flashcards
(75 cards)
1
Q
Which example of malicious code would be classified as a Trojan horse?
A
malware that was written to look like a video game
2
Q
What is the difference between a virus and a worm?
A
Worms self-replicate but viruses do not.
3
Q
Which attack involves a compromise of data that occurs between two end points?
A
man-in-the-middle attack
4
Q
Which type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?
A
reconnaissance
5
Q
A network engineer is examining the operating system of a network device for vulnerabilities
A
Technological weakness
6
Q
when implementing an access list on a router, a network engineer did not filter a type of malicious traffic
A
configuration weakness
7
Q
The network administrator did not fully consider the implications of unauthorized users
A
security policy weakness
8
Q
installing a virus code to destroy surveillance recordings for certain days
A
Data loss
9
Q
pretending to be someone else by using stolen personal information to apply for a credit card
A
Identity theft
10
Q
preventing users from a website by sending a large number of link requests in a short period
A
Disruption of service
11
Q
obtaining trade secret documents illegally
A
Information theft
12
Q
prevents or allows access based on port numbers used in the request
A
Application filtering
13
Q
Prevents or allows access based on whether the traffic is in response to requests from internal hosts.
A
Stateful packet inspection
14
Q
Prevents or allows access based on web addresses or keywords
A
URL filtering
15
Q
Prevents or allows access based on the IP or MAC addresses of the source and destination.
A
Packet filtering
16
Q
What is the purpose of the network security authentication function?
A
to require users to prove who they are
17
Q
Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?
A
stateful packet inspection
18
Q
When applied to a router, which command would help mitigate brute-force password attacks against the router?
A
login block-for 60 attempts 5 within 60
19
Q
create a local user
A
SSH configuration step 1
20
Q
Generate RSA keys
A
SSH configuration step 2
21
Q
configure a domain name
A
SSH configuration step 3
22
Q
Use the local login command
A
SSH configuration step 4
23
Q
use the transport input ssh command
A
SSH configuration step 5
24
Q
What feature of SSH makes it more secure than Telnet for a device management connection?
A
login information and data encryption
25
What is the advantage of using SSH over Telnet?
SSH provides secure communications to access hosts.
26
What is the role of an IPS?
detecting and blocking of attacks in real time
27
A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?
layered
28
What is an accurate description of redundancy?
designing a network to use multiple paths between switches to ensure there is no single point of failure
29
A network administrator is upgrading a small business network to give high priority to real-time applications traffic. What two types of network services is the network administrator trying to accommodate?
-voice
-video
30
What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?
to document and analyze network traffic requirements on each network segment
31
An administrator is testing connectivity to a remote device with the IP address 10.1.1.1. What does the output of this command indicate?
A router along the path did not have a route to the destination.
32
Which method is used to send a ping message specifying the source address for the ping?
Issue the ping command without specifying a destination IP address
33
A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?
an increase in host-to-host ping response times
34
Which statement is true about Cisco IOS ping indicators?
‘U’ may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.
35
A user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?
Nothing can be determined for sure at this point.
36
A network technician issues the C:\> tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?
It forces the trace to use IPv6.
37
Why would a network administrator use the tracert utility?
to identify where a packet was lost or delayed on a network
38
A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?
The network administrator wants to verify Layer 2 connectivity.
39
A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?
show cdp neighbors detail
40
What information about a Cisco router can be verified using the show version command?
the value of the configuration register
41
Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?
terminal monitor
42
Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?
terminal monitor
43
By following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?
Establish a theory of probable causes.
44
Users are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?
nslookup
45
An employee complains that a Windows PC cannot connect to the Internet. A network technician issues the ipconfig command on the PC and is shown an IP address of 169.254.10.3. Which two conclusions can be drawn? (Choose two.)
-The PC cannot contact a DHCP server
-The PC is configured to obtain an IP address automatically
46
Refer to the exhibit. Host H3 is having trouble communicating with host H1. The network administrator suspects a problem exists with the H3 workstation and wants to prove that there is no problem with the R2 configuration. What tool could the network administrator use on router R2 to prove that communication exists to host H1 from the interface on R2, which is the interface that H3 uses when communicating with remote networks?
an extended ping
47
Refer to the exhibit. Baseline documentation for a small company had ping round trip time statistics of 36/97/132 between hosts H1 and H3. Today the network administrator checked connectivity by pinging between hosts H1 and H3 that resulted in a round trip time of 1458/2390/6066. What does this indicate to the network administrator?
Something is causing a time delay between the networks
48
Which network service automatically assigns IP addresses to devices on the network?
DHCP
49
Which command can an administrator execute to determine what interface a router will use to reach remote networks?
show ip route
50
On which two interfaces or ports can security be improved by configuring executive timeouts?
-console ports
-vty ports
51
When configuring SSH on a router to implement secure network management, a network engineer has issued the login local and transport input ssh line vty commands. What three additional configuration actions have to be performed to complete the SSH configuration? (Choose three.)
-Generate the asymmetric RSA keys.
-Configure the correct IP domain name.
-Create a valid local username and password database.
52
What is considered the most effective way to mitigate a worm attack?
Download security updates from the operating system vendor and patch all vulnerable systems
53
Which statement describes the ping and tracert commands?
Tracert shows each hop, while ping shows a destination reply only.
54
A technician is to document the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would be best to use to securely access the network devices?
SSH
55
Which command has to be configured on the router to complete the SSH configuration?
transport input ssh
56
An administrator decides to use “WhatAreyouwaiting4” as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a passphrase.
57
An administrator decides to use “pR3s!d7n&0” as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a minimum of 10 numbers, letters and special characters.
58
An administrator decides to use “5$7*4#033!” as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it contains 10 numbers and special characters.
59
An administrator decides to use “pR3s!d7n&0” as the password on a newly installed router. Which statement applies to the password choice?
It is strong because it uses a minimum of 10 numbers, letters and special characters.
60
An administrator decides to use “12345678!” as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses a series of numbers or letters.
61
An administrator decides to use “admin” as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it is often the default password on new devices.
62
An administrator decides to use “Feb121978” as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses easily found personal information.
63
An administrator decides to use “password” as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it is a commonly used password.
64
An administrator decides to use “RobErT” as the password on a newly installed router. Which statement applies to the password choice?
It is weak since it uses easily found personal information.
65
An administrator decides to use “Elizabeth” as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it uses easily found personal information.
66
A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?
show ip interface brief
67
Students who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to use to accomplish the task?
show interfaces
68
A user wants to know the IP address of the PC. What is the best command to use to accomplish the task?
ipconfig
69
A student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the task?
copy running-config startup-config
70
A support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to use to accomplish the task?
ipconfig getifaddr en0
71
A network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to accomplish the task?
show ipv6 interface
72
A teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?
ipconfig
73
Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?
show running-config
74
An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?
nslookup
75
Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?
show running-config
