Review 10

Question 1

Which of the following is a benefit of hardening?

Reduced Attack Surface

Improved Data Protection

Enhanced System Stability

All of the above

Answer 1

All of the above

Benefits of hardening include reduced attack surface, improved data protection, and enhanced system stability.

Question 2

Deploying systems in a secure configuration is known as ___________.

network hardening

device hardening

application hardening

system hardening

Answer 2

device hardening

Question 3

Which authentication service is a web page that pops up when you access a public Wi-Fi?

Kerberos

IEEE 802.1x

Captive Portal

SSO

Answer 3

Captive Portal

Question 4

Where are certificates obtained from?

Digital Certificate Infrastructure

Public Certificate Store

Digital Certificate Vendor

Public Key Infrastructure

Answer 4

Digital Certificate Vendor

Question 5

Which type of switch port security automatically adds MAC addresses?

Dynamic locking

Static locking

Automatic locking

Combination locking

Answer 5

Dynamic locking

Question 6

What term describes the verification of the provided identification credentials?

Confirmation

Authentication

Identification

Authorization

Answer 6

Authentication

Question 7

Which switch attack associates the attacker’s MAC address with the IP address of target’s device?

VLAN Hopping

MAC spoofing

MAC flooding

ARP poisoning

Answer 7

ARP poisoning

Question 8

When utilizing ‘Defense in Depth’, which type of security control would be utilized at the Perimeter level?

ACLs

VLANs

Antivirus

Firewalls

Answer 8

Firewalls

Question 9

Which switch port security violation mode is the default violation mode?

Restrict mode

Protect mode

Report mode

Shutdown mode

Answer 9

Shutdown mode

Question 10

Which type of authentication utilizes a three-way handshake (challenge/response) authentication protocol for remote access connections?

CHAP

Kerberos

MS-CHAP

EAP

Answer 10

CHAP

Question 11

Which of the following is NOT a firewall misconfiguration?

Failure to apply an implicit deny

Overly permissive ACL

Overly prohibitive ACL

Failure to apply an implicit allow

Answer 11

Failure to apply an implicit allow

Question 12

Which type of authentication is normally used when joining a VPN?

802.1x

EAP

Kerberos

Remote authentication

Answer 12

Remote Authentication

Question 13

Which term describes granting users just enough rights to perform their job?

Separation of Duties

Principle of Least Privilege

Privileged Access

Role-Based Access Control

Answer 13

Principle of Least Privilege

Question 14

When utilizing ‘Defense in Depth’, which type of security control would be utilized at the Application level?

Antivirus

Firewalls

ACLs

VLANs

Answer 14

Antivirus

Question 15

Which type of switch port security manually adds MAC addresses?

Combination locking

Static locking

Automatic locking

Dynamic locking

Answer 15

Static locking

Question 16

Which AAA system is often used in authenticating administrative access to routers and switches?

802.1x

EAP

TACACS+

RADIUS

Answer 16

TACACS+

Question 17

A _____________ is a digital document that is altered in such a way that it could have come only from the subject identified in the certificate.

digital certificate

unique signature

digital signature

verifiable certificate

Answer 17

digital signature

Question 18

Which of the following is NOT an authentication method?

Something you make

Something you know

Something you do

Something you are

Answer 18

Something you make

Question 19

What term describes a distributed access method that allows a subject to log in (sign on) once to a network and access all authorized resources on the network?

Captive portal

Mutual authentication

SSO

Distributed authorization

Answer 19

SSO

Question 20

When utilizing ‘Defense in Depth’, which type of security control would be utilized at the Data level?

ACLs

Antivirus

Firewalls

VLANs

Answer 20

ACLs