Week 2

Question 1

What is a logical subgroup within a LAN that is created via software?

Answer 1

VLAN

Question 2

What is combining multiple physical links between two switches into one logical link called?

Answer 2

Link aggregation

Question 3

What controls link aggregation?

Answer 3

Link aggregation control protocol

Question 4

What is the biggest way to protect against unauthorized connections to a switch?

Answer 4

MAC filtering

Question 5

What does STP prevent?

Answer 5

-Broadcast storm
-switching loops
Within layer 2 networks

Question 6

What are the three types of access for remote access?

Answer 6

• admin access
• end user access
• limited (general) access

Question 7

What type(s) of VPN is transparent to servers?

Answer 7

Host-to-Gateway

Gateway-to-Gateway

Question 8

What type(s) of VPN is transparent to users?

Answer 8

Gateway-to-Gateway

Question 9

What type(s) of VPN(s) protects VPN endpoints?

Answer 9

• host to host
• host to gateway
• gateway to gateway

Question 10

What are the two forms of full virtualization?

Answer 10

• bare metal

- hosted solution

Question 11

What VLAN do you NOT use?

Answer 11

VLAN 1

Question 12

What do you use to create and run VM’s?

Answer 12

VSphere

Question 13

What is the function of VMKernel?

Answer 13

Run VM’s and manages host physical resources

Question 14

What are some threats to a VM?

Answer 14

• malicious insiders
• hijacked service accounts
• unknown risks of application being used with service
• misconfigurations

Question 15

How do you secure the OS?

Answer 15

• follow the STIG guidance
• install updates
• monitor the network
• delete unused VM’s

Question 16

What do you NOT use for backups?

Answer 16

Snapshots

Question 17

The MAC address change policy is set to what? To prevent?

Answer 17

• reject

- MAC spoofing

Question 18

What partitions server resources?

Answer 18

VMKernel Resource Manager

Question 19

What do routers do?

Answer 19

They are networking devices that forward, filter, and flood packets between networks.

Question 20

When you use the AAA banner, what would you see?

Answer 20

AAA Auhentication

Question 21

What banner would you see after logging in for shell prompt?

Answer 21

EXEC

Question 22

What is an ACL?

Answer 22

Log, deny traffic

Handles network traffic

Question 23

How do you read an ACL?

Answer 23

From the top down

Question 24

What mode do you create an ACL in?

Answer 24

Global config mode

Question 25

Two types of ACLs.

Answer 25

Standard | Extended

Question 26

Three types of router logs

Answer 26

AAA logs SNMP logs System logs

Question 27

What logs are persistent and long term?

Answer 27

Syslogs

Question 28

What are log messages that are stored in buffer?

Answer 28

Buffer logging

Question 29

Viewing method that pops up in the router where you can change passwords.

Answer 29

Console

Question 30

If you have the physical location of a router, what can you do?

Answer 30

Break boot sequence | Console recovery

Question 31

OSPF supports two kinds of authentication. What are they?

Answer 31

Plain text | MD5

Question 32

Mac filtering protects against?

Answer 32

MAC spoofing attacks | Unauthorized switches and hubs

Question 33

What allocates processor, memory, and storage resources for VM’s?

Answer 33

VMKernel Resource Manager

Question 34

Do you want CDP enabled or no? Why?

Answer 34

No. | When enabled, it can give out IOS version and allow network mapping

Question 35

What is the last rule on a firewall or ACL?

Answer 35

Deny

Question 36

How do you read an ACL and firewall?

Answer 36

From top to bottom

Question 37

Network packets that a ACL controls consist of:

Answer 37

- entering the inbound router interfaces - being relayed through the router - exiting the outbound router interface

Question 38

What kind of log for authentication events?

Answer 38

AAA log

Question 39

What kind of log shows changes sent to SNMP server?

Answer 39

SNMP logs

Question 40

There are Different types of firewalls. What type cares about individual connections and keeping track of state?

Answer 40

Stateful packets

Question 41

What monitors network layer traffic and acts as a bridge. It is also transparent.

Answer 41

Network access layer

Question 42

What type of proxy server is invisible to the client computer?

Answer 42

Transparent proxy

Question 43

What kind of proxy is sent directly to the proxy server instead of the internet?

Answer 43

Forward proxy

Question 44

Filters based on network, transport and application later

Answer 44

Application layer gateway

Question 45

What provides enhanced security by not exposing internal web servers to the internet?

Answer 45

Reverse proxy

Question 46

What are some built in protections to defend attacks on ISA server?

Answer 46

- DHCP poisoning - intrusion protection - spoof detection

Question 47

What are some general attacks that can occur on the firewall?

Answer 47

- worms - DoS/DDoS - DNS attacks

Question 48

What tools are used to identify unnecessary programs?

Answer 48

- netstat -a - Nessus - Isof -ia

Question 49

What is Netstat -a?

Answer 49

TCP utility program used to display network port connection status

Question 50

What is Nessus?

Answer 50

ACAS utility

Question 51

What is Isof -is?

Answer 51

Lists open files and resource usage

Question 52

What is the primary log used on he ISA server that shows web usage?

Answer 52

Web proxy

Question 53

What shows information about dropped packets?

Answer 53

Packet filter log

Question 54

The ISA server is configured to log by default the firewall service. True or false?

Answer 54

True

Question 55

What are the three A’s in AAA?

Answer 55

- Authentication - Authorization - Accounting

Question 56

What is he act of determining if a certain right or access can be granted?

Answer 56

Authorization

Question 57

What are the user authentication components?

Answer 57

- supplicant - authenticator - security authority

Question 58

What component is when the user is requesting identification and authentication?

Answer 58

Supplicant

Question 59

What component is when it provides resources to the client or authorizes to access the resources?

Answer 59

Authenticator

Question 60

What component stores user credentials?

Answer 60

Security Authority

Question 61

What are he three authentication methods with examples.

Answer 61

- knowledge: something you know - possession: something you have - inherence: something you are

Question 62

What does INFOCON stand for?

Answer 62

Information operations condition

Question 63

What is INFOCON similar to?

Answer 63

FPCON force protection condition

Question 64

What level is normal for INFOCON?

Answer 64

5

Question 65

Provide an example of mutual authentication

Answer 65

When you go to a website and the website has to verify its certificates and you have to verify yours. You authenticate each other

Question 66

Three kinds of access control

Answer 66

- mandatory - discretionary - role based

Question 67

What access control is label-based?

Answer 67

Mandatory access control