Firewall
A software or hardware that checks information coming from the Internet and depending on the applied configuration settings either blocks it or allows it to pass through is called:
Router
A device designed to forward data packets between networks is called:
Exception
Allowing a connection through a firewall is known as creating:
Load Balancer
A network device designed for managing the optimal distribution of workloads across multiple computing resources is called:
True
False
(True)
The last default rule on a firewall is to deny all traffic.
Proxy
A computer network service that allows clients to make indirect network connections to other network services is called:
HIDS
Which of the terms listed below refers to a security solution implemented on an individual computer host monitoring that specific system for malicious activities or policy violations?
True
False
(True)
One of the measures for securing networking devices includes the practice of disabling unused ports.
Tunneling
Which of the following ensures the privacy of a VPN connection?
VPN Concentrator
Which of the following answers refers to a dedicated device for managing secure connections established over an untrusted network, such as the Internet?
IDS
Which of the following acronyms refers to a network or host based monitoring system designed to automatically alert administrators of known or suspected unauthorized activity?
Packet sniffer, Protocol Analyzer
A software tool used for monitoring and examining contents of the network traffic is known as: (Select all that apply)
SMTP, 25
Which of the following answers list the protocol and port number used by a spam filter? (Select 2 answers)
UTM
Which of the following acronyms refers to a network security solution combining the functionality of a firewall with additional safeguards such as URL filtering, content inspection, or malware inspection?
Web address
URL filtering restricts access to Internet sites based on which of the following criteria?
NIPS
Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack?
WAF
Which of the following acronyms refers to a firewall controlling access to a web server?
ACL
Which of the answers listed below refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?
Logging, Sending an alert
Which of the following actions can be taken by passive IDS? (Select 2 answers)
Port-based network access control
802.1x is an IEEE standard defining:
Rule-Based Access Control
An access control model in which access to resources is granted or denied depending on Access Control List (ACL) entries is also known as:
True
False
(False)
A type of Intrusion Detection System (IDS) that relies on the previously established baseline of normal network activity in order to detect intrusions is known as a signature-based IDS.
Flood guard
Which of the following security solutions provides a countermeasure against denial-of-service attack characterized by increasing number of half-open connections?
STP
Which of the protocols listed below protects against switching loops?
True
False
(True)
A type of Intrusion Detection System (IDS) that relies on known attack patterns to detect an intrusion is known as a signature-based IDS.
Implicit deny policy
Which of the following policies applies to any requests that fall outside the criteria defined in an ACL?
Demilitarized Zone (DMZ)
A lightly protected subnet placed on the outside of the company's firewall consisting of publicly available servers is known as:
192.168.1
Which part of the 192.168.1.5/24 address identifies its network ID?
PBX
Which of the following acronyms refers to a solution allowing companies to cut costs related to the managing of internal calls?
VoIP
A solution that allows to make phone calls over a broadband Internet connection instead of typical analog telephone lines is known as:
255.255.255.224
Which of the following answers lists a /27 subnet mask?
PBX
What type of system can be compromised through phreaking?
Virtual Local Area Network (VLAN)
Which of the following terms refers to a logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain, regardless of their physical location?
NAC
Which security measure is in place when a client is denied access to the network due to outdated antivirus software?
Virtualization
Which of the following terms refers to a technology that allows multiple operating systems to work simultaneously on the same hardware?
Post-admission NAC
A security stance whereby a host is being granted / denied permissions based on its actions after it has been provided with the access to the network is known as:
NAT
Which of the following solutions is used to hide the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device?
Trunk Port, Physical Address, MAC Address
VLAN membership can be set through: (Select all that apply)
IaaS
In which of the cloud computing infrastructure types clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment?
PaaS
Which of the following cloud service types would provide the best solution for a web developer intending to create a web app?
SaaS
A cloud computing infrastructure type where applications are hosted over a network (typically Internet) eliminating the need to install and run the software on the customer's own computers is called:
True
False
(False)
The biggest advantage of public cloud is that all services provided through this type of cloud computing service model are offered free of charge.
Layered security, Defense in depth
A concept of effective security posture employing multiple tools and different techniques to slow down an attacker is known as: (Select 2 answers)
Tunnel
Which of the IPsec modes provides entire packet encryption?
SNMP
Which of the protocols listed below is used in network management systems for monitoring network-attached devices?
SNMPv1, FTP, Telnet
Which of the following protocols transmit(s) data in an unencrypted form? (Select all that apply)
SNMP community
A group that consists of SNMP devices and one or more SNMP managers is known as:
SSH
Which of the following protocols was designed as a secure replacement for Telnet?
DNS
A system used to convert a computer's host name into an IP address on the Internet is known as:
IPv6 address
DNS database AAAA record identifies:
SSL, TLS
Which of the following protocols are used for securing HTTP connections? (Select 2 answers)
TCP/IP
Which of the answers listed below refers to a suite of protocols used for connecting hosts on the Internet?
True
False
(True)
FTPS is an extension to the FTP that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.
Secure file transfer
The SCP protocol is used for:
ICMP
Which of the protocols listed below is used by the PING utility?
::1
Which of the following answers lists the IPv6 loopback address?
iSCSI
A networking standard for linking data storage devices over an IP network is known as:
iSCSI, FCoE
Which of the protocols listed below facilitate(s) communication between SAN devices? (Select all that apply)
File exchange
The FTP protocol is designed for:
SFTP
A network protocol for secure file transfer over Secure Shell (SSH) is called:
TFTP
Which of the protocols listed below does not provide authentication?
SSH
Which of the following protocols was designed as a secure replacement for Telnet?
20, 21
FTP runs by default on ports:
SSH, SCP, SFTP
Which of the protocols listed below run(s) on port number 22? (Select all that apply)
Telnet
Port number 23 is used by:
25
Which of the following TCP ports is used by SMTP?
53
DNS runs on port:
80
An HTTP traffic can be enabled by opening port:
110, 143
Which of the following ports enable(s) retrieving email messages from a remote server? (Select all that apply)
137, 138, 139
Which of the port numbers listed below are used by NetBIOS? (Select all that apply)
143
IMAP runs on TCP port:
443
Which of the following TCP ports is used by HTTPS?
3389
Which of the answers listed below refers to the default port number for a Microsoft-proprietary remote connection protocol?
IPsec, IPv6, IPv4, ICMP
Which of the following protocols operate(s) at layer 3 (the network layer) of the OSI model? (Select all that apply)
Transport layer
In the OSI model, TCP resides at the:
WPA2
Which of the following wireless encryption schemes offers the highest level of protection?
WEP
Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities?
EAP
Which of the answers listed below refers to an authentication framework frequently used in wireless networks and point-to-point connections?
MAC filter
A network access control method whereby the 48-bit address assigned to each network card is used to determine access to the network is known as:
Which of the following protocols was introduced to strengthen existing WEP implementations without requiring the replacement of legacy hardware?
A wireless network name is also referred to as:
Makes a WLAN harder to discover
Disabling SSID broadcast:
PEAP
Which of the protocols listed below encapsulates EAP within an encrypted and authenticated TLS tunnel?
CCMP
AES-based encryption mode implemented in WPA2 is known as:
War driving, Site Survey
An optimal WAP antenna placement provides a countermeasure against: (Select 2 answers)
Power level controls
Which of the following WAP configuration settings allows for adjusting the boundary range of the wireless signal?
Captive portal
Which of the answers listed below refers to a solution allowing administrators to block Internet access for users until they perform required action?
Omnidirectional, Non-Directional
Which of the following antenna types would provide the best coverage for workstations connecting to a WAP placed in a central point of a typical office? (Select all that apply)
War driving
Which of the answers listed below refers to wireless site survey?
Intrusion Detection System (IDS)
Which of the following examples falls into the category of technical security controls?
False positive error
An antivirus software identifying non-malicious file as a virus due to faulty virus signature file is an example of:
Change management
Which of the examples listed below falls into the category of operational security controls?
False negative
Which of the following terms refers to a situation where no alarm is raised when an attack has taken place?
Privacy policy
A policy outlining ways of collecting and managing personal data is known as:
AUP
Which of the following acronyms refers to a set of rules enforced in a network that restrict the use to which the network may be put?
True
False
(True)
One of the goals behind the mandatory vacations policy is to mitigate the occurrence of fraudulent activity within the company.
Separation of duties
Which of the answers listed below refers to a concept of having more than one person required to complete a given task?
Principle of least privilege
A security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities is known as:
ALE
Which of the following acronyms refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?
1.0
Single Loss Expectancy (SLE) = Asset Value (AV) x Exposure Factor (EF). The Exposure Factor (EF) used in the formula above refers to the impact of the risk over the asset, or percentage of asset lost when a specific threat is realized. Which of the follow
SLE
Which of the following terms is used to describe the loss of value to an asset based on a single security incident?
ARO (
An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:
ALE = ARO x SLE
Which of the answers listed below refers to the correct formula for calculating probable financial loss due to a risk over a one-year period?
MTTR
Which of the following terms is used to describe the average time required to repair a failed component or device?
True
False
(False)
High MTBF value indicates that a component or system provides low reliability and is more likely to fail.
Quantitative risk assessment
A calculation of the Single Loss Expectancy (SLE) is an example of:
Qualitative risk assessment
Assessment of risk probability and its impact based on subjective judgment falls into the category of:
Threat vector
A path or tool allowing an attacker to gain unauthorized access to a system or network is known as:
ARO
In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.
Risk transference
Contracting out a specialized technical component when the company's employees lack the necessary skills is an example of:
Risk avoidance
Disabling certain system functions or shutting down the system when risks are identified is an example of:
Insurance policy
Which of the answers listed below exemplifies an implementation of risk transference methodology?
Risk acceptance
Which of the following terms relates closely to the concept of residual risk?
Risk deterrence
What type of risk management strategy is in place when accessing the network involves a login banner warning designed to inform potential attacker of the likelihood of getting caught?
Technical, Management, Operational
Which of the following security control types can be used in implementing a risk mitigation strategy? (Select all that apply)
Single point of failure
Which of the terms listed below refers to one of the hardware-related disadvantages of the virtualization technology?
RTO
Which of the following acronyms refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?
True
False
(False)
Recovery time objective (RTO) specifies a point in time to which systems and data must be recovered after a disaster has occurred.
SLA
An agreement between a service provider and the user(s) defining the nature, availability, quality, and scope of the service to be provided is known as:
BPA
Which of the following answers refers to a key document governing the relationship between two business organisations?
MOU
A document established between two or more parties to define their respective responsibilities in accomplishing a particular goal or mission is known as:
ISA
Which of the answers listed below refers to an agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection?
Content inspection
Which of the following functionalities allows a DLP system to fulfill its role?
Order of volatility
In forensic procedures, a sequence of steps in which different types of evidence should be collected is known as:
Chain of custody
In forensic procedures, a chronological record outlining persons in possession of an evidence is referred to as: