Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 12: Network Security

Full screen (f)
exit full mode
Question
The network administrator configures a VPN tunnel from a remote office to the main facility.A problem has occurred in the link.Which are the main steps the administrator should take to resolve the problem? (Select all that apply.)

A)Check the source and destination IP address of the tunnel configured on the router.
B)Make sure the IP addresses on the ends of the tunnel are not in the same subnet.
C)Make sure the IP addresses on the ends of the tunnel are in the same subnet.
D)Use the show access-list command to verify the routers are properly configured.
Use Space or
up arrow
down arrow
to flip the card.
Question
A network administrator is considering placing a firewall on an internal file server in the network.What is the purpose of the firewall,and is it important for the firewall to be stateful?

A)The purpose of the firewall is to hide the file server from the outside but still allow traffic to pass to the outside and back. The firewall must be stateful so that it keeps track of data packet flow.
B)The purpose of the firewall is to protect the file server from the outside but still allow traffic to pass to the outside and back. The firewall should not be stateful unless the file server is not secure.
C)The purpose of the firewall is to protect the file server from the outside but still allow traffic to pass to the outside and back. The firewall must be stateful so that it keeps track of data packet flow.
D)The purpose of the firewall is to hide the file server from the inside but allow traffic to pass to the outside. The firewall must be stateful so that it keeps track of data packet flow.
Question
What ACL entry would eliminate the effect of the implicit deny?

A)permit ip any any
B)permit all
C)permit any
D)permit traffic all
Question
What wireless security technology replaces WEP as the main security mechanism?

A)WPA
B)WEP2
C)SSID
D)MACSEC
Question
What technology or technologies use the AAA protocol framework?

A) RADIUS
B) TACACS+
C) Both RADIUS and TACACS+
D) Neither RADIUS nor TACACS+
Question
Why would a network administrator configure access lists to filter data packets on a routers interface?

A)This is a last choice because viruses are transported via the Internet.
B)This is a good step, but packets should be avoided when configuring access lists.
C)This technique helps to minimize data spikes.
D)This can be used to limit data packets that enter the network.
Question
When would a network administrator use L2TP?

A)When configuring routing for a network
B)When configuring a remote user's tunneling protocol
C)To block ICMP packets from coming into a network
D)To help with packet filtering
Question
Authentication methods are based on _______.

A) Something you have
B) Something you want
C) Someone you know
D) None of the above
Question
The network management is concerned about intrusion problems.The network administrator recommends intrusion detection be placed on the network.This will do which of the following? (Select all that apply.)

A)This system will provide IP address information of all possible threats in the network.
B)This system will monitor data packets passing through the network and identify potential attacks.
C)This system will cut down any unnecessary TCP data traffic and convert it to UDP.
D)This system will potentially catch ongoing attacks.
Question
Where might you place servers that require access from the public network?

A)A test lab
B)A safe zone
C)A DMZ
D)A protected hub
Question
Which of the following is a Linux-based port scanner that is now ported to most all operating systems?

A)SNMP
B)TRACE
C)NMAP
D)ICMP
Question
A dictionary attack is being used by an attacker to break into a network.What does this mean?

A)The attacker is using a secret list of code words.
B)The attacker is using only uppercase letters for common words.
C)The attacker is using only lowercase letter for unknown words.
D)The attacker is using known passwords and many variations of upper- and lowercase combinations.
E)All of these answers are correct.
Question
The network administrator suspects that packet sniffing is being used to capture data packets in the network.The network administrator is using an SSH connection for all critical applications,and switches are being used on all network connections.Should the network administrator be concerned?

A)No, the SSH connection is fully encrypted and this cannot be decoded.
B)Yes, the SSH connection is not very strong and parts are in plain text.
C)No, the time required to decode the SSH is too lengthy to be a threat.
D)Yes, the network administrator should be concerned if someone is suspected of having internal access.
Question
There is a new virus reported on the Internet.What steps should the network administrator take to protect the network from the threat?

A)Convert all operating systems to Linux.
B)Make sure antivirus software is installed with the most current version.
C)Use a personal firewall.
D)Use firewall software that permits only trusted sites.
Question
A user who can view a network file but cannot change it lacks which of the following?

A) Authorization
B) Authentication
C) Accounting
D) Access
Question
Single sign-on (SSO)allows a user to do which of the following?

A) Access all authorized services and systems.
B) Access just email, with only one login per week.
C) Administrator access to all services and systems.
D) None of the above is correct.
Question
A network administrator is concerned that the network is vulnerable to a denial-of-service attack.What steps should be taken to reduce this threat? (Select all that apply.)

A)Use access lists to allow only sources from the network to enter the router's interfaces.
B)Set up a spoofing account so that the attacker doesn't know which machine to attack.
C)There isn't a way to reduce this threat.
D)Configure the router to block directed broadcasts to the network.
E)Prevent intrusions.
Question
An attacker to a network is using social engineering to attack a network.This means which of the following? (Select all that apply.)

A)The attacker claims to be from network support.
B)The attacker is sifting through discarded trash.
C)The attacker uses a dictionary attack.
D)The attacker uses packet sniffing.
Question
Which is not a stage of forensics examination?

A)Review
B)Analysis
C)Containment
D)Collection
Question
Verifying a username and password is part of which process?

A) Authorization
B) Authentication
C) Accounting
D) Permissions
Question
Network operations documentation includes which of the following?

A) Asset management
B) Network drawings and diagrams
C) Vendor documentation
D) All of the above
Question
What is the name for the process of keeping track of user network activity?

A) Network accounting
B) Net-logging
C) Sys-logging
D) Net-tracking
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/22
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 12: Network Security
1
The network administrator configures a VPN tunnel from a remote office to the main facility.A problem has occurred in the link.Which are the main steps the administrator should take to resolve the problem? (Select all that apply.)

A)Check the source and destination IP address of the tunnel configured on the router.
B)Make sure the IP addresses on the ends of the tunnel are not in the same subnet.
C)Make sure the IP addresses on the ends of the tunnel are in the same subnet.
D)Use the show access-list command to verify the routers are properly configured.
A, C
2
A network administrator is considering placing a firewall on an internal file server in the network.What is the purpose of the firewall,and is it important for the firewall to be stateful?

A)The purpose of the firewall is to hide the file server from the outside but still allow traffic to pass to the outside and back. The firewall must be stateful so that it keeps track of data packet flow.
B)The purpose of the firewall is to protect the file server from the outside but still allow traffic to pass to the outside and back. The firewall should not be stateful unless the file server is not secure.
C)The purpose of the firewall is to protect the file server from the outside but still allow traffic to pass to the outside and back. The firewall must be stateful so that it keeps track of data packet flow.
D)The purpose of the firewall is to hide the file server from the inside but allow traffic to pass to the outside. The firewall must be stateful so that it keeps track of data packet flow.
C
3
What ACL entry would eliminate the effect of the implicit deny?

A)permit ip any any
B)permit all
C)permit any
D)permit traffic all
A
4
What wireless security technology replaces WEP as the main security mechanism?

A)WPA
B)WEP2
C)SSID
D)MACSEC
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
5
What technology or technologies use the AAA protocol framework?

A) RADIUS
B) TACACS+
C) Both RADIUS and TACACS+
D) Neither RADIUS nor TACACS+
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
6
Why would a network administrator configure access lists to filter data packets on a routers interface?

A)This is a last choice because viruses are transported via the Internet.
B)This is a good step, but packets should be avoided when configuring access lists.
C)This technique helps to minimize data spikes.
D)This can be used to limit data packets that enter the network.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
7
When would a network administrator use L2TP?

A)When configuring routing for a network
B)When configuring a remote user's tunneling protocol
C)To block ICMP packets from coming into a network
D)To help with packet filtering
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
8
Authentication methods are based on _______.

A) Something you have
B) Something you want
C) Someone you know
D) None of the above
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
9
The network management is concerned about intrusion problems.The network administrator recommends intrusion detection be placed on the network.This will do which of the following? (Select all that apply.)

A)This system will provide IP address information of all possible threats in the network.
B)This system will monitor data packets passing through the network and identify potential attacks.
C)This system will cut down any unnecessary TCP data traffic and convert it to UDP.
D)This system will potentially catch ongoing attacks.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
10
Where might you place servers that require access from the public network?

A)A test lab
B)A safe zone
C)A DMZ
D)A protected hub
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following is a Linux-based port scanner that is now ported to most all operating systems?

A)SNMP
B)TRACE
C)NMAP
D)ICMP
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
12
A dictionary attack is being used by an attacker to break into a network.What does this mean?

A)The attacker is using a secret list of code words.
B)The attacker is using only uppercase letters for common words.
C)The attacker is using only lowercase letter for unknown words.
D)The attacker is using known passwords and many variations of upper- and lowercase combinations.
E)All of these answers are correct.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
13
The network administrator suspects that packet sniffing is being used to capture data packets in the network.The network administrator is using an SSH connection for all critical applications,and switches are being used on all network connections.Should the network administrator be concerned?

A)No, the SSH connection is fully encrypted and this cannot be decoded.
B)Yes, the SSH connection is not very strong and parts are in plain text.
C)No, the time required to decode the SSH is too lengthy to be a threat.
D)Yes, the network administrator should be concerned if someone is suspected of having internal access.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
14
There is a new virus reported on the Internet.What steps should the network administrator take to protect the network from the threat?

A)Convert all operating systems to Linux.
B)Make sure antivirus software is installed with the most current version.
C)Use a personal firewall.
D)Use firewall software that permits only trusted sites.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
15
A user who can view a network file but cannot change it lacks which of the following?

A) Authorization
B) Authentication
C) Accounting
D) Access
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
16
Single sign-on (SSO)allows a user to do which of the following?

A) Access all authorized services and systems.
B) Access just email, with only one login per week.
C) Administrator access to all services and systems.
D) None of the above is correct.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
17
A network administrator is concerned that the network is vulnerable to a denial-of-service attack.What steps should be taken to reduce this threat? (Select all that apply.)

A)Use access lists to allow only sources from the network to enter the router's interfaces.
B)Set up a spoofing account so that the attacker doesn't know which machine to attack.
C)There isn't a way to reduce this threat.
D)Configure the router to block directed broadcasts to the network.
E)Prevent intrusions.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
18
An attacker to a network is using social engineering to attack a network.This means which of the following? (Select all that apply.)

A)The attacker claims to be from network support.
B)The attacker is sifting through discarded trash.
C)The attacker uses a dictionary attack.
D)The attacker uses packet sniffing.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
19
Which is not a stage of forensics examination?

A)Review
B)Analysis
C)Containment
D)Collection
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
20
Verifying a username and password is part of which process?

A) Authorization
B) Authentication
C) Accounting
D) Permissions
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
21
Network operations documentation includes which of the following?

A) Asset management
B) Network drawings and diagrams
C) Vendor documentation
D) All of the above
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
22
What is the name for the process of keeping track of user network activity?

A) Network accounting
B) Net-logging
C) Sys-logging
D) Net-tracking
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree