Question 1

ICMP can be best described as the second part of a three-way TCP handshake sent in response to a SYN.

Accepted Answer

A) True 
 B)False

Question 2

Wireless 802.11 networks generally have a range of ________.

Accepted Answer

A)  5 to 10 meters 
B)  10 to 30 meters 
C)  15 to 45 meters 
D)  None of the above 
A)  5 to 10 meters 
B)  10 to 30 meters 
C)  15 to 45 meters 
D)  None of the above

Question 3

WEP mandates shared keys.

Accepted Answer

A) True 
 B)False

Question 4

Which of the following measures offers strong security?

Accepted Answer

A)  Turning off SSID broadcasting 
B)  MAC access control lists 
C)  Both A and B 
D)  Neither A nor B 
A)  Turning off SSID broadcasting 
B)  MAC access control lists 
C)  Both A and B 
D)  Neither A nor B

Question 5

An indirect attack occurs when an attacker tries to flood a victim with a stream of packets directly from the attacker's computer.

Accepted Answer

A) True 
 B)False

Question 6

In ________, users authenticate themselves to the access point via the use of a single, shared initial key.

Accepted Answer

A)  WEP 
B)  802.11i pre-shared key mode 
C)  WPA pre-shared key mode 
D)  All of the above. 
A)  WEP 
B)  802.11i pre-shared key mode 
C)  WPA pre-shared key mode 
D)  All of the above.

Question 7

"Breadth of the perimeter" is a phrase used by network administrators to convey that creating a 100% secure network is possible.

Accepted Answer

A) True 
 B)False

Question 8

A ________ is an older attack that uses an illegally large IP packet to crash an operating system.

Accepted Answer

A)  smurf flood 
B)  P2P redirect 
C)  ping of death 
D)  None of the above 
A)  smurf flood 
B)  P2P redirect 
C)  ping of death 
D)  None of the above

Question 9

In addition to deauthenticate messages, an attacker could flood wireless clients with ________.

Accepted Answer

A)  RTS 
B)  CTS 
C)  Both A and B 
D)  Neither A nor B 
A)  RTS 
B)  CTS 
C)  Both A and B 
D)  Neither A nor B

Question 10

________ is called Port-Based Access Control.

Accepted Answer

A)  802.11i 
B)  802.1X 
C)  Both A and B 
D)  Neither A nor B 
A)  802.11i 
B)  802.1X 
C)  Both A and B 
D)  Neither A nor B

Question 11

An EAP failure message is sent to the ________.

Accepted Answer

A)  authentication server 
B)  authenticator 
C)  client 
D)  Any of the above 
A)  authentication server 
B)  authenticator 
C)  client 
D)  Any of the above

Question 12

Rogue access points are authorized access points set up by individuals or departments.

Accepted Answer

A) True 
 B)False

Question 13

After gaining wireless access to the private network, the attach can ________.

Accepted Answer

A)  cause harm to internal clients 
B)  steal data 
C)  launch external attacks 
D)  All of the above 
A)  cause harm to internal clients 
B)  steal data 
C)  launch external attacks 
D)  All of the above

Question 14

Traditionally, Ethernet LANs offered no access security.

Accepted Answer

A) True 
 B)False

Question 15

CTS frames tell other clients that you have received a RTS frame.

Accepted Answer

A) True 
 B)False

Question 16

________ are an additional layer of compromised hosts that are used to manage large groups of bots.

Accepted Answer

A)  Botnets 
B)  Handlers 
C)  Phatbots 
D)  None of the above 
A)  Botnets 
B)  Handlers 
C)  Phatbots 
D)  None of the above

Question 17

Some writers prefer to turn off SSID broadcasting.

Accepted Answer

A) True 
 B)False

Question 18

An EAP message begins with an ________ message.

Accepted Answer

A)  EAP request 
B)  EAP accept 
C)  EAP start 
D)  EAP response 
A)  EAP request 
B)  EAP accept 
C)  EAP start 
D)  EAP response

Question 19

Which of the following is a benefit of using a central authentication server in 802.1X?

Accepted Answer

A)  Reduced cost 
B)  Consistency in authentication 
C)  Immediacy in access control changes 
D)  All of the above 
A)  Reduced cost 
B)  Consistency in authentication 
C)  Immediacy in access control changes 
D)  All of the above

ICMP can be best described as the second part of a three-way TCP handshake sent in response to a SYN.

Wireless 802.11 networks generally have a range of ________.

WEP mandates shared keys.

Which of the following measures offers strong security?

An indirect attack occurs when an attacker tries to flood a victim with a stream of packets directly from the attacker's computer.

In ________, users authenticate themselves to the access point via the use of a single, shared initial key.

"Breadth of the perimeter" is a phrase used by network administrators to convey that creating a 100% secure network is possible.

A ________ is an older attack that uses an illegally large IP packet to crash an operating system.

In addition to deauthenticate messages, an attacker could flood wireless clients with ________.

________ is called Port-Based Access Control.

An EAP failure message is sent to the ________.

Rogue access points are authorized access points set up by individuals or departments.

After gaining wireless access to the private network, the attach can ________.

Traditionally, Ethernet LANs offered no access security.

CTS frames tell other clients that you have received a RTS frame.

________ are an additional layer of compromised hosts that are used to manage large groups of bots.

Some writers prefer to turn off SSID broadcasting.

An EAP message begins with an ________ message.

Which of the following is a benefit of using a central authentication server in 802.1X?

The Threat Environment

Planning and Policy

Cryptography

Access Control

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters

Exam 4: Secure Networks

ICMP can be best described as the second part of a three-way TCP handshake sent in response to a SYN.

Wireless 802.11 networks generally have a range of ________.

WEP mandates shared keys.

Which of the following measures offers strong security?

An indirect attack occurs when an attacker tries to flood a victim with a stream of packets directly from the attacker's computer.

In ________, users authenticate themselves to the access point via the use of a single, shared initial key.

"Breadth of the perimeter" is a phrase used by network administrators to convey that creating a 100% secure network is possible.

A ________ is an older attack that uses an illegally large IP packet to crash an operating system.

In addition to deauthenticate messages, an attacker could flood wireless clients with ________.

________ is called Port-Based Access Control.

An EAP failure message is sent to the ________.

Rogue access points are authorized access points set up by individuals or departments.

After gaining wireless access to the private network, the attach can ________.

Traditionally, Ethernet LANs offered no access security.

CTS frames tell other clients that you have received a RTS frame.

________ are an additional layer of compromised hosts that are used to manage large groups of bots.

Some writers prefer to turn off SSID broadcasting.

An EAP message begins with an ________ message.

Which of the following is a benefit of using a central authentication server in 802.1X?

The Threat Environment

Planning and Policy

Cryptography

Access Control

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters