Domain 4: (Communication & Network Security)

Question 1

What enables network segmentation at a high scale, overcomes VLAN scale limitations, and is a tunneling protocol that encapsulates layer 2 in a UDP packet?

Answer 1

VXLAN
Virtual Extensible LAN

Question 2

What enables the network to be intelligently and centrally controlled using software, and can reprogram the data plane?

Answer 2

Software Defined Networks
SDN

Question 3

What are some vulnerabilities for a software defined network?

Answer 3

Man-in-the-middle attack
Denial of Service

Question 4

What enables users in branch offices to remotely connect to an enterprise’s network, allows use of many network services (MPLS, LTE) to securely connect users to apps, and security is mainly based on IPsec, VPN, and NGFWs.

Answer 4

Software Defined Wide-Area Networks
SD-WAN

Question 5

What uses and only needs LEDs to transmit data, can safely function in areas otherwise susceptible to electromagnetic interference, and can transmit at speeds of up to 100 Gbit/s.

Answer 5

Light Fidelity
LiFi

Question 6

What is a short-range wireless personal area network technology developed to support automation, machine-to-machine communication, remote control, and monitoring of IoT devices?

Answer 6

Zigbee
Personal Area Network

Question 7

What supports centralized and distributed security models, mesh topology, and assumes that symmetric keys used are transmitted securely for IoT devices?

Answer 7

Zigbee

Question 8

What is a geographically distributed network of proxy servers and their data centers, delivers content spatially relative to users, and have been targeted to inject malicious content into pages?

Answer 8

Content Delivery Networks
CDN

Question 9

What are the seven layers of the OSI model in order.

Answer 9

Physical
Data Link
Network
Transport
Session
Presentation
Application

Question 10

What protocol is on TCP and operates on port 20/21?

Answer 10

File Transfer Protocol
FTP

Question 11

What protocol is on TCP and operates on port 22?

Answer 11

Secure Shell
SSH

Question 12

What protocol is on TCP and operates on port 23?

Answer 12

Telnet

Question 13

What protocol is on TCP and operates on port 25?

Answer 13

Simple Mail Transfer Protocol
SMTP

Question 14

What protocol is on TCP/UDP and operates on port 53?

Answer 14

Domain Name System
DNS

Question 15

What protocol is on UDP and operates on port 67/68?

Answer 15

Dynamic Host Configuration Protocol
DHCP

Question 16

What protocol is on UDP and operates on port 69?

Answer 16

Trivial File Transfer Protocol
TFTP

Question 17

What protocol is on TCP and operates on port 80?

Answer 17

Hypertext Transfer Protocol
HTTP

Question 18

What protocol is on TCP and operates on port 110?

Answer 18

Post Office Protocol
POP3

Question 19

What protocol is on UDP and operates on port 123?

Answer 19

Network Time Protocol
NTP

Question 20

What protocol is on TCP/UDP and operates on port 137/138/139?

Answer 20

NetBIOS

Question 21

What protocol is on TCP and operates on port 143?

Answer 21

Internet Message Access Protocol
IMAP

Question 22

What protocol is on TCP/UDP and operates on port 161/162?

Answer 22

Simple Network Management Protocol
SNMP

Question 23

What protocol is on TCP and operates on port 179?

Answer 23

Border Gateway Protocol
BGP

Question 24

What protocol is on TCP/UDP and operates on port 389?

Answer 24

Lightweight Directory Access Protocol
LDAP

Question 25

What protocol is on TCP and operates on port 443?

Answer 25

HTTPS

Question 26

What protocol is on TCP/UDP and operates on port 636?

Answer 26

LDAP over TLS/SSL

Question 27

What protocol is on TCP and operates on port 989/990?

Answer 27

FTP over TLS/SSL

Question 28

What is the TCP/IP stack?

Answer 28

Link
Internet
Transport
Application

Question 29

Where does layers 5-7 from the OSI model sit on the TCP/IP stack?

Answer 29

Application

Question 30

Where does layer 4 sit on the TCP/IP stack?

Answer 30

Transport

Question 31

Where does layer 3 sit on the TCP/IP stack?

Answer 31

Network

Question 32

Where does layer 1-2 sit on the TCP/IP stack?

Answer 32

Link

Question 33

What are the characteristics of TCP over UDP?

Answer 33

Connection Oriented
Byte stream
No support for multicasting/broadcasting
Supports full duplex transmission
Reliable service of data transmission
TCP packet is called a segment
Provides error detection and flow control

Question 34

What are the characteristics of UDP over TCP?

Answer 34

Connection-less protocol
Message stream
Supports multicasting/broadcasting
No support for full duplex transmission
Unreliable service of data transmission
UDP packet is called a datagram
No support for error detection and flow control

Question 35

What UTP cable type supports up to 100Mbps and is used for Ethernet, FastEthernet, and Token Rings

Answer 35

CAT5

Question 36

What UTP cable type supports up to 1 Gbps and is used for Ethernet, FastEthernet, and Gigabit Ethernet?

Answer 36

CAT5e

Question 37

What UTP cable type supports up to 10 Gbps and is used for Gigabit Ethernet, and 10G Ethernet (55 meters)

Answer 37

CAT6 & CAT6a

Question 38

What UTP cable type supports up to 10 Gbps and is used for Gigabit Ethernet, and 10G Ethernet (100 meters)

Answer 38

CAT7

Question 39

What network topology employs a centralized connection device, can be a simple hub or switch, and each sys is connected to the central hub by a dedicated segment?

Answer 39

Star Topology

Question 40

What network topology connects systems to all other systems using numerous paths and provides redundant connections to systems, allowing multiple segment failures without badly affecting connectivity?

Answer 40

Mesh Topology

Question 41

What is a ring base network topology, that connects each sys as points on a circle, acts as a unidirectional transmission loop, and only one sys can transmit data at a time while traffic management is performed by a token.

Answer 41

Ring Topology

Question 42

What topology connects each sys to a trunk or backbone cable, and can transmit data simultaneously which can result in collisions.

Answer 42

Bus Topology

Question 43

What communications method relies on a timing or clocking mechanism based on either an independent clock or time stamp embedded in the data stream and are able to support very high rates of data transfers.

Answer 43

Synchronous communications

Question 44

What communications method relies on a stop and start delimiter bit to manage the transmission of data and is best suited for smaller amounts of data.

Answer 44

Asynchronous communications

Question 45

What can only support a single communication channel, uses a direct current applied to the cable, and is a form of digital signal.

Answer 45

Baseband

Question 46

What can support multiple simultaneous signals, uses frequency modulation to support numerous channels, is suitable for high throughput rates, and is a form of analog signal.

Answer 46

Broadband

Question 47

What technology supports communications to all possible recipients?

Answer 47

Broadcast

Question 48

What technology supports communications to multiple specific recipients?

Answer 48

Multicast

Question 49

What technology support only a single communication to a specific recipient?

Answer 49

Unicast

Question 50

What was developed to decrease the chances of collisions when two or more stations start sending their signals for the datalink layer and requires that each station first check the state of the medium before sending?

Answer 50

Carrier Sense Multiple Access
CSMA

Question 51

What attempts to avoid collisions by granting only a single permission to communicate at any given time?

Answer 51

CSMA/CA

Question 52

What responds to collisions by having each member of the collision domain wait for a short but random period of time before starting the process over?

Answer 52

CSMA/CD

Question 53

What are the characteristics of CSMA/CD?

Answer 53

Effective after a collision
Used in wired networks
Reduces recovery time
Resends the data frame whenever a conflict occurs
Used in 802.3 standard
More efficient than simple CSMA

Question 54

What are the characteristics of CSMA/CA?

Answer 54

Effective before a collision
Used in wireless networks
Minimized the possibility of collision
Will first transmit the intent to send for data transmission
Used in 802.11 standard
Similar to simple CSMA

Question 55

What performs communications using a digital token and once its transmission is complete it releases the token to the next sys.

Answer 55

Token Passing

Question 56

What performs communications using a master-slave configuration where the primary system polls each secondary sys in turn whether they have a need to transmit data.

Answer 56

Polling

Question 57

What can prevent collisions in rink networks?

Answer 57

Token Passing

Question 58

What is a private network that is designed to host the same info services found on the internet?

Answer 58

Intranet

Question 59

What is a section of an organization’s network that has been sectioned off to act as an intranet for the private network but also serves information to the public internet?

Answer 59

Extranet

Question 60

What is an extranet for public consumption?

Answer 60

Demilitarized Zone/Perimiter Network
DMZ

Question 61

What is used to control traffic and isolate static/sensitive environments?

Answer 61

DMZ

Question 62

What technique is where a person pushes unsolicited messages to engage or annoy other nearby bluetooth users by taking advantage of a loophole in the technology’s messaging options?

Answer 62

Bluejacking

Question 63

What technique is where thieves wirelessly connect to some early bluetooth-enabled mobile devices without the owner’s knowledge to download and/or alter phonebooks, calendars, etc?

Answer 63

Bluesnarfing

Question 64

What attack grants hackers remote control over the feature and functions of a bluetooth device?

Answer 64

Bluebugging

Question 65

What 802.11 standard runs at 54 Mbps with 5GHz?

Answer 65

802.11a

Question 66

What 802.11 standard runs at 11 Mbps with 2.4GHz?

Answer 66

802.11b

Question 67

What 802.11 standard runs at 54 Mbps with 2.4GHz?

Answer 67

802.11g

Question 68

What 802.11 standard runs at 200+ Mbps with 2.4GHz?

Answer 68

802.11n

Question 69

What 802.11 standard runs at 1 Gbps with 5GHz?

Answer 69

802.11ac

Question 70

What was created to replace WEP without the need to replace legacy hardware and was implemented into 802.11 wireless networking under the name WPA?

Answer 70

Temporal Key Integrity Protocol
TKIP

Question 71

What was created to replace WEP and TKIP/WPA and uses AES with a 128-bit key, also known as WPA2.

Answer 71

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
CCMP

Question 72

What is a form of network data storage solution that allows for high-speed file transfers?

Answer 72

Fibre Channel

Question 73

What is used to encapsulate Fire Channel communications over Ethernet networks?

Answer 73

Fibre Channel over Ethernet
FCoE

Question 74

What is a networking storage standard based on IP?

Answer 74

Internet Small Computer System Interface
iSCSI

Question 75

What is the process of investigating the presence, strength, and reach of wireless access points deployed in an environment?

Answer 75

Site Survey

Question 76

What is a Cisco proprietary alternative to TKIP for WPA and was developed to address deficiencies in TKIP before the 802.11i/WPA2 system was ratified as a standard?

Answer 76

Lightweight Extensible Authentication Protocol
LEAP

Question 77

What encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption?

Answer 77

Protected Extensible Authentication Protocol
PEAP

Question 78

What is an authentication framework that allows for new authentication technologies to be compatible with existing wireless or point-to-point connection technologies?

Answer 78

Extensible Authentication Protocol
EAP

Question 79

What is a list of authorized wireless client interface MAC addresses and is used by a wireless access point to block access to all nonauthorized devices?

Answer 79

MAC Filtering

Question 80

What is an authentication technique that redirects a newly connected wireless web client to a portal access control page?

Answer 80

Captive Portals

Question 81

What antenna type reaches multiple frequencies and commonly used for TV and RFID systems and is Omnidirectional if horizontally mounted.

Answer 81

Loop

Question 82

What antenna type is omnidirectional and can send and receive signals in all directions perpendicular to the line of the antenna itself?

Answer 82

Monopole

Question 83

What antenna type is omnidirectional, can generate a powerful signal in a restricted space, and is composed of two monopoles.

Answer 83

Dipole

Question 84

What antenna type is directional and are flat devices that focus from only one side of the panel.

Answer 84

Panel

Question 85

What antenna type is directional and are used to focus signals from very long distances or weak sources.

Answer 85

Parabolic

Question 86

What antenna type is directional and is crafted from a straight bar with cross sections to catch specific radio frequencies in the direction of the main bar.

Answer 86

Yagi

Question 87

What antenna type is directional and is created from tubes with one sealed end and focuses along the directions of the open end of the tube.

Answer 87

Cantenna

Question 88

What is used to strengthen the communication signal over a cable segment as well as connect network segments that use the same protocol and operates at layer one.

Answer 88

Repeaters, Concentrators, and Amplifiers

Question 89

What is used to connect two networks in order to connect network segments that use the same protocol and operates at layer two.

Answer 89

Bridges

Question 90

What are used to connect multiple systems and connect network segments that use the same protocol, is a multiport repeater, and operate at layer one.

Answer 90

Hubs

Question 91

What is a remote access, multilayer switch used to connect distant networks over WAN links?

Answer 91

LAN Extenders

Question 92

What technology uses virtual circuits instead of dedicated physical circuits and is more efficient and cost effective?

Answer 92

Packet-switching

Question 93

What are some packet-switching technologies?

Answer 93

X.25 Frame Relay
Asynchronous transfer mode (ATM)
Synchronous Data Link Control (SDLC)
High-Level Data Link Control (HDLC)

Question 94

What type of firewall operates at layer 3 and up, and filters traffic by examining data from a message header?

Answer 94

Static Packet-Filtering Firewall

Question 95

What firewall operates at layer 7 and filters traffic based on a single internet service, protocol, or application?

Answer 95

Application-Level Firewalls

Question 96

What firewall operates at layer 5 and is used to establish connection sessions between trusted partners?

Answer 96

Circuit-Level Firewalls

Question 97

What firewall evaluates the state, session, or the context of network traffic?

Answer 97

Stateful Inspection Firewalls

Question 98

What firewall is used to filter the payload contents of a communication rather than only on the header values and operates at layer 7?

Answer 98

Deep Packet Inspection Firewalls

Question 99

What firewall state can watch network and restrict/block packets based on source and destination addresses or other static values, isn’t aware of traffic patterns or data flows, and typically faster and perform better under heavier traffic loads.

Answer 99

Stateless

Question 100

What firewall state can watch traffic streams from end to end and are aware of communication paths and can implement various IP security functions such as tunnels and encryption.

Answer 100

Stateful

Question 101

What can protect web apps by filtering and monitoring HTTP traffic between a web app and the internet, and usually protects web apps from common attacks like XSS, CSRF, and SQL injection.

Answer 101

Web Application Firewall
WAF

Question 102

What can perform a deep-packet inspection that moves beyond port/protocol inspection and blocking and adds app-level inspection, intrusion prevention, and brings intelligence from outside the firewall.

Answer 102

Next Generation Firewall
NGFW

Question 103

What method can detect protocol non-compliance, spam, viruses, and intrusions and inspects/filters both the header and payload of a packet.

Answer 103

Deep Packet Inspection

Question 104

What is a multifunction device composed of several security features in addition to a firewall?

Answer 104

Unified Threat Management
UTM

Question 105

What allows private subnets to communicate w/ other cloud services and the internet but hides the internal network from internet users and has the network access control list for the private subnets?

Answer 105

Network Access Translation Gateway
NAT

Question 106

What looks at the content on the requested web page and blocks request depending on filters?

Answer 106

Content/URL Filter

Question 107

What type of software is where the vendor makes the license freely available and allows access to the source code but there is not vendor support?

Answer 107

Open Source

Question 108

What type of software is more expensive but tend to provide more/better protection and more functionality and support at a cost?

Answer 108

Proprietary

Question 109

What analyses whole packets, both header and payload, looking for known events and when a knowns event is detected, a log message is generated.

Answer 109

Intrusion Detection System
IDS

Question 110

What analyses whole packets, both header and payload, looking for known events, and when a know event is detected, the packet is rejected.

Answer 110

Intrusion Prevention System
IPS

Question 111

What type of IDS creates a baseline of activity to identify normal behavior and then measures system performance against the baseline to detect abnormal behavior?

Answer 111

Behavior based

Question 112

What IDS uses signatures similar to the signature definitions used by anti-malware software?

Answer 112

Knowledge based

Question 113

What computer or appliance that is exposed on the internet and has been hardened by removing all unnecessary elements?

Answer 113

Bastion Hosts

Question 114

What is a firewall-protected system logically positioned just inside a private network?

Answer 114

Screened Host

Question 115

What is a DoS attack that involves sending fragmented packets to a target machine, which causes the packets to overlap one another and crash the target network device?

Answer 115

Teardrop Attack

Question 116

What is a DoS attack that involves sending large amounts of spoofed UDP traffic to a router’s broadcast address within a network?

Answer 116

Fraggle Attack

Question 117

What is a layer 4 DoS attack in which, the attacker sets the source and destination info of a TCP segment to be the same, which will cause a machine to crash or freeze due to the packet being repeatedly processed by the TCP stack.

Answer 117

Land Attack

Question 118

What is a form of a DoS attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the sys unresponsive to legitimate traffic?

Answer 118

SYN Flood Attack

Question 119

What attack employs an oversized ping packet?

Answer 119

Ping of Death