Chapter 6 Networking Protocols and Threats Review Flashcards
A person attempts to access a server during a zone transfer to get access to a zone file. What type of server are they trying to manipulate?
A. Proxy server
B. DNS server
C. File server
D. Web server
B. DNS server
DNS servers are the only types of servers listed that do zone transfers. The purpose of accessing the zone file is to find out what hosts are on the network.
What TCP port does LDAP use?
A. 389
B. 80
C. 443
D. 143
A. 389
The Lightweight Directory Access Protocol (LDAP) uses port TCP 389.
Port 80 is HTTP
Port 443 is HTTPS
Port 143 is used by IMAP
From the list of ports select two that are used for email? (Select the two best)
A. 110
B. 3389
C. 143
D. 389
A. 110
C. 143
POP3 uses port 110 and IMAP uses 143
3389 is used for Remote Desktop Protocol (RDP)
389 is used for LDAP
What port number does the Domain Name System use?
A. 53
B. 80
C. 110
D. 88
A. 53
DNS is 53
HTTP is 80
POP3 is 110
Keberos is 88
If a person takes control of a session between a server and a client, it is known as what type of attack?
A. DDoS
B. Smurf
C. Session hijacking
D. Malicious software
C. Session hijacking
Session Hijacking or (TCP/IP Hijacking) is when an unwanted mediator takes control of a session between a client and a server (for example, an FTP or HTTP Session).
Making data appear as if it os coming from somewhere other than its original source is known as what?
A. Hacking
B. Phishing
C. Cracking
D. Spoofing
D. Spoofing
Spoofing is when a malicious user makes data or email appear to be coming from somewhere else.
A coworker goes to a website but notices that the browser brings her to a different website and that the URL has changed. What type of attack is this?
A. DNS poisoning
B. Denial of Service
C. Buffer Overflow
D. ARP Poisoning
A. DNS poisoning
DNS poisoning can occur at a DNS server and affect all clients on the network. It can also occur at the individual computer. Another possibility is that spyware has compromised the browser.
DoS attack that attempts to stop a server from functioning.
A buffer overflow is an attack that, for example could be perpetuated on a web page
ARP Poisoning is the poisoning of an ARP table, creating confusion when it comes to IP address-to-MAC address resolutions.
For a remote tech to log in to a user’s computer in another state, what inbound port must be open on the user’s computer?
A. 21
B. 389
C. 3389
D. 8080
C. 3389
Port 3389 must be open onto inbound side of the user’s computer to enable a remote tech
When users in your company attempt to access a particular website, the attempts are redirected to a spoofed website. What are two possibilities?
A. DoS
B. DNS Poisoning
C. Modified hosts file
D. Domain name kiting
B. DNS Poisoning
C. Modified hosts file
Domain Kiting is when a person renews and cancels domains within five-day periods.
Don must configure his firewall to support TACACS+. Which port(s) should he open on his firewall?
A. Port 53
B. Port 49
C. Port 161
D. Port 22
B. Port 49
Port 53 is DNS
Port 161 is SNMP
Port 22 SSH
Which of the following ports is used by Kerberos by default?
A. 21
B. 80
C. 88
D. 443
C. 88
88=Keberos
21= FTP
80=HTTP
443=HTTPS
Which of the following is the best option of you are trying to monitor network devices?
A. SNMP
B. Telnet
C. FTPS
D. IPsec
A. SNMP
Simple Network Management Protocol is the best protocol to use to monitor network devices.
Telnet is a deprecated protocol that is used to remotely administer network devices.
IPsec is used to secure VPN connections and other IP connections.
Which port number is used by SCP?
A. 22
B. 23
C. 25
D. 443
A. 22
23=Telnet
25=SMTP
443=HTTPS
Which of the following is the most secure protocol for transferring files?
A. FTP
B. SSH
C. FTPS
D. Telnet
C. FTPS
Which of the following protocols allow for the secure transfer of files? (Select the two best answers)
A. SNMP B. SFTP C. TFTP D. SCP E. ICMP
B. SFTP
D. SCP
The Secure FTP (SFTP) and Secure Copy (SCP) Protocol provide for the secure transfer of files.
ICMP is the protocol initiated by ping to invoke responses from other computers
Trivial FTP is not secure by default.
