Chapter 11

Question 1

This category of routing protocols maintain a list of destination networks along with metrics of direction and distance as measured in hops

Answer 1

Distance vector routing protocols

Question 2

this category of routing protocols gather routing characteristics, such as speed, latency, etc to make a next hop routing decision

Answer 2

Link State Routing protocols

Question 3

Examples of vector routing protocols

Answer 3

RIP, IGRP

Question 4

Examples of link state routing protocols

Answer 4

OSPF, IS-IS, EIGRP

Question 5

this category of routing protocols make next hop decisions based on the entire remaining path to the destination, and is a kind of exterior routing protocol

Answer 5

path vector

Question 6

what is an example of a path vector routing protocol?

Answer 6

BGP

Question 7

This is an insecure terminal emulation network application that supports remote connectivity for executing commands and running applications but does not support transfer of files.

Answer 7

Telnet, TCP/23

Question 8

This is an insecure network application that supports an exchange of files that requires anonymous or specific authentication.

Answer 8

FTP, TCP/20&21

Question 9

This is an insecure network application that supports an exchange of files that does not require authentication. Used to host network device configuration files and can support multicasting.

Answer 9

TFTP, UDP/69

Question 10

This is a protocol used to transmit email messages from a client to an email server and from one email server to another.

Answer 10

SMTP, TCP/25

Question 11

This is a protocol used to pull email messages from an inbox on an email server down to an email client (aka client archiving).

Answer 11

POP3, TCP/110

Question 12

This is a protocol used to pull email messages from an inbox on an email server down to an email client.

Answer 12

IMAP4, TCP/110

Question 13

This protocol provides for centralized control of TCP/IP configuration settings assigned to systems upon bootup.

Answer 13

DHCP, UDP/67,68

Question 14

This is the protocol used to transmit web page elements from a web server to web browsers in cleartext.

Answer 14

HTTP, TCP/80

Question 15

This is the TLS-encrypted version of HTTP.

Answer 15

HTTPS, TCP/443

Question 16

This is a network service that is used to spool print jobs and send print jobs to printers. Consider enclosing in a VPN for use.

Answer 16

LPD, TCP/515

Question 17

This is a GUI API for command-line operating systems. Consider enclosing in a VPN for use.

Answer 17

X Window, TCP/6000-6063

Question 18

This is a network service used to support file sharing between dissimilar systems. Consider enclosing in a VPN for use.

Answer 18

NFS, TCP/2049

Question 19

This is a network service used to collect network health and status information from a central monitoring station.

Answer 19

SNMP, UDP 161, 162

Question 20

combination of IP and port

Answer 20

socket

Question 21

ports that have one or more networking software products specifically registered with IANA

Answer 21

registered software ports
1024-49151

Question 22

ports used randomly and temporarily by clients as a source port

Answer 22

random, dynamic, ephemeral ports (49152-65535)

Question 23

3 steps of a TCP handshake

Answer 23

SYN
SYN/ACK
ACK

Question 24

this name server hosts the original editable zone file for the domain

Answer 24

primary authoritative name server

Question 25

these name servers host read-only copies of the zone file

Answer 25

secondary authoritative name server

Question 26

a security improvement to DNS; provides mutual certificate authentication and encrypted sessions between devices

Answer 26

DNSSEC

Question 27

this system protects clients during DNS transactions by creating an encrypted session with a DNS server using HTTPS

Answer 27

DNS over HTTPS (DoH)

Question 28

this system protects clients during DNS transactions by adding a DNS proxy between the client and the DNS resolver thus providing anonymity and privacy to DNS queries

Answer 28

Oblivious DoH (ODoH)

Question 29

a malicious device that responds to DNS queries with false IP information

Answer 29

rogue DNS server

Question 30

putting incorrect information into a DNS server’s zone file or cache

Answer 30

DNS Cache Poisoning

Question 31

malicious redirection of a valid website’s URL to a fake website by modifying the local hosts file on a system

Answer 31

DNS Pharming

Question 32

when a client has a false DNS server definition

Answer 32

corrupting the IP configuration through DHCP or a script

Question 33

when an attacker sends back a DNS response with false information

Answer 33

DNS query spoofing

Question 34

protecting against DNS poisoning methods

Answer 34

block inbound TCP 53
block outbound UDP 53
NIDS
use DNSSEC
use DoH or ODoH
regularly audit DNS and DHCP servers
use split DNS

Question 35

deploying separate DNS servers for public and private use

Answer 35

split DNS

Question 36

defensive use of DNS spoofing to prevent users from visiting malicious sites

Answer 36

DNS Sinkhole

Question 37

malicious action of changing the registration of a domain name without the authorization of the valid owner

Answer 37

domain hijacking

Question 38

displaying a link that looks like a well-known product that redirects the user to an alternate location

Answer 38

URL Hijacking

Question 39

IPv6 new features

Answer 39

scoped addresses, autoconfiguration, QoS

Question 40

since IPv6 does not support NAT, will this reduce security or privacy?

Answer 40

Privacy, because a systems local IP address will not be masked

Question 41

having systems operate both IPv4 and IPv6

Answer 41

dual stack

Question 42

systems operate a single stack of either IPv4 or IPv6 and use an encapsulation tunnel to access systems of the other protocol

Answer 42

tunneling

Question 43

used to convert between IPv6 and IPv4 network segments similarly to how NAT converts between internal and external adresses

Answer 43

NAT-PT

Question 44

this router protocol allows systems to support multicasting

Answer 44

IGMP - Internet Group Management Protocol

Question 45

this protocol resolves IP addresses into MAC addresses

Answer 45

ARP

Question 46

when an attacker sends false ARP replies to a switch

Answer 46

ARP cache poisoning

Question 47

best defense against ARP attacks

Answer 47

port security on switches

Question 48

this security measure can prohibit communications with unknown, unauthorized, rogue devices

Answer 48

switch port security

Question 49

this secure protocol uses public key cryptography to provide encryption, access control, nonrepudiation and message authentication using IP protocols. Primarily used for VPNs

Answer 49

IPsec

Question 50

this secure protocol offers a SSO solution and provides protection for logon credentials

Answer 50

Kerberos

Question 51

this secure protocol is an end-to-end encryption technique that can encrypt plaintext utilities, often used to remotely access the CLI of a device

Answer 51

SSH

Question 52

this is a cryptographic protocol that provides end-to-end encryption for voice communications, videoconferencing, and text messages

Answer 52

signal protocol

Question 53

this is an authentication service for cross-network service communications and prevents unauthorized execution of code on remote systems

Answer 53

Secure Remote Procedure Call (S-RPC)

Question 54

this is an encryption protocol that operates at OSI layer 4 by encrypting the payload of TCP communications

Answer 54

TLS

Question 55

this protocol is primarily used in the electric and water utility management industries to support communications between data aquisition systems and the system control equipment. It is similar to TCP/IP for ICS

Answer 55

DNP3 (Distributed Network Protocol 3)

Question 56

merging of specialty or proprietary protocols with standard protocols

Answer 56

converged protocols

Question 57

a secondary network used to consolidate and manage various storage devices into a single consolidated network-accessible storage container

Answer 57

Storage Area Network (SAN)

Question 58

used to encapsulate Fibre Channel communications over ethernet networks

Answer 58

Fiber Channel over Ethernet (FCoE)

Question 59

high-throughput high-performance network technology that directs data across a network based on short path labels to save time over traditional IP based routing; designed to handle a wide range of protocols through encapsulation rather than just TCP/IP

Answer 59

MPLS (Multiprotocol label switching)

Question 60

a networking storage standard based on IP used to enable location-independent file storage, transmission, and retrieval over LAN, WAN, or public internet

Answer 60

Internet Small Computer System Interface (iSCSI)

Question 61

a tunnelling mechanism that encapsulates audio, video, and other data into IP packets

Answer 61

VoIP

Question 62

a new network design that is directly programmable from a central location, is flexible, vendor neutral, and open standards based.

Answer 62

software defined networking SDN

Question 63

3 benefits of segmentation

Answer 63

boosting performance
reducing communication problems
increasing security

Question 64

creates a separate and distinct network structure for traffic that would otherwise interfere with the production network by creating secondary network paths to support data storage traffic

Answer 64

an out-of-band pathway

Question 65

diving an internal network into numerous subzones with filtering mechanisms between all of them

Answer 65

microsegmentation

Question 66

an encapsulation protocol that enables VLANs to be stretched across subnets and geographic distances

Answer 66

Virtual eXtensible LAN (VXLAN)

Question 67

IEEE standard for wireless network communications

Answer 67

802.11

Question 68

Wi-Fi deployment model where any two wireless networking devices can communicate without a centralized control authority

Answer 68

ad hoc mode

Question 69

Wi-Fi deployment model where a WAP is required and restrictions for wireless network access are enforced

Answer 69

Infrastructure

Question 70

a wireless deployment where there is a WAP connecting wireless clients to one another but not to any wired resources

Answer 70

standalone mode

Question 71

a wireless deployment where the WAP acts as a connection point to link the wireless clients to the wired network

Answer 71

wired extension

Question 72

a wireless deployment where multiple WAPs are used to connect a large physical area to the same network

Answer 72

enterprise extended mode

Question 73

a wireless deployment where a wireless connection links two different wired networks

Answer 73

bridge mode

Question 74

the SSID used by WiFi direct or ad hoc mode

Answer 74

ISSID - Independent service set identifier

Question 75

a formal assessment of wireless signal strength, quality, and interference using an RF signal detector

Answer 75

site survey

Question 76

a mapping of signal strength measurements over a building’s blueprint

Answer 76

heat map

Question 77

wireless authentication method that does not require authentication and sends data in the clear

Answer 77

OSA - open system authentication

Question 78

wireless authentication method that requires authentication before communications can occur

Answer 78

shared key authentication (SKA)

Question 79

a SKA protocol that uses a predefined shared RC4 secret key; extremely weak

Answer 79

WEP

Question 80

a SKA protocol that replaced WEP and negotiates a unique key set with each host. Uses RC4 nd TKIP or LEAP

Answer 80

WPA

Question 81

a SKA protocol that implements AES-CCMP encryption

Answer 81

WPA2

Question 82

a SKA protocol that uses 192-bit AES CCMP encryption and replaces preshared key authentication with Simultaneous Authentication of Equals (SAE)

Answer 82

WPA3

Question 83

a standard port-based network access control that ensures clients cannot communicate with a resource until proper authentication has taken place

Answer 83

802.1X/EAP

Question 84

encapsulates EAP methods within a TLS tunnel that provides authentication

Answer 84

Protected Extensible Authentication Protocol (PEAP)

Question 85

security standard that operates by auto-connecting and automatically authenticating the first new wireless client to initiate a connection to the network at the push of a button or remote PIN

Answer 85

WPS

Question 86

is WPS secure?

Answer 86

No, an attacker could brute force the PIN that could allow access to the network

Question 87

a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to unauthorized devices

Answer 87

Wireless MAC filter

Question 88

an authentication technique that redirects a newly connected client to a web-based portal access control page

Answer 88

captive portal

Question 89

4 radio frequency spectrum-use techniques

Answer 89

spread spectrum
FHSS - Frequency Hopping Spread Spectrum
DSSS - Direct Sequence Spread Spectrum
OFDM - Orthogonal Frequency-Division Multiplexing

Question 90

blue-tooth focused network packet capture

Answer 90

Bluesniffing

Question 91

a DoS attack against a Bluetooth device

Answer 91

Bluesmacking

Question 92

sending unsolicited messages to Bluetooth-capable devices

Answer 92

Bluejacking

Question 93

the unauthorized access of data via a Bluetooth connection

Answer 93

Bluesnarfing

Question 94

an attacker gains remote control over the hardware and software over a Bluetooth connection

Answer 94

Bluebugging

Question 95

wireless used by SCADA systems

Answer 95

Narrow-band wireless

Question 96

IoT wireless

Answer 96

Zibgee

Question 97

a collection of resource services deployed in numerous data centers to provide low latency, high performance, and high availability of hosted content.

Answer 97

content delivery network CDN

Question 98

a section of the organization’s network that has been sectioned off so that it acts as an intranet for the private network but also serves information to outsiders

Answer 98

extranet

Question 99

a special-purpose extranet that is designed specifically for low-trust and unknown users to access public facing services

Answer 99

DMZ, screened subnet

Question 100

network devices that operate at OSI layer 1 to strengthen the communication signal over a cable segment

Answer 100

RCAs - Repeaters, Concentrators, and Amplifiers

Question 101

network devices that operate at OSI layer 1 to connect multiple systems - create a single collision and broadcast domain

Answer 101

Hub

Question 102

a device that covers or modulates between an analog carrier signal and a ditial information

Answer 102

modem

most modern modems are actually routers

Question 103

a network device that connects two networks together; operate at OSI layer 2

Answer 103

bridge

Question 104

network devices that operate at OSI layer to to manage the transmission of frames via MAC addresses and can separate broadcast domains with the creation of VLANs

Answer 104

Switch

Question 105

network devices that operate at OSI layer 3 to control traffic flow based on IP addressing; connect networks together

Answer 105

Routers

Question 106

a network device that is a remote access, multilayer switch used to connect distant networks over WAN links

Answer 106

LAN extenders, WAN switch, WAN router

Question 107

a network device that is a remote access system deployed to make accessing other devices more secure

Answer 107

jumpbox

Question 108

a network device that collects information and transits it back to a central system for storage and analysis

Answer 108

Sensor

Question 109

a network device that gathers data into a log or record file; waits for specific activity, event, or traffic and then records it into a record file

Answer 109

Collector

Question 110

a device that takes numerous inputs and integrates them into a single data stream and can multiplex

Answer 110

aggregator

Question 111

the concept of controlling access to the environment through strict adherence to and enforcement of security policy

Answer 111

NAC Network Access Control

Question 112

what level of the OSI model do circuit-level firewalls operate on?

Answer 112

Layer 5

Question 113

a firewall deployed between internal network segments to prevent the further spread of malicious code

Answer 113

Internal Segmentation Firewall (ISFW)