Professional Documents
Culture Documents
Netsec PreFinal and Final Answers
Netsec PreFinal and Final Answers
True
Refers to the information system which ensures that the information remains
accurate.
Integrity
Any form of security incident that is properly handled can and eventually will turn
into a bigger problem.
False
Which of the following is not a way on improving basic security. (Choose all that
applies)
a.
Use easy to remember password
b.
Ignore Updates
c.
Reuse password
d.
Download software to any website available
It has an additional ability where they can modify security settings of a software.
Spyware
Attack that send an email that contains attachment that loads malware onto your
computer
Phishing
An attack that allows any unauthorized users a way or passage to get inside a
restricted area.
Tailgating
Which of these are not part of security model that is very popular to information
security.
Assurance
Adware is a type of malware that restricts user access to the computer either by
encrypting files on the hard drive or locking down the system
False
Worm has the ability to replicate itself without a host program and spread
independently while viruses rely on human activity to spread and damage a system or
file.
True
It serves as a proof and verifies that you are the person you say you are or what
you claim to be.
Authentication
Information policy where the data should be access by an authorized person/s only.
Confidentiality
It is a combined set of components for collecting, storing and processing data and
for providing information, facts and knowledge.
Information System
Which of these are not part of the reason why network security is important (Choose
all that applies)
a.
To expose company assets
b.
To keep your job as network administrator
c.
To gain a competitive advantage
d.
To take advantage of competitors confidential information
Which of these are not part of the reason why we need to secure our network?
To exploit vulnerabilities in the system
Areas of Security Trinity where they need to have a good security measures to avoid
hackers from getting access to the network.
Prevention
Availability refers to the ability of a network to protect its information from any
unauthorized access.
False
It has a vital role in an information system because it is the one that allows a
company to link their computers and its users
Network
System that plays a vital part in Network security since it is the information that
an organization is trying to protect and avoid from any unauthorized access
Information
Any form of security incident that is not properly handled can and eventually wont
turn into a bigger problem that will lead to a damaging data breach and wont cause
large amount of expense or it will collapse the whole system
False
System that are intended to manage the computer itself such as the operating
system.
System Software
It will help the company to provide a better strategy in keeping a data secured
while avoiding intruders to alter or steal important and confidential information.
Security Trinity
Two different devices can communicate with each other regardless of the
manufacturer as long as they have the same protocol.
True
What are the signs and symptoms that your device/s are getting infected by any
malware. (Choose all that applies)
a.
Increased CPU usage
b.
Software freezes or crashes
c.
Appearance of strange desktop icons
d.
Slower computer performance
These layers work together to transmit the data from one person to another world
wide.
OSI Layer
It provides data routing paths where data will take for network communication.
Network Layer
This layer involves devices such as router, UTP Cables and other networking devices
to transfer data.
Physical Layer
These are what make networks prone to information loss and downtime
Vulnerabilities
Worms can be classified as a type of computer virus that needs a third party or a
user to replicate and spread through the system.
False
Type of malware that may contain an attachment to an email that loads malware onto
your computer system.
Phishing
Which of the following are the commands for disabling a port in a Network Switch.
Choose any that Apply
SWITCH 1>enable
SWITCH 1#configure terminal
SWITCH 1(config)#interface f0/2
SWITCH 1(config-if)#shutdown
SWITCH>enable
SWITCH#config term
SWITCH(config)#interface range f0/4-8
SWITCH(config-if-range)#shutdown
This service is the one responsible for handling connections to a remote network
resources.
Workstation service
Without this service on your environment, you won't be able to share any of your
resources
Server service
It ensure that the essential and vital services are only running on the system
Services running
Which of the following are not part of the steps in order to harden your system.
Choose only one.
Uninstall Necessary Software
Computer settings
A popular feature of Windows that allows you to harden multiple systems quickly.
Security Templates
is a crucial security update that you should always apply to your system
Security hot-fix
It is a core feature of Windows that allow the network administrator to enable and
disable different features in Windows
Group Policy
File system that has a features like permissions, encryption, quotas, and auditing
services.
NTFS
It is a security concern because most scripting languages can make some alteration
to your system.
Scripting
To avoid and prevent this type of attack, users should always choose the "Remember
Me" option when logging in to any web site.
False
very single application must go through the options and check whether each
application is configured in the most secure state.
True
These are logon information from all the websites you visit and is stored in memory
on computer
Cookies
It is a restricted area with a resource that these Java applications can access.
Sandbox
SMTP and FTP are used to transfer information over a computer network.
True
It can manipulate your system including the deletion of the important files on your
computer.
ActiveX controls
Always disable unnecessary features of the web server that are not going to be used
True
It is the idea of developing a database system to store and retrieve large volumes
of data
NoSQL database
Developers should always implement validation at both the client and the server to
obtain high level of security.
True
Software that makes each network devices works and do its job is called?
Firmware
Software vendors used to find out about the vulnerabilities of their system after
receiving some reports from their users.
True
Which of these are not part of the two categories of Group Policy. (Choose any that
applies)
Window settings
Security settings
it is a type of reports that is only used to notify the system administrator that
there's a change occurred in the system.
Alerts
Networking device that has a filtering feature where it sends the traffic only to
the port of the destination device.
Switch
Networking device that sends the packets to every one of its ports to ensure that
it will reach its intended destination.
Hub
It can limit which devices can connect to a specific port on the switch by listing
specific MAC addresses with the port.
Port security
You can configure user rights on the system, auditing, and other security settings
such as creating a logon banner
Local Policies
It means that the developer checks all the data to make sure that the information
provided by the user in the application is valid and correct.
Input Validation
True or False? IEEE 802.1X may use TACACS+ to communicate the EAP identity to the
authentication server.
False
Which of the following best describes the difference between authentication and
authorization?
Authentication validates the user's identity, whereas authorization determines what
that user is permitted to do.
What is the name of the "secure cookie" used with EAP-FAST that can be used in lieu
of a certificate, or even in addition to a certificate?
Protected access credential (PAC)
Which of the following protocols is best suited for authenticating and authorizing
a user for network access AAA?
RADIUS
True or False? MSCHAPv2 may be used to perform machine authentication with an LDAP
connection to Active Directory.
False
Which of the following protocols is best suited for granular command level control
with device administration AAA?
TACACS+
Why is RADIUS or TACACS+ needed? Why can't the end user authenticate directly to
the authentication server?
Both RADIUS and TACACS+ extend the Layer-2 authentication protocols, allowing the
end user to communicate with an authentication server that is not Layer-2 adjacent
Which of the following are types of AAA as related to the topics of this exam?
Device administration
Network access
True or False? A tunneled EAP type is able to use native EAP types as its inner
method.
True
Which of the following Cisco products should be used for device administration with
TACACS+?
Cisco Secure Access Control Server (ACS)
Which of the following are TACACS+ messages sent from the AAA client to the AAA
server? (Select all that apply.)
START
When using RADIUS, what tells the AAA server which type of action is being
authenticated?
The Service-Type field.
When configuring a Cisco switch for 802.1X, at which level of the configuration do
the 802.1X-related commands exist?
Both at global configuration level as well as per interface.
When configuring a Cisco Wireless LAN Controller (WLC) for communication with ISE,
what must be configured for the wireless LAN (WLAN)? (Choose two.)
The authentication and authorization RADIUS servers can be pointed to the same ISE
PSN.
What is the purpose of adding a user with the username radiustest password password
command?
The switch can send periodic RADIUS Access-Requests to the AAA servers to verify
whether they are still alive. The username and password will be used for that test.
True or False? 802.1X can be configured on all switch interfaces, including Layer-3
interfaces.
False
Which command on a Cisco switch will display the current status of the AAA
server(s)?
show aaa servers
Which command will validate that authentications are being attempted, which
authentications are successful, and which authorization results have been assigned?
show authentication session interface <interface>
True or False? The profiling service is enabled by default on ISE policy service
nodes.
False
Name three ways in which an endpoint profile can be used in an authorization policy
rule?
Endpoint identity groups
EndPointPolicy attribute
Logical profiles
Which ISE tool enables an administrator to drill down in to the profiles that have
been assigned to locate a specific endpoint with that profile?
Endpoints Drill-down
True or False? ISE deployments must wait for Feed Service updates for new profiles.
False
What will happen when an ISE administrator has modified a profile and then a Feed
Service update is downloaded that contains an updated version of that profile?
All nonconflicting profiles will be downloaded and installed. The conflicting
profiles will be ignored.