Question 1

Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.

Accepted Answer

Behavior-based monitoring uses machine learning algorithms to analyze normal patterns of behavior and detect any deviations from them, which allows it to adapt to new threats and be more proactive in detecting them. This approach is meant to be an improvement over the reactive nature of anomaly-based and signature-based monitoring.

Question 2

What kind of networking device forwards packets across different computer networks by reading destination addresses?&#10;A)switch&#10;B)router&#10;C)bridge&#10;D)firewall

Accepted Answer

A router is specifically designed to forward packets across different computer networks by reading destination addresses, whereas a switch is used to connect devices within a network, a bridge is used to connect multiple network segments together, and a firewall is used to secure a network by filtering traffic. Therefore, the best choice for forwarding packets across different computer networks by reading destination addresses is a router.

Question 3

An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?&#10;A)switch&#10;B)router&#10;C)firewall&#10;D)hub

Accepted Answer

A hub is an early networking device that operates at the physical layer (layer 1) of the OSI model. It can connect multiple devices, such as computers or printers, to a single network segment or LAN. However, it does not have any intelligence and simply broadcasts all data to all connected devices, which can lead to network congestion and reduced performance. Switches were later developed to operate at layer 2 and provide more efficient and intelligent data transmission. Routers operate at layer 3 to connect multiple networks together. Firewalls operate at layer 4 and above to provide network security.

Question 4

The management in your corporate office want to group users on the network together logically even though they are attached to separate network switches. How can this be done?&#10;A)Create a subnet for each network switch involved.&#10;B)Create additional broadcast domains for the users.&#10;C)Add all users to a single DMZ segment&#10;D)Create a VLAN and add the users' computers / ports to the VLAN.

Accepted Answer

To logically group users on the network even though they are attached to separate network switches, the best solution is to create a VLAN (Virtual Local Area Network). A VLAN allows network administrators to group users together logically irrespective of their physical location or network switch they are connected to. By creating a VLAN and adding the users' computers/ports to it, these users can communicate with each other as if they are on the same network, even though they might be on different physical switches. This simplifies network management and configuration, improves security, and enhances performance.

Question 5

What technology enables authorized users to use an unsecured public network, such as the Internet, as if were a secure private network?&#10;A)IKE tunnel&#10;B)VPN&#10;C)endpoint&#10;D)router

Accepted Answer

VPN (Virtual Private Network) technology enables authorized users to use an unsecured public network, such as the Internet, as if it were a secure private network. VPN creates a secure and encrypted connection between the user's device and the remote network they are trying to access, making it difficult for any unauthorized entity to intercept or access the data being transmitted.

Question 6

The OSI model breaks networking steps down into a series of six layers.

Accepted Answer

The OSI model breaks networking steps down into a series of seven layers, not six.

Question 7

A load balancer that works with the File Transfer Protocol is operating at what layer of the OSI model?&#10;A)&#8203;Layer 1&#10;B)&#8203;Layer 2&#10;C)&#8203;Layer 4&#10;D)&#8203;Layer 7

Accepted Answer

A load balancer that works with the File Transfer Protocol operates at the Transport layer of the OSI model, which is Layer 4. It works by distributing incoming FTP requests to multiple servers to help increase efficiency and performance.

Question 8

What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns?&#10;A)Application&#10;B)Protocol&#10;C)Packet&#10;D)Signature

Accepted Answer

The type of monitoring that compares network traffic, activities, transactions, or behavior against a database of known attack patterns is called signature-based monitoring. This type of monitoring uses pre-determined signatures or patterns to identify malicious activity in real-time.

Question 9

Workgroup switches must work faster than core switches.

Accepted Answer

Core switches are designed to handle heavy traffic loads and have higher performance specifications than workgroup switches. Core switches typically operate at higher speeds, have larger buffer sizes, and offer more advanced features such as routing, quality of service, and security.

Question 10

Select below the layer of the OSI model at which the route a packet is to take is determined, and the addressing of the packet is performed.&#10;A)Network&#10;B)Data Link&#10;C)Session&#10;D)Presentation

Accepted Answer

The layer at which the route a packet is to take is determined and the addressing of the packet is performed is the Network layer of the OSI model. This layer is responsible for logical addressing and routing of data packets between different networks.

Question 11

A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?&#10;A)Install a bastion, configure host&#10;B)Set up a choke in front of the web server&#10;C)Create a DMZ, add necessary hosts.&#10;D)Configure a reduction point on a firewall

Accepted Answer

The answer of A web server must be accessible to...

Question 12

Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts.

Accepted Answer

The answer of Security is enhanced by subnetting a single...

Question 13

A server that routes incoming requests to a specific destination server, and acts as the final destination IP for all client access, is known as a:&#10;A)forward proxy&#10;B)application proxy&#10;C)system proxy&#10;D)reverse proxy

Accepted Answer

The answer of A server that routes incoming requests to...

Question 14

An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured to make use of both servers in a manner that is transparent to the end users?

A)Stateful packet filtering
B)Load balancing
C)DNS caching
D)DNS poisoning

Accepted Answer

The answer of An administrator has two servers that host...

Question 15

What layer of the OSI model is responsible for permitting two parties on a network to hold ongoing communications across the network?&#10;A)Network&#10;B)Data Link&#10;C)Session&#10;D)Presentation

Accepted Answer

The answer of What layer of the OSI model is...

Question 16

Defense in depth, or layered security, involves the use of multiple types of network hardware within a network.&#8203;

Accepted Answer

The answer of Defense in depth, or layered security, involves...

Question 17

What is the name for a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?&#10;A)proxy server&#10;B)DNS server&#10;C)VPN server&#10;D)telnet server

Accepted Answer

The answer of What is the name for a computer...

Question 18

When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?&#10;A)PAT&#10;B)PNAT&#10;C)NAPT&#10;D)NAT

Accepted Answer

The answer of When a private network uses a single...

Question 19

The standard TCP/IP protocol uses IP addresses which are how many bytes in length?&#10;A)4&#10;B)8&#10;C)16&#10;D)32

Accepted Answer

The answer of The standard TCP/IP protocol uses IP addresses...

Question 20

What is the name for an instruction that interrupts a program being executed and requests a service from the operating system?&#10;A)system call&#10;B)unit call&#10;C)hardware instruction&#10;D)system exception

Accepted Answer

The answer of What is the name for an instruction...

Question 21

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;&#8203;A device that can forward packets across computer networks

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 22

A ______________ is a worker who work occasionally or regularly from a home office.

Accepted Answer

The answer of A ______________ is a worker who work...

Question 23

A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?&#10;A)Stateful frame filtering&#10;B)Stateless frame filtering&#10;C)Stateful packet filtering&#10;D)Stateless packet filtering

Accepted Answer

The answer of A firewall that keeps a record of...

Question 24

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;Searching incoming web content to match keywords&#8203;

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 25

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;An intrusion prevention system that knows information such as the applications that are running as well as the underlying operating systems&#8203;

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 26

Select below the technology that can be used to examine content through application-level filtering:&#10;A)Application gateway&#10;B)Security proxy&#10;C)Web security gateway&#10;D)Firewall

Accepted Answer

The answer of Select below the technology that can be...

Question 27

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;A device that connects network segments and forwards onlyl frames intended for that specific device or frames sent to all devices&#8203;

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 28

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;&#8203;A device that aggregates VPN connections

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 29

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;A technology that allows scattered users to be logically grouped together even though they may be attached to different switches&#8203;

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 30

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;&#8203;Searching for malware in incoming web content

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 31

Internet ____________________ filters monitor Internet traffic and block access to preselected Web sites and files.&#10;&#8203;Match the following terms to the appropriate definitions.&#8203;

Accepted Answer

The answer of Internet ____________________ filters monitor Internet traffic and...

Question 32

Which network address below is not a private IP address network?&#10;A)10.4.5.0&#10;B)172.63.255.0&#10;C)192.168.255.0&#10;D)172.17.16.0

Accepted Answer

The answer of Which network address below is not a...

Question 33

_________________ is a technique that allows a private IP addresses to be used on the Internet with a single public IP address.

Accepted Answer

The answer of _________________ is a technique that allows a...

Question 34

&#8203;Which of the following is not a component of an IP packet that a firewall rule can use for filtering purposes?&#10;A)&#8203;Source address&#10;B)&#8203;Destination port&#10;C)&#8203;Direction&#10;D)&#8203;Intent

Accepted Answer

The answer of &#8203;Which of the following is not a...

Question 35

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;&#8203;A firewall that can identify the applications that send packets through the firewall and then make decisions about the applications

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 36

A network _________________ isolates connected devices by learning MAC addresses and only sending frames intended for specific MAC addresses to the ports they're connected to, unless the MAC address is unknown.

Accepted Answer

The answer of A network _________________ isolates connected devices by...

Question 37

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;A techniq&#8203;ue that allows private IP addresses to be used on the public Internet.

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 38

Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content inspection&#10;d. Heuristic monitoring&#10;e. Malware inspection&#10;f. Network address translation (NAT)&#10;g. Router&#10;h. Switch&#10;i. Virtual LAN (VLAN)&#10;j. VPN Concentrator&#10;A monitoring technique used by an intrusion detection system (IDS) that uses an algorithm to determine if a threat exists&#8203;

Accepted Answer

The answer of Matching&#10;a. Application-aware firewall &#10;b. Application-aware IPS&#10;c. Content...

Question 39

The traffic sent by devices connected to a hub can be captured and decoded by a _________________.

Accepted Answer

The answer of The traffic sent by devices connected to...

Question 40

What vendor neutral protocol implements support for VLAN tagging?&#10;A)ISL&#10;B)VTP&#10;C)802.1Q&#10;D)VSTP

Accepted Answer

The answer of What vendor neutral protocol implements support for...

Question 41

Discuss the two advantages that NAT provides.

Accepted Answer

The answer of Discuss the two advantages that NAT provides....

Question 42

Describe how NAC works.

Accepted Answer

The answer of Describe how NAC works....

Question 43

List and describe three features of Internet content filters.

Accepted Answer

The answer of List and describe three features of Internet...

Question 44

Describe the difference between subnetting and VLANs.

Accepted Answer

The answer of Describe the difference between subnetting and VLANs....

Question 45

Describe how VLAN communication takes place.

Accepted Answer

The answer of Describe how VLAN communication takes place....

Question 46

List and describe three advantages to subnetting.

Accepted Answer

The answer of List and describe three advantages to subnetting....

Question 47

What are the two TCP/IP protocols that are used by mail servers for clients accessing incoming mail?

Accepted Answer

The answer of What are the two TCP/IP protocols that...

Question 48

&#8203;What is the difference between anomaly based monitoring and signature based monitoring?

Accepted Answer

The answer of &#8203;What is the difference between anomaly based...

Question 49

List and describe two advantages of a proxy server.

Accepted Answer

The answer of List and describe two advantages of a...

Question 50

How does a Unified Threat Management (UTM) security product help reduce administrative overhead?&#8203;

Accepted Answer

The answer of How does a Unified Threat Management (UTM)...

Deck 7: Network Security