepts a legitimate authentication request by
a legitimate user. Even if the credentials are encrypted, as long as the hacker can replay them accurately, he/she
can gain access and copy any traffic sent by the user.

8. Which type of social engineering attack involves sending a user information request that they log into a
fake web site with their username and password?

a. Piggybacking
b. Shoulder Surfiing
c. Phishing
d. Tailgating

Answer: c. Phishing

Explanation: Phishing often copies a website’s logo and is identical to the original in every respect, except that the
login credentials are being sent to the hacker instead of the authorized server.

9. Which type of technology attack involves having a user to install software that is being advertised as one
thing, but is really a code set that compromises your computer in some way?

a. Malware
b. TCP Dump
c. Packet Analyzer
d. Spectrum Analyzer

Answer: a. Malware

10. In what type of attack does the attacker infiltrate many systems and then instruct those compromised
systems, called zombies, to simultaneously flood a targeted system with traffic?

a. DoS
b. TCP SYN flood
c. Buffer overflow
d. DDoS

Answer: d. DDoS
Explanation: A distributed denial-of-service attack involves many systems to compromise the availability of a
system.

11. A hacker has created an evil twin WAP. However, the intended target is still authenticating to the
legitimate WAP. What tool can the hacker use to force the user to authenticate to the evil twin?

a. Tailgating
b. Deauthentication frame
c. Shoulder surfing
d. Man-in-the-middle attack

Answer: b. Deauthentication frame

Explanation: A deauthentication frame that has the user’s MAC address as the source can cause the user to be
disconnected from the legitimate network and redirected to the evil twin.

12. What type of attack tricks a user into installing a piece of software that then attempts to lock a system,
encrypt existing data, corrupt data, or expose confidential data?

a. Malware
b. Packet capture
c. Man-in-the-middle
d. Ransomware

Answer: d. Ransomware

Explanation: Many ransomware attacks pretend to come from a legitimate organization such as Microsoft or the
FBI, or even the user’s own company.

13. Which of the following best describes DNS Poisoning?

a. Changing the content of the local DNScache
b. Redirecting users to a malicious website via intentional DNS database misconfiguration
c. Applying for a domain name using a false identity.
d. SQL server injections

Answer: b. Redirecting users to a malicious website via intentional DNS database misconfiguration

Explanation: If a hacker can succeed injecting some DNS resolution entries that redirect users to a site that looks
legitimate but actually is an information collection server to copy user credentials, they can become that user
logically.

14. Which of the following is a benefit of configuring the native VLAN as being essentially useless?

a. Prevents ARP spoofing
b. Prevent MAC spoofing
c. Prevents IP spoofing
d. Prevents VLAN hopping

Answer: d. Prevents VLAN hopping

Explanation: Because the native VLAN can carry the traffic of multiple VLANs when trunked, an attacker can
redirect traffic into a VLAN of their own choosing, thus isolating it for further manipulation.
15. The intentional substitution of a source address into an IP Header for the purpose of bypassing an ACL is
known as:

a. IP address spoofing
b. DHCP rogue attack
c. Evil twin attack
d. Deauthentication

Answer: a. IP address spoofing

16. The use of multiple small attacks that are individually unnoticed, but collectively damaging is known as
what kind of attack?

a. FTP Bounce
b. Session hijacking
c. Salami
d. Port Scan

Answer: c. Salami

Explanation: Skimming fractional pennies from interest bearing accounts at a bank is an example

17. A logic bomb is best described as which of the following?

a. Disabling the CPU fan so as to override the cooling system
b. Malicious software that executes at a particular time based on the system clock
c. Resetting the system bios password using an automatic reboot during OS updates.
d. Flooding the memory banks with random data to create remote CPU access
e. Overwhelming the RAM buffers to overheat the CPU

Answer: b. Malicious software that executes at a particular time based on the system clock

18. Flooding of ICMP traffic into a directed subnet to create a DoS attack using ping replies is known as:

a. Smurf attack
b. Cookie attack
c. Cross site injection
d. Data diddling
e. RSA certificate compromise

Answer: a. Smurf attack

19. A visitor is passing through a facility with a smartphone in his hand and the video is on. He seems to be
pointing it at various screens as he walks by. What is this an example of?

a. Tailgating
b. Piggybacking
c. On path attack
d. Shoulder surfing

Answer: d. Shoulder surfing

20. An unauthorized and coordinated use of multiple systems launching command and control software
against a single system to force an inability to function is known as:

a. Relay attack
b. Evil Twin attack
 c. Distributed Denial of Service attack
d. Web site spoofing

Answer: c. Distributed Denial of Service attack

21. In what type of password attack does the hacker use common words, dates, or perhaps addresses?

a. Brute Force
b. Dictionary
c. Split byte parsing
d. Man in the middle
e. Phase shifting

Answer: b. Dictionary

Explanation: A dictionary attack limits its range of attempts to words in dictionaries or common phrases,
including slang.

22. What is an example of a social engineering attack?

a. DDoS
b. DoS
c. Piggybacking
d. On-path attack
e. Fake news

Answer: c. Piggybacking

Explanation: Piggybacking is most often used to describe a social engineering attack where an authorized user
permits an unauthorized user access to an area. For example, the unauthorized user might follow the authorized
user through a security checkpoint without entering credentials.

23. What are the three types of malicious traffic detection methods?

a. Signature, policy, and anomaly based

b. IDS, IPS, and IRS based

c. NIDS, HIPS, and NIPS based

d. Symmetric, asymmetric, and transparent based

Answer: a. Signature, policy, and anomaly based

Explanation: Consider the following approaches for detecting malicious traffic:

Signature-based detection

Policy-based detection

Anomaly-based detection

The primary method used to detect and prevent attacks using IDS or IPS technologies is signature based. Another
approach to IDS/IPS detection is policy based. With a policy-based approach, the IDS/IPS device needs a specific
declaration of the security policy. A third approach to detecting or preventing malicious traffic is anomaly based.
This approach is prone to false positives because a normal condition is difficult to measurably define.

24. Which two of these approaches is used to determine the password of a system account or a user
account?
 a. Through the use of Trojan horse

b. Through the use of keylogger

c. Through the use of encryption mechanism

d. Through the use of compression mechanism

e. Through the use of file shares

Answer: a. Through the use of Trojan horse; b. Through the use of keylogger

Explanation:

Trojan horse: A Trojan horse is a program that appears to be a useful application, but might capture a user's
password and then make it available to the attacker.

Keylogger: A program that runs in a computer's background and it logs keystrokes that a user makes. Therefore,
after a user enters a password, the password is stored in the log created by the keylogger. An attacker can then
retrieve the log of keystrokes to determine the user's password.

Bonus Question

25. A prelude to an attack that involves polling an entire subnet of addresses for echo replies is called a
_________.

a. Packet Capture
b. EMI monitoring
c. Ping Sweep
d. Botnet

Answer: c. Ping Sweep

Question Bank 18 Network Hardening Techniques
1. What protocol makes 802.1X possible?

a. SSH
b. Telnet
c. SNMPv3
d. EAP

Answer: d. EAP

Explanation: The Extensible Authentication Protocol (EAP) is a flexible solution that is used in many network
environments to support a wide variety of authentication and authorization scenarios. EAP is the featured
technology of 802.1X.

2. Spanning Tree Protocol (STP) is a loop-prevention mechanism used in modern networks. STP is, however,
vulnerable to misconfiguration. Which protections accompany STP?

a. EtherChannel
b. BPDU guard
c. Root guard
d. Split horizon
e. TCP SYN flood
Answer: b. BPDU guard; c. Root guard

Explanation: Spanning tree protections include root guard, BPDU guard, and flood guard. Root guard prevents
another switch in the topology from taking over the STP root role, whereas BPDU guard helps identify rogue or
misplaced switches in the topology. Flood guard helps to prevent against denial-of-service (DoS) attacks that seek
to disrupt communications through a massive flooding of frames.

3. Hardening of your network is is compromised by it being vulnerable to several DoS attacks that involve
your Interior routing protocols and EGP protocols. What hardening technique addresses this challenge
most directly?

a. Control plane policing
b. Geofencing
c. SNMP
d. Dynamic ARP inspection

Answer: a. Control plane policing

Explanation: Control plane policing, sometimes referred to as CoPP, can help in this situation. Because your IGPs
and EGP routing protocols are part of the control plane, CoPP can police the amount of traffic that is permitted to
your CPU. This directly prevents many different types of DoS attacks that target the control plane.

4. A site survey has revealed the following potential vulnerabilities to network security and performance at a
retail location that in a strip mall. The store is 35 wide by 100 deep. There are adjacent businesses within
60 feet that are using channels 6 and 11. There is a public court for eating located directly across the
street. Employees are allowed to BYOD, but there is no desire to create a guest network. What
recommendation(s) should be made for this situation?

a. Change the frequency from channel 6 to channel 9.
b. Lower the power settings.
c. Change the antenna from omnidirectional to unidirectional.
d. Use WEP to enhance security
e. All of the above

Answer: b. Lower the power settings

Explanation: The most advantageous channel to avoid overlap would be channel 1. A unidirectional antenna
would extend the range into the public court and make the signal less accessible to the store’s
managers/employees. WEP is not a recommended protocol for modern wireless networks. Lowering the power
settings to function in a small space using the omnidirectional antenna is the single best option presented.

5. What device hardening technique might be found amongst a row of stores in a shopping mall to ensure
that the different stores have network segmentation from each other?

a. Default VLAN
b. DHCP snooping
c. Private VLANs
d. Dynamic ARP Inspection

Answer: c. Private VLANs

Explanation: Private VLANs add segmentation capabilities beyond what is “normal” for VLAN communication.
You can create segmentation within an IP subnet using this technology.

6. Which of the following is not a network hardening best practice?
 a. Use SNMPv3
b. Disable unneeded services
c. Implement role-based access
d. Use of default passwords

Answer: d. Use of default passwords

Explanation: Network hardening includes using SNMPv3 instead of earlier versions, disabling unneeded ports and
unneeded services, and changing default passwords to something other than the known default password.

7. ________ are rules, typically applied to router interfaces, that specify permitted and denied traffic.

a. Point-to-point protocols

b. Access control lists

c. Firewalls

d. Network admission controls

Answer: b. Access control lists

8. When using an ACL, which of the following means that if you have not been explicitly granted access,
then access is denied?

a. Implicit deny
b. Explicit deny
c. Allow
d. BPDU

Answer: a. Implicit deny

Explanation: An implicit deny clause (firewall rule) means that if the proviso in question has not been explicitly
granted, then access is denied.

9. What do most public networks, including Wi-Fi hotspots, use which requires users to agree to some
condition before they use the network or Internet?

a. PSKs
b. Proper antenna placement
c. Appropriate signal power levels
d. Captive portals

Answer: d. Captive portals

Explanation: Most public networks, including Wi-Fi hotspots, use a captive portal, which requires users to agree
to some condition before they use the network or Internet.

10. The most common approach to correct a known bug or fix a vulnerability is to release a software
________.

a. tip

b. notification

c. upgrade

d. patch
Answer: d. patch

Explanation: A patch is designed to correct a known but or fix a known vulnerability in a piece of software.

11. Which of the following are recommended practices for the use of IoT devices in an enterprise?

a. Segment them into specific VLANs

b. Update firmware

c. Install available security patches

d. Avoid IoT devices that do not employ secure software

e. All of the above

Answer: e. All of the above

Explanation: All of these would be best practices for safety and security of IoT devices.

12. For switches, which of the following can be employed to enhance security at the network access level?

a. Enable switchport security
b. Update routing protocols with encryption
c. Disable unused ports
d. Turn off STP
e. All of the above
f. A and C only

Answer: f. A and C only

Explanation. Network access switches do not have routing protocols. STP enhances security and performance
and is turned on by default, but should use BPDU guard and flood guard.

13. Which three of the following relate to controlling unbounded network signals?

a. Antenna Type/Placement

b. Bandwidth allocation

c. Access Control Lists

d. Wireless power levels

e. Geofencing

Answer: a, d, e

Explanation: Unbounded signals are wireless frequencies, unaffected by the constraints of bounded media such
as cables. To contain those signals an administrator can use different kinds of antennas to control directional
signaling, power levels to control the maximum signal distance, and geofencing to control device access outside
of specified GPS coordinates or use of a custom localized app to detect and log a device in.

14. To secure your internal WI-FI network from visitors, which one of the following is a technique that can be
employed?

a. Isolate the guest network using a separate SSID
b. Use multiple directional antennas

c. Deny access to all unknown MAC addresses

d. Give out a password to the internal network only after visitors enter the building

Answer: a. Isolate the guest network using a separate SSID

Explanation. Visitors using a provided guest network SSID will not have access to the internal network, whose
SSID can be hidden. Multiple directional antennas would only complicate the access to people who need it.
Denying all unknown MAC addresses defeats the purpose of a guest network. Giving password out after visitors
enter would provide them access to the Internal network. If a guest network does exist, having a password is a
reasonable extra step to secure their session.

15. Hackers can intercept transmissions is through EMI emissions. What type of room was created to help
combat EMI emanations?

a. Tempest
b. Mantis
c. Covert
d. Cleanroom
e. Cage

Answer: a. Tempest

Explanation: Because data is often transmitted over UTP wire (as opposed to STP), attackers can sometimes copy
information traveling over the wire by intercepting the EMI being emitted by the transmission medium. These EMI
emissions are sometimes called emanations. Tempest was the name of a government project to study the ability
to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep EMI
emanations contained.

Bonus questions

16. What is the name of a network machine deployed to lure attackers away from the real servers and
provide tracking information?

a. Sugar trap

b. Sticky MAC

c. Port Mirroring

d. Honey pot

Answer: d. Honey pot

Explanation: A honey pot is a device that is implemented to distract attackers from the real servers. This idea can
be extended with the use of honey nets, which distract attackers to a completely separate network with no real
servers.

17. You have just opened the box for a new WAP to be part of your guest network. Which of the following are
recommended as a minimum set of best practices?

a. Enable the SSID broadcast
b. Change the default administrative SSID and password
 c. Select an encryption protocol that is current and not easily broken
d. Isolate the guest network from the corporate WLAN
e. Upgrade the firmware
f. All of the above
g. B, C, D, and E

Answer: g. B, C, D, and E

Explanation: Enabling the SSID broadcast is not recommended unless that is the only way to enable guests to see
the guest network in their wireless device settings.

18. Which of the following application layer software programs should be adapted to secure programs with
similar functionality?

a. Telnet
b. SNMPv1
c. HTTP
d. FTP
e. SSH
f. All of the above
g. A, B, C, and D

Answer: g. A, B, C, and D

Explanation: SSH is the only one that requires a secure connection.

19. A ________ firewall or gateway is a device that attempts to bundle multiple security functions into a single
physical or logical device.

a. Consolidation

b. UTM

c. RAS

d. AAA

Answer: b. UTM

Explanation: A Unified Threat Management (UTM) firewall or gateway is a device that attempts to bundle multiple
security functions into a single physical or logical device.

20. For IPv6, which of the following can be used to enhance security while avoiding deploying a DHCP
server?

a. IPSec
b. PPTP
c. Using EUI-64 with RA Guard
d. BPDU Guard
e. Active Directory

Answer: c. Using EUI-64 with RA Guard; e. Active Directory

Explanation: EUI-64 allows for Router Advertisement messages to enable automatic self configuration of an IP
address. RA guard helps to secure such automation from being exploited.
Question Bank 19: Remote Access Methods
1. When configuring a VPN, which one of the following allows for both VPN connection and a separate
Internet connections simultaneously?

a. Split Tunnel
b. Clientless VPN
c. Host to Host VPN
d. Remote Access VPN

Answer: a. Split Tunnel

Explanation: Split Tunnel allows VPN traffic to be on one channel and Internet bound traffic to be on a different
channel.

2. A clientless VPN solution employs what type of VPN feature?

a. Site-to-site
b. Client-to-site
c. Client-to-client
d. Server-to-Server

Answer: b. Client-to-site

Explanation: The client-to-site VPN type often features the use of client systems using their Web browser and
SSL/TLS to make the VPN connection. This is often considered “clientless” because the Web browser is built into
the Operating System and there is no need for any separate client software installation.

3. A ____________in a telephone network is where the maintenance responsibility passes from a telephone
company to the subscriber and a _____________ in a WAN connection has the same function.

a. Demarcation point, Point of Presence

b. Intermediate Wiring Closet, patch panel

c. Wall plate, Switch

d. VPN collector, HSRP Virtual Router

Answer: a. Demarcation point, Point of Presence

Explanation: A demarc (also known as a demarcation point or a demarc extension) is the point in a telephone
network where the maintenance responsibility passes from a telephone company to the subscriber (unless the
subscriber has purchased inside wiring maintenance).

4. What is the name of the protocol that is commonly used to authenticate devices that connect via DSL?

a. SLIP

b. PPPoE

c. PPP

d. ROAM

Answer: b. PPPoE

Explanation: The Point-to-Point Protocol over Ethernet (PPPoE) is typically used to encapsulate traffic that goes
through DSL lines, in addition to providing authentication for the DSL provider.
5. Which of the following is a common Layer 2 protocol that could run over a dedicated leased line?

a. Transmission Control Protocol (TCP)

b. Point-to-Point Protocol (PPP)

c. Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)

d. Routing Information Protocol (RIP)

Answer: b. Point-to-Point Protocol (PPP)

Explanation: A common Layer 2 protocol that could run over a dedicated leased line is Point-to-Point Protocol
(PPP); the other protocols are not Layer 2 protocols that could run over a dedicated line.

6. When internal network management traffic is isolated from user data payload traffic, this is known as
________.

a. Out of band management

b. SNMPv2

c. In band management

d. VPN

Answer: a. Out of band management

Explanation: Dedicated lease lines use PPP. Though PPP can use security options like PAP and CHAP, those are
not the primary WAN protocol.

7. What remote access technology is considered a secure alternative to Telnet for making a secure
connection to a remote network device and operating at a CLI?

a. SCP
b. SFTP
c. SSH
d. SSL

Answer: c. SSH

Explanation: The Secure Shell protocol (SSH) is the secure replacement technology for Telnet. Unlike Telnet, this
protocol offers strong security mechanisms that are in wide use today.

8. Sally goes to the store and puts her bank card into an ATM machine and enters a PIN number. What
examples of multifactor authentication has she exhibited? (Select two.)

a. Something she is
b. Something she has
c. Something she knows
d. Somewhere she is

Answer: b. Something she has; c. Something she knows

Explanation: Automated teller machines (ATMs) mostly use multifactor authentication in the form of “something
you have”, your ATM card, and “something you know” your personal identification number (PIN). Answer:A is
incorrect because something she is would include a biometric factor. For example, Sally’s fingerprints, retinal
patterns, or hand geometry. Answer:D is incorrect because the “somewhere you are” authentication factor would
include authenticating to a specific network in a specific geographical area or boundary using geofencing or GPS
for example.

9. What is often considered a multiplatform solution that is similar to the approach taken by RDP?

a. VNC
b. SSH
c. Telnet
d. MDM

Answer: a. VNC

Explanation: Virtual Network Computing (VNC) refers to the multiplatform solution for remote desktop access. It
is a very similar approach taken by RDP with Microsoft Remote Desktop Connection (RDC).

10. A web user clicks ‘Accept’, views an advertisement, provides an email address, or performs some other
required action. The network then grants access to the user. What is being described?

a. Virtual network computing (VNC)
b. Remote Desktop Connection (RDC)
c. SSH
d. Captive portal

Answer: d. Captive portal

Explanation: Captive portals are common in public places such as airports and coffee shops. The user simply
clicks Accept, views an advertisement, provides an email address, or performs some other required action. The
network then grants access to the user and no longer holds the user captive to that portal.

11. Which IKE mode is used in conjunction with three phases?

a. Quick Mode

b. Aggressive Mode

c. Main Mode

d. Tunnel Mode

Answer: c. Main Mode

Explanation: A channel service unit/data service unit (CSU/DSU) is a digital modem that is used to terminate a T1
connection.

12. Using IPSec, the security vulnerability of IP addresses being visible in Transport Mode can be fixed by
which one of the following:

a. CHAP
b. Authenticating Header
c. Use of Generic Routing Encapsulation
d. Encapsulating Security Payload using Protocol number 51

Answer: c. Use of Generic Routing Encapsulation.

Explanation: Generic Routing Encapsulation takes the entire IPSEC packet including the source and destination
addresses and encrypts them inside a new GRE packet. Only the GRE source and destination addresses are
visible.
13. __________ access to corporate network resources presents unique challenges for organizations today.
Of primary concern is the fact that the _________ network might lack appropriate security controls, or may
even be currently compromised.

a. Data
b. Remote
c. Partner
d. Acceptable

Answer: b. Remote

Bonus Questions

14. Which one of the following is not an example of wireless WAN media?

a. Cellular phone

b. LTE

c. HSPA+

d. DSL

Answer: d. DSL

Explanation: All except DSL, digital subscriber line, are examples of wireless media. DSL is typically used for
internet access to a local ISP as opposed to a WAN provider links across the Internet.

15. MPLS inserts a 32-bit header between Layer 2 and Layer 3 headers. Because this header is ________
between the Layer 2 and Layer 3 headers, it is sometimes referred to as a(n) ________ header.

a. inserted, insert

b. added, addon

c. inserted, proxy

d. shimmed, shim

Answer: d. shimmed, shim

Explanation: Added and inserted are the incorrect terms. The correct terms are shimmed and shim.

16. Which of the following is a primary protocol that IPSec uses to provides encryption between peers and
that an administrator can manually configure the keys for?

a. IKE

b. SSL

c. AES

d. Internet Key Exchange (IKE)

Answer: d. Internet Key Exchange (IKE)

Explanation: Packet detection is not a feature of LCP.

17. What are the two commonly available PPP authentication mechanisms?
 a. PAP

b. RADIUS

c. TACACS+

d. CHAP

Answer: a. PAP; d.CHAP

Explanation: There are two commonly supported PPP authentication mechanisms: Password Authentication
Protocol (PAP) and the Challenge Handshake Authentication Protocol (CHAP). CHAP is the more secure of the
two.

18. In a VPN connection, which of the following devices are able to see the original destination IP Address?

a. VPN Server
b. Exterior Routers
c. ISP Edge Routers
d. Frame Relay Router

Answer: a. VPN Server

Explanation: For the entire route that VPN packets take, the original IP Address is hidden and only the VPN Server
is seen as a destination IP Address. Routers use that address for packet delivery. After the packet arrives at the
destination VPN server, the VPN server is able to decrypt the header to reveal the original IP Address destination.
The destination interior networks then delivers it to the intended destination.

Question Bank 20: Physical Security
1. An insurance company has a security audit scheduled for a client. Which of the following items should
the auditor be looking for in the physical security?
a. Man Trap Vestibule
b. Video Surveillance
c. Multi factor and/or Biometric entry doors
d. Data storage is behind locked doors
e. All of the above

Answer: e. All of the above

Explanation: To insure the client, the insurance company would be looking to verify as many vulnerabiliities and
preventative measures as possible

2. Which of the following is not a common physical security prevention method?

a. Motion detection
b. Employee training
c. Locking racks
d. Access control vestibule

Answer: a. Motion detection

Explanation: Motion detection can certainly help with physical security, but it is a technique used in detection, not
prevention.

3. What are examples of tamper detection? (Choose two)
 a. A key fob
b. Door security lock
c. Motion detection on a sensitive data rack enclosure
d. RFID tags that leave evidence of removal

Answers: c. Motion detection on a sensitive data rack enclosure; d. RFID tags that leave evidence of removal

4. Which of the following is not a common detection method when it comes to physical security?

a. Motion detection
b. Video surveillance
c. RFID Tags
d. Biometrics

Answer: d. Biometrics

Explanation: Biometrics is an excellent form of a physical security control; however, this control is considered a
prevention method and not a detection method.

5. A printer is being decommissioned for disposal. What kind of safety measures need to be taken?

a. None as long as it is unplugged
b. The printer ink should be salvaged
c. The spooler storage should be erased and destroyed
d. The power supply should be disassembled

Answer: c. The spooler storage should be erased and destroyed

Explanation: Spooler storage may contain previously printed document data, which may be of a sensitive nature.
Note that power supplies can be very dangerous.

6. Common techniques used when disposing of assets in an enterprise environment include which two of
these?

a. Factory reset
b. Baselining
c. Configuration backup
d. Configuration wipe

Answers: a. Factory reset; d. Configuration wipe

Explanation: Factory resets and configuration wipes are common asset disposal physical security controls. Note
they are often used in combination.

7. Which of the following can best be used to track the location of authorized mobile equipment and devices
over long distances and trigger alerts?

a. RFID tags
b. Geofencing
c. Bar codes
d. Key Fobs

Answer: b. Geofencing

Explanation: RFID tags and Key fobs are only useful over short distances. Bar codes require user intervention.

8. What are applied to physical network assets to permit the monitoring of the location of these devices?
 a. Badge readers
b. Locking racks
c. Asset tags
d. ACLs

Answer: c. Asset tags

Explanation: You can use various wireless technologies to track the physical location of network objects and
personnel by using tag technologies attached to the entities.

9. A network router has reached end of life and a new router is ready to be installed. Which of the following
precautions should be taken with the old router? Choose two.

a. Remove the DRAM
b. Erase the NVRAM memory
c. Erase the Flash memory
d. Destroy the router physically
e. Change the password

Answer: b. Erase the NVRAM memory; c. Erase the Flash memory

Explanation: Erasing the contents of all on board non volatile memory will erase any passwords that were in use.

10. What is a small entry area with two interlocking doors that prevents tailgating/piggybacking known as?
(Choose two)

a. Smart locker
b. Access control vestibule
c. Mantrap
d. Configuration wipe

Answers: b. Access control vestibule; c. Mantrap

Explanation: An Access control vestibule (formerly known as a mantrap) is a small entry area with two interlocking
doors that prevents forms of social engineering such as tailgating/piggybacking from taking place.