Data Link Layer enables data transfer between two devices on the same network.

True

Based with SANS Technology Institute, it is the process of making preventative

measures to keep the underlying networking infrastructure from any unauthorized
access.
Network Security

Type of software that is often called as end-user programs.

Application Software

Refers to the information system which ensures that the information remains
accurate.
Integrity

An attack where the hacker mimics another employee in the company.

Impersonation

It is an end-to-end layer used to deliver messages to a host

Transport Layer

An abbreviation that is consider as the brains of the computer.

CPU

It is designed to appear as a legit program to gain access to a network.

Trojan Horse

OSI Layer that is sometimes called HCI layer.

Application Layer

Any form of security incident that is properly handled can and eventually will turn
into a bigger problem.
False

Which of the following is not a way on improving basic security. (Choose all that
applies)
a.
Use easy to remember password

b.
Ignore Updates

c.
Reuse password

d.
Download software to any website available

This attack tries to defeat an authentication mechanism by systematically entering

each word in a dictionary as a password.
Dictionary Attack

It has an additional ability where they can modify security settings of a software.
Spyware

It's anything that can interrupt the operation, functioning, integrity, or

availability of a network or system.
Threat
It is a security solution by organization to notice any malicious activity in a
network.
Network Detection

This attack uses any password-cracking software to mathematically calculate every

possible password.
Brute-Force Attack

Attack that send an email that contains attachment that loads malware onto your
computer
Phishing

An act that exploits a weakness in a system.

Attack

Is any program that is harmful to a computer user.

Malware

A software that can detect malware.

Antivirus Software

An attack that allows any unauthorized users a way or passage to get inside a
restricted area.
Tailgating

Which of these are not part of security model that is very popular to information
security.
Assurance

it is the one managing the computer hardware resources in addition to applications

and data.
Operating System

Adware is a type of malware that restricts user access to the computer either by
encrypting files on the hard drive or locking down the system
False

It is the foundation for all security policies.

Security Trinity

Worm has the ability to replicate itself without a host program and spread
independently while viruses rely on human activity to spread and damage a system or
file.
True

Is the process of using social skills to encourage people to disclose their

credentials
Social Engineering

This is a way of adding secondary layer of security to your account password.

Two-factor authentication

It serves as a proof and verifies that you are the person you say you are or what
you claim to be.
Authentication

Layer that is responsible for establishing and maintaining connections.

Session Layer
This attack happens when the attacker or hacker sends too much information to the
application causing it to overflow
Buffer Overflow

It is sometimes called TCP hijacking attack.

Man-in-the-middle attack

Information policy where the data should be access by an authorized person/s only.
Confidentiality

It is a combined set of components for collecting, storing and processing data and
for providing information, facts and knowledge.
Information System

Combination of brute force and dictionary attack.

Hybrid Attack

A set of instructions and execute a specific task/s

Software

Which of these are not part of the reason why network security is important (Choose
all that applies)
a.
To expose company assets

b.
To keep your job as network administrator

c.
To gain a competitive advantage

d.
To take advantage of competitors confidential information

In implementing network security, company should invest more in preventing or

avoiding any security breach over detecting and responding to any form of attack
True

It is the connection of two or more computer that share its resources

Network

It is a type of an injection attack that makes it possible to insert and execute

malicious SQL statements
SQL Injection

It determines whether you are allowed to access a specific information or file.

authorization

Which of these are not part of the reason why we need to secure our network?
To exploit vulnerabilities in the system

An information that is only accessed by an authorized person.

Confidential information

Internet is an example of a network.

True

Areas of Security Trinity where they need to have a good security measures to avoid
hackers from getting access to the network.
Prevention

Availability refers to the ability of a network to protect its information from any
unauthorized access.
False

It is the network security solution by an institute to

any malicious activity in a network.
detect

It is considered as a crucial part of information systems

Security

It has a vital role in an information system because it is the one that allows a
company to link their computers and its users
Network

System that plays a vital part in Network security since it is the information that
an organization is trying to protect and avoid from any unauthorized access
Information

Any form of security incident that is not properly handled can and eventually wont
turn into a bigger problem that will lead to a damaging data breach and wont cause
large amount of expense or it will collapse the whole system
False

System that are intended to manage the computer itself such as the operating
system.
System Software

It is the tangible parts of a computer system.

Hardware

It is the process of taking preventative measures to keep the network

infrastructure from any unauthorized access, misuse of important information
Network Security

It is a model designed to guide policies for information security within an

organization.
CIA Triad Information Security

It ensures that the information in an information system is accurate.

Integrity

It is a structured procedure for taking care of any security incidents, breaches,

and network threats.
Response

It will help the company to provide a better strategy in keeping a data secured
while avoiding intruders to alter or steal important and confidential information.
Security Trinity

How many key phases are there in an incident response plan ?

6

Big corporations are not at risks to any form of security breach.

False

It has been developed by ISO in the year 1984.

OSI Reference Model

Two different devices can communicate with each other regardless of the
manufacturer as long as they have the same protocol.
True

It is a set of standards that are widely used as a basis for communication.

Protocol

SQL stands for?

Structured Query Language

What are the signs and symptoms that your device/s are getting infected by any
malware. (Choose all that applies)
a.
Increased CPU usage

b.
Software freezes or crashes

c.
Appearance of strange desktop icons

d.
Slower computer performance

Which of the following are not part of OSI Layer?

Transfer Layer

These layers work together to transmit the data from one person to another world
wide.
OSI Layer

It provides data routing paths where data will take for network communication.
Network Layer

This layer involves devices such as router, UTP Cables and other networking devices
to transfer data.
Physical Layer

These are what make networks prone to information loss and downtime
Vulnerabilities

A type of malware that automatically sends advertisements to the users.

Adware

It may contain phishing scams and malware.

Spam

This layer is also called human-computer interaction layer.

Application Layer

It pretends to be a legitimate programs in order to gain access to a system.

Trojan Horse

It is anything that can disrupt the operation, functioning, integrity, or

availability of a network or system
Threat
Brute force attack are often successful because most of the users uses different
ordinary words as their passwords.
False

Worms can be classified as a type of computer virus that needs a third party or a
user to replicate and spread through the system.
False

Type of malware that may contain an attachment to an email that loads malware onto
your computer system.
Phishing

any program design to damage specific file or computer system.

Malware

It is an act that exploits a vulnerability.

Attack

Which of the following are the commands for disabling a port in a Network Switch.
Choose any that Apply
SWITCH 1>enable
SWITCH 1#configure terminal
SWITCH 1(config)#interface f0/2
SWITCH 1(config-if)#shutdown

SWITCH>enable
SWITCH#config term
SWITCH(config)#interface range f0/4-8
SWITCH(config-if-range)#shutdown

This service is the one responsible for handling connections to a remote network
resources.
Workstation service

Without this service on your environment, you won't be able to share any of your
resources
Server service

It ensure that the essential and vital services are only running on the system
Services running

Which of the following are not part of the steps in order to harden your system.
Choose only one.
Uninstall Necessary Software

It is a standard configuration that is approved by any company for a specific type

of system or device for being secure
Security baseline

Two Categories of a Group Policy. Choose any that apply.

User settings

Computer settings

A popular feature of Windows that allows you to harden multiple systems quickly.
Security Templates

is a crucial security update that you should always apply to your system
Security hot-fix

It is a core feature of Windows that allow the network administrator to enable and
disable different features in Windows
Group Policy

Is a service responsible for sending messages to other computers or users.

Messenger service

It is a software service that manages the process of printing in the Windows

environment.
Print Spooler service

NTFS and FAT/FAT32 is an example of?

File system

File system that has a features like permissions, encryption, quotas, and auditing
services.
NTFS

Large volume of data is also known as

Big Data

It is an advanced method of handling an error.

Exception handling

The following codes is an example of?

Try
MessageBox.Show(cdbl(txtTotalValue.text) + cdbl(txtTotalVAT.text))
Catch ex as InvalidCastException
MessageBox.Show("Please supply 2 numbers as input")
Catch ex as Exception
MessageBox.Show("An error has occurred. Please try again.")
End Try
try/catch block

It is a security concern because most scripting languages can make some alteration
to your system.
Scripting

To avoid and prevent this type of attack, users should always choose the "Remember
Me" option when logging in to any web site.
False

very single application must go through the options and check whether each
application is configured in the most secure state.
True

These are logon information from all the websites you visit and is stored in memory
on computer
Cookies

It is a restricted area with a resource that these Java applications can access.
Sandbox

SMTP and FTP are used to transfer information over a computer network.
True

It is another term for a runtime error

Exception

It can manipulate your system including the deletion of the important files on your
computer.
ActiveX controls

It is a special system used in industrial environments and settings to monitor

their operations
SCADA

Always disable unnecessary features of the web server that are not going to be used
True

It is the idea of developing a database system to store and retrieve large volumes
of data
NoSQL database

Developers should always implement validation at both the client and the server to
obtain high level of security.
True

Software that makes each network devices works and do its job is called?
Firmware

It is an advanced method of error handling.

Exception handling

Software vendors used to find out about the vulnerabilities of their system after
receiving some reports from their users.
True

Which of these are not part of the two categories of Group Policy. (Choose any that
applies)
Window settings

Security settings

it is a type of reports that is only used to notify the system administrator that
there's a change occurred in the system.
Alerts

Another term for Port security.

MAC limiting

It is a core feature of Windows that permits the network administrator to enable

and disable different features in Windows
Group Policy

It is a type of reporting method that is used to report critical events that

typically require some form of actions from the system or network administrator.
Alarms

Networking device that has a filtering feature where it sends the traffic only to
the port of the destination device.
Switch

Networking device that sends the packets to every one of its ports to ensure that
it will reach its intended destination.
Hub
It can limit which devices can connect to a specific port on the switch by listing
specific MAC addresses with the port.
Port security

You can configure user rights on the system, auditing, and other security settings
such as creating a logon banner
Local Policies

It means that the developer checks all the data to make sure that the information
provided by the user in the application is valid and correct.
Input Validation

True or False? IEEE 802.1X may use TACACS+ to communicate the EAP identity to the
authentication server.
False

Which of the following best describes the difference between authentication and
authorization?
Authentication validates the user's identity, whereas authorization determines what
that user is permitted to do.

True or False? RADIUS can be used for device administration AAA.

True

Which of the following is true?

The EAP communication occurs between the supplicant and theauthentication server.

What is the name of the "secure cookie" used with EAP-FAST that can be used in lieu
of a certificate, or even in addition to a certificate?
Protected access credential (PAC)

Which of the following protocols is best suited for authenticating and authorizing
a user for network access AAA?
RADIUS

Which supplicant(s) is capable of EAP chaining?

Cisco AnyConnect NAM

True or False? MSCHAPv2 may be used to perform machine authentication with an LDAP
connection to Active Directory.
False

Which of the following protocols is best suited for granular command level control
with device administration AAA?
TACACS+

Why is RADIUS or TACACS+ needed? Why can't the end user authenticate directly to
the authentication server?
Both RADIUS and TACACS+ extend the Layer-2 authentication protocols, allowing the
end user to communicate with an authentication server that is not Layer-2 adjacent

What are the three main components of IEEE 802.1X?

Authentication server, supplicant, authenticator

Which of the following are types of AAA as related to the topics of this exam?
Device administration

Network access
True or False? A tunneled EAP type is able to use native EAP types as its inner
method.
True

What is the purpose of an outer identity?

The outer identity provides a mechanism to authenticate the identity of the
endpoint during the tunnel establishment phase.

Which of the following best describes an AV-pair?

When communicating with an AAA protocol, the AV-pair stipulates a common attribute
or object and its assigned value.

Which of the following Cisco products should be used for device administration with
TACACS+?
Cisco Secure Access Control Server (ACS)

True or False? The supplicant is required to trust the certificate of the

authentication server before it will form the TLS tunnel within which the EAP
transaction will occur.
False

Which of the following are TACACS+ messages sent from the AAA client to the AAA
server? (Select all that apply.)
START

When using RADIUS, what tells the AAA server which type of action is being
authenticated?
The Service-Type field.

True or False? A machine authentication may use EAP-FAST.

True

When configuring a Cisco switch for 802.1X, at which level of the configuration do
the 802.1X-related commands exist?
Both at global configuration level as well as per interface.

When configuring a Cisco Wireless LAN Controller (WLC) for communication with ISE,
what must be configured for the wireless LAN (WLAN)? (Choose two.)
The authentication and authorization RADIUS servers can be pointed to the same ISE
PSN.

True or False? Cisco switches should be configured in production to send syslog

messages to the ISE MNT node.
False

What is the purpose of adding a user with the username radiustest password password
command?
The switch can send periodic RADIUS Access-Requests to the AAA servers to verify
whether they are still alive. The username and password will be used for that test.

True or False? 802.1X can be configured on all switch interfaces, including Layer-3
interfaces.
False

Which of the following technologies enables an administrator to maintain the same

configuration on all access ports, on all switches, regardless of the type of
device connecting to the network?
Flex-Auth
Which host mode will permit a virtually unlimited number of endpoints per port,
allowing all subsequent MAC addresses to share the authorization result of the
first endpoint authorized?
Multi-Host

Which interface-level command is the equivalent of "turn authentication on"?

authentication port-control auto

Which command on a Cisco switch will display the current status of the AAA
server(s)?
show aaa servers

Which command will validate that authentications are being attempted, which
authentications are successful, and which authorization results have been assigned?
show authentication session interface <interface>

True or False? The profiling service is enabled by default on ISE policy service
nodes.
False

Name three ways in which an endpoint profile can be used in an authorization policy
rule?
Endpoint identity groups

EndPointPolicy attribute

Logical profiles

Which probe is used to trigger the SNMPQUERY probe to query a NAD?

Both A and D

Which three probes exist with device sensor?

CDP, DHCP, LLDP

How are updated profiles distributed to customer ISE deployments?

Cisco's Profiler Feed Service.

What determines when an endpoint is assigned to a profile?

The certainty value must equal or exceed the minimum certainty value of the
profile.

Which ISE tool enables an administrator to drill down in to the profiles that have
been assigned to locate a specific endpoint with that profile?
Endpoints Drill-down

What are two ways to collect HTTP user agent strings?

Directly from ISE web portals

SPAN port mirroring

True or False? ISE deployments must wait for Feed Service updates for new profiles.
False

What will happen when an ISE administrator has modified a profile and then a Feed
Service update is downloaded that contains an updated version of that profile?
All nonconflicting profiles will be downloaded and installed. The conflicting
profiles will be ignored.