Review 5

Question 1

. Access control lists enable or deny traffic and can be configured to help secure a router.

Answer 1

True—Access control lists can be implemented on a router and within firewalls; they enable or deny connections.

Question 2

A MAC flood is when a person accesses a single port of a switch that was not physically secured.

Answer 2

False—A MAC flood is when numerous packets are sent to a switch, each with a different source MAC address, in an attempt to use up all the memory on the switch and causing a change of state known as failopen mode.

Question 3

NAT is also known as IP masquerading.

Answer 3

True—NAT, which stands for network address translation, is also known as IP masquerading. It is the process of changing an IP address while it is in transit across a router.

Question 4

The network 10.0.0.0 is a Class B private IP network.

Answer 4

False—10.0.0.0 is a network within the Class A private IP range. Class B is between 172.16.0.0 and 172.31.255.255.

Question 5

One way to protect a WAN is to place all the computers behind a router.

Answer 5

False—By placing all the computers behind a router, you can protect the LAN. Ways to protect the wide area network include firewalling and monitoring.

Question 6

A DMZ is a special area of the network accessed by clients on the Internet.

Answer 6

True—The DMZ, which stands for demilitarized zone, might include servers such as FTP, email, and Web that are accessible from people on the Internet, without enabling those people access to the LAN.

Question 7

An intranet enables sister companies to access a secure area of a company’s network.

Answer 7

False—An intranet is usually used for remote employees of an organization. Sister companies and partner companies would usually connect to an extranet.

Question 8

Network access control sets rules by which network connections are governed.

Answer 8

True—Network access control (NAC) helps control your network in a secure fashion by setting rules by which connections to the network are governed. One example of NAC is 802.1X.

Question 9

Subnetting increases security by compartmentalizing a network.

Answer 9

True—One of the reasons that subnetting is implemented is to increase security by compartmentalizing the network. It is also used to make more efficient use of IP address space and reduce broadcast traffic and collisions.

Question 10

One way to defend against a double-tagging attack is to put unplugged ports on the switch into an unused VLAN.

Answer 10

False—Putting unplugged ports on the switch into an unused VLAN is one way of defending against switch spoofing. Ways to defend against double tagging include upgrading firmware and picking an unused VLAN as the default VLAN.

Question 11

Which of the following ways can help secure a modem? (Select the two best answers.) 
A. Use the callback feature. 
B. Mount the modem to the floor. 
C. Use telnet. 
D. Used strong passwords.

Answer 11

A. and D. Using the callback feature enables you to set the modem to call a specific person back at a preset phone number. Strong passwords and some type of authentication scheme can also help to secure a modem. Modems are generally not bolted to the floor; however, a PBX device might be. Telnet is an insecure application and protocol; it should be substituted with SSH.

Question 12

Which of the following ranges comprise the well-known ports category? 
A. 1024–49,151 
B. 0–1023 
C. 49,152–65,535 
D. 10.0.0.0–10.255.255.255

Answer 12

B. 0–1023 is the port range for the category called well-known ports. 1024–49,151 is the port range for the category known as registered ports. 49,152–65,535 is the port range for a dynamic and private ports. 10.0.0.0–10.255.255.255 is the range of private Class A IP addresses.

Question 13

If a server has inbound Port 21 open, what service is it running? 
A. File Transfer Protocol 
B. Simple Mail Transfer Protocol 
C. Hypertext Transfer Protocol 
D. Kerberos

Answer 13

A. Port 21 corresponds to the File Transfer Protocol (FTP). The Simple Mail Transfer Protocol (SMTP) uses Port 25. The Hypertext Transfer Protocol (HTTP) uses Port 80. Kerberos uses Port 88.

Question 14

To use the Lightweight Directory Access Protocol (LDAP) in a secure fashion, what port should be used? 
A. 443 
B. 3389 
C. 636 
D. 389

Answer 14

C. Port 636 is used by Lightweight Directory Access Protocol (LDAP) over TLS/SSL. Port 443 is used by Hypertext Transfer Protocol Secure. Port 3389 is used by Remote Desktop Protocol. Port 389 is used by the standard Lightweight Directory Access Protocol.

Question 15

Which of the following commands can be used to turn off a service? 
A. Net stop 
B. Net start 
C. Sc config 
D. # chkconfig  off

Answer 15

A. Net stop is used to turn off the service in the command line within Windows. Net start is used to turn on a service from the command line in Windows. Sc config can be used to disable services. # chkconfig off is used to disable services in Linux.

Question 16

Which of the following port numbers is used by the Character Generator? 
A. 21 
B. 7 
C. 19 
D. 53

Answer 16

C. Port 19 is used by the Character Generator (CHARGEN). Port 21 is used by FTP. Port 7 is used by echo. Port 53 is used by DNS.

Question 17

Your boss wants you to secure your web server's transactions. Which protocol and port number should you use to accomplish this? 
A. POP3–110 
B. LDAP–389 
C. RDP–3389 
D. HTTPS–44361

Answer 17

D. HTTPS (Hypertext Transfer Protocol Secure) should be used; it corresponds to Port 443. POP3 is used by email servers. LDAP is used by domain controllers. RDP is used by terminal servers.

Question 18

Which of the following is not a denial-of-service attack? 
A. Smurf attack 
B. Teardrop attack 
C. Replay attack 
D. Fork bomb

Answer 18

C. The replay attack is a network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. It is not within the realm of denial-of-service attacks. All the other answers are types of denial-of-service attacks.

Question 19

Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data? 
A. DoS 
B. Session hijacking 
C. Null session 
D. Domain name kiting

Answer 19

B. Session hijacking is the exploitation of a computer session in an attempt to gain unauthorized access to data or other resources on a computer. DoS (denial-of-service) is any attack that attempts to make computer resources unavailable. A null session is a type of exploit that makes unauthenticated NetBIOS connections to a target computer. Domain name kiting is the process of deleting a domain name during a five-day grace period.

Question 20

Which of the following are ways to help defend against distributed denial-of-service attacks? (Select the three best answers.) 
A. Update firewalls. 
B. Carefully select applications.
C. Use intrusion prevention systems. 
D. Use a "clean pipe."

Answer 20

A, B, and D. Ways to help defend against distributed denial-of-service attacks include updating firewalls, using intrusion prevention systems, and using a clean pipe from your Internet service provider. You should always be careful when selecting applications; however, DDoS attacks will usually be perpetuated on specific servers that run specific applications that need to be functional. It is not the best answer, but you should always watch which applications you run.