Domain 2.1 Install and configure network components, both hardware- and software based, to support organizational security.

Question 1

Number 1 VPN tunnel in the world

Answer 1

IPSEC

Question 2

What is a piece of hardware designed to protect one network from another?

Answer 2

Firewall

Question 3

What does a Packet filtering firewall filter traffic based on?

Answer 3

– Source and Destination IP
– Port Numbers
– Protocols Used

Question 4

What is another name for a layer 7 firewall?

Answer 4

Application Firewall - Opens and inspects every packet on layer 7 of the OSI model.

Question 5

Stateful Inspection Firewall

Answer 5

Keeps a state table to track every communication channel.

Question 6

A list of rules that determine what traffic to block, and what to allow

Answer 6

Access Control List (ACL)

Question 7

what locally installed security control is Used to prevent application specific protocol and payload attacks?

Answer 7

Application Firewall

Question 8

A hardware device designed for general network filtering.

– Provides protection for the network.

Answer 8

Network Firewall

Question 9

_______ firewalls analyzes packets on an individual basis against the filtering ACL.

Answer 9

Stateless

Question 10

Unless some traffic is explicitly allowed it will be Denied.

Answer 10

Implicitly denied

Question 11

what is a VPN?

Answer 11

A secure tunnel through an unsecured internet.

Question 12

What does a VPN do?

Answer 12

Secures the private network, using encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted

Question 13

VPN concentrator

Answer 13

Gives all the VPNs a label.

Question 14

Site-to-Site VPN

Answer 14

Site-to-site refers to the connection of separate sites through a VPN.

Question 15

Remote access VPN

Answer 15

Remote Access refers to connecting single entities or hosts through a VPN.

Question 16

At what layer of the OSI model does a VPN operate?

Answer 16

Layer 3 - Network layer.

Question 17

An IPSEC VPN tunnel uses ___ by default.

Answer 17

AES - Advanced Encryption Standard.

Question 18

What part of the packet does AH encapsulate

Answer 18

the outside of the packet

Question 19

What does ESP do?

Answer 19

ESP encapsulates the data inside the packet.

Question 20

using a pre-existing VPN tunnel to exchange keys is called.

Answer 20

IKE

Question 21

ISAKMP

Answer 21

a VPN tunnel setup to send symmetric keys across.

Question 22

IPSEC Tunnel mode

Answer 22

Encrypts the Header, payload and Footer.

Question 23

IPSEC Transport mode

Answer 23

Encrypts only the payload of the packets.

Question 24

What type of tunnel routes all traffic across the tunnel?

Answer 24

A full tunnel

Question 25

What type of tunnel routes only specific traffic across the tunnel, and routes internet bound traffic outside of the tunnel.

Answer 25

Split tunnel

Question 26

What layer of the OSI model does TLS operate on?

Answer 26

Layer 4 - The Transport Layer

Question 27

Host based Intrusion detection system (HIDS)

Answer 27

an IDS installed on your specific computer

Question 28

Network Based intrusion detection system (NIDS)

Answer 28

an IDS on the network, protecting all devices on your network.

Question 29

What device analyzes data, logs attacks, and notifies you.

Answer 29

Intrusion Detection System

Question 30

what is a HoneyPot?

Answer 30

A server setup to entice an attacker.

Question 31

What device analyzes data and prevents attack, and notifies you.

Answer 31

IPS - Intrusion Prevention System.

Question 32

NIPS

Answer 32

Network Intrusion Prevention System

Question 33

HIPS

Answer 33

Host intrusion Prevention System

Question 34

a known attack

Answer 34

a signature based attack

Question 35

requires a baseline to evaluate for normal or abhorrent operation

Answer 35

Behavior based IPS/IDS

Question 36

Compares suspicious programs vs known malware

Answer 36

Heuristics ("watching trends" on the exam)

Question 37

A flagged event that isn’t really an event and has been falsely triggered

Answer 37

False positive

Question 38

An event that should be flagged but isn’t.

Answer 38

False negative

Question 39

firewalls have _____ and routers have ____

Answer 39

firewalls have RULES and routers have ACLs

Question 40

Port Security AND wireless security

Answer 40

802.1X

Question 41

RADIUS port

Answer 41

port 1812

Question 42

A _________ switch works on Layer 2 and Layer 3 of the OSI Model.

Answer 42

Multilayer Switch / Layer 3 Switch

Question 43

Cisco proprietary Loop prevention

Answer 43

Spanning Tree Protocol (STP)

Question 44

Flood Gaurd

Answer 44

Stops buffer overflow - A flood guard will prevent your system or network from accepting more than it can handle

Question 45

a packet that is 9000 bytes

Answer 45

a Jumbo packet

Question 46

A ______ _______ goes to the internet on your behalf.

Answer 46

A Proxy Server

Question 47

a Proxy server ________ the websites you visit most often

Answer 47

Caches/stores

Question 48

what does a load balancer do?

Answer 48

routes traffic to multiple servers to ensure availability

Question 49

Active-Active

Answer 49

If one goes down the other is already active and in use.

Question 50

Active-passive

Answer 50

If one goes down the second/backup will activate and begin usage.

Question 51

Access Point

Answer 51

A device that creates a wireless local area network, or WLAN, usually in an office or large building. (For testing purposes it is a network extender)

Question 52

802.11a

Answer 52

54 Mbps - 5 GHz

Question 53

802.11b

Answer 53

11 Mbps - 2.4 GHz

Question 54

802.11g

Answer 54

54 Mbps - 2.4 GHz

Question 55

802.11n

Answer 55

200+ Mbps - 2.4 GHz or 5 GHz or both

Question 56

802.11n uses a unique technology called?

Answer 56

uses MIMO - two or more antenna. multiple input multiple output.

Question 57

The name of your wireless network

Answer 57

Service Set identifier (SSID)

Question 58

Each host is allowed or denied based on their mac address.

Answer 58

MAC filtering

Question 59

According to CompTIA there are 3 wireless channels you can use.

Answer 59

1, 6, and 11

Question 60

what antenna type goes 360 degrees

Answer 60

omni-directional - rubber-duck

Question 61

a direction antenna does what?

Answer 61

forces the signal in one direction, and since it is focusing the signal, it can cover a greater distance with a stronger signal. also called a YAGI antenna.

Question 62

Security Information and Event Management (SIEM)

Answer 62

provide real-time analysis of security alerts that are flagged by network appliances and software applications (aggregation.)

Question 63

write-once-read-many (WORM)

Answer 63

is built into many SIEMS. means that once the data is written you should not be able to edit it.

Question 64

What is DLP?

Answer 64

Data Loss Prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed.

Question 65

What is Tripwire?

Answer 65

File Integrity Verifier (VIF), that is utilized in a DLP environment. It will inform you if anyone accessed data.

Question 66

Network Access Control

Answer 66

a set of standards defined by the network for clients attempting to access it so that only known devices meeting specified requirements can connect. (similar to 802.1x)

Question 67

SSL Accelerators

Answer 67

Since encrypting data is very processor intensive, accelerators can be used to offload the public-key encryption to a hardware accelerator, which is a separate plug-in card (usually into a PCI slot).

Question 68

trusted platform module

Answer 68

a chip on the motherboard called a crypto-processor that performs encryption and decryption,

Question 69

Bitlocker

Answer 69

a microsoft program used for whole disk or full disk encryption.

Question 70

``` Which of the following devices is typically used to provide protection at the edge of the network attack surface? A. Firewall B. Router C. Switch D. VPN concentrator ```

Answer 70

A. Firewall

Question 71

``` In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be configured to provide remote access? (Select TWO). A. Subnetting B. NAT C. Firewall D. NAC E. VPN ```

Answer 71

C. Firewall | E. VPN

Question 72

``` What type of wireless antenna can be used to send or receive signals in any direction? A. Cantenna B. Yagi C. Rubber duck D. Panel ```

Answer 72

C. Rubber duck

Question 73

``` You have recently had some security breaches in the network. You suspect the cause might be a small group of employees. You want to implement a solution that monitors incoming external traffic. Which of the following devices would you use? A. A router B. A network-based IDS C. A VPN D. A host-based IDS ```

Answer 73

B. A network-based IDS