Page: 1
/ 32
Total 476 questions
An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server. Which of the following is the MOST likely mitigation for this reported item?
Answer : A
Explanation:
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch.A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be able to read SSL traffic, in a piece of software.
A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.
Which of the following protocols must be implemented in order for two switches to share
VLAN information?
Answer : A
Explanation:
The VLAN Trunking Protocol (VTP) allows a VLAN created on one switch to be propagated to other switches in a group of switches (that is, a VTP domain).
A technician would like to track the improvement of the network infrastructure after upgrades. Which of the following should the technician implement to have an accurate comparison?
Answer : C
Explanation:
In networking, baseline can refer to the standard level of performance ofa certain device or to the normal operating capacity for your whole network. High-quality documentation should include a baseline for network performance, because you and your client need to know what normal looks like in order to detect problems beforethey develop into disasters.
A network baseline delimits the amount of available bandwidth available and when. For networks and networked devices, baselines include information about four key components:
Processor -
Memory -
Hard-disk (or other storage) subsystem
Network adapter or subsystem -
A network technician receives the following alert from a network device:
"High utilizations threshold exceeded on gi1/0/24 : current value 9413587.54"
Which of the following is being monitored to trigger the alarm?
Answer : E
Explanation:
This is an error message that indicates that threshold of high utilization of network interface, in this case interfacegi1/0/24, has been exceeded. The message has been triggered on the interface link status.
Note: gi1/0 would be a gigabyte interface.
A company has implemented the capability to send all log files to a central location by utilizing an encrypted channel. The log files are sent to this location in order to be reviewed.
A recent exploit has caused the company's encryption to become unsecure. Which of the following would be required to resolve the exploit?
Answer : B
Explanation:
If the encryption is unsecure then we must look forencryption software updates or patches.
If they are available we must install them.
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability in a piece of software.
A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.
Network segmentation provides which of the following benefits?
Answer : A
Explanation:
Network segmentation in computer networking is the act or profession of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security through isolation.
Advantages of network segmentation:
Improved security: Broadcasts will be contained to local network. Internal network structure will not be visible from outside
Reduced congestion: Improved performance is achieved because on a segmented network there are fewer hosts per subnetwork, thus minimizing local traffic
Containing network problems: Limiting the effect of local failures on other parts of network
An administrator reassigns a laptop to a different user in the company. Upon delivering the laptop to the new user, the administrator documents the new location, the user of the device and when the device was reassigned. Which of the following BEST describes these actions?
Answer : B
Explanation:
Documenting the location, the user of the device and the date of the reassignment would be part of the asset management.
The best way to keep track of your computers and their configurations is to document them yourself. Large enterprise networks typically assign their own identification numbers to their computers and other hardware purchases as part of an asset management process that controls the entire life cycle of each device, from recognition of a need to retirement or disposal.
The administrator's network has OSPF for the internal routing protocol. One port going out to the Internet is congested. The data is going out to the Internet, but queues up before sending. Which of the following would resolve this issue?
Output:
Fast Ethernet 0 is up, line protocol is up
Int ip address is 10.20.130.5/25
MTU 1500 bytes, BW10000 kbit, DLY 100 usec
Reliability 255/255, Tx load 1/255, Rx load 1/255
Encapsulation ospf, loopback not set
Keep alive 10 -
Half duplex, 100Mb/s, 100 Base Tx/Fx
Received 1052993 broadcasts -
0 input errors
983881 packets output, 768588 bytes
0 output errors, 0 collisions, 0 resets
Answer : D
Explanation:
From the output we see that the half-duplex is configured. This would not use the full capacity of ports on the network. By changing to full duplex the throughput would be doubled.
Note: All communications are either half-duplex or full-duplex. During half-duplex communication, a device can either send communication or receive communication, but not both at the same time. In full-duplex communication, both devices can send and receive communication at the same time. This means that the effective throughput is doubled and communication is much more efficient.
Topic 3, Network security -
Which of the following concepts are MOST important for a company's long term health in the event of a disaster? (Select TWO).
Answer : A,C
Explanation:
In case of disaster you must protect yourdata. Some of the most common strategies for data protection include: backups made to tape and sent off-site at regular intervals backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk the use of high availability systems which keep both the data and system replicated off-site
(making the main site redundant), enabling continuous access to systems and data, even after a disaster.
A technician is setting up a computer lab. Computers on the same subnet need to communicate with each other using peer to peer communication. Which of the following would the technician MOST likely configure?
Answer : C
Explanation:
A host-based firewall is a computer running firewall softwarethat can protect the computer itself. A software firewall would be the most cost effective in a lab scenario.
Which of the following is a security benefit gained from setting up a guest wireless network?
Answer : B
Explanation:
A wireless guest network could be set up so that it has limited access (no access to local resources) but does provide Internet access for guest users. The corporate resources would be inaccessible (isolated) from the guest network.
A technician needs to install software onto company laptops to protect local running services, from external threats. Which of the following should the technician install and configure on the laptops if the threat is network based?
Answer : C
Explanation:
A host-based firewall is a computer running firewall software that can protect the computer itself. For example, it can prevent incoming connections to the computer and allow outbound communication only.
Packet analysis reveals multiple GET and POST requests from an internal host to a URL without any response from the server. Which of the following is the BEST explanation that describes this scenario?
Answer : A
Explanation:
As the extra unexplainable traffic comes from an internal host on your network we can assume that this host has been compromised.
If your system has been compromised, somebody is probably using your machine--possibly to scan andfind other machines to compromise
A technician needs to ensure that new systems are protected from electronic snooping of
Radio Frequency emanations. Which of the following standards should be consulted?
Answer : C
Explanation:
Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increasesecurity of data communications happening there.
An attacker has connected to an unused VoIP phone port to gain unauthorized access to a network. This is an example of which of the following attacks?
Answer : B
Explanation:
The VoIP phone port can be used to attack a VLAN on the local network.
VLAN hopping is a computer security exploit, a method of attacking networked resources on a Virtual LAN (VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.