A system that is capable of collecting and analyzing information generated by firewalls, IDS, and IPS systems is known as which term below?
SIEM system?
?Which virus below combines polymorphism and stealth techniques to create a very destructive virus?
?Natas
?If multiple honeypots are connected to form a larger network, what term is used to describe the network?
?honeynet
The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below??
?phishing
An attack that involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack?
?man-in-the-middle attack
?Which option below is a standard created by the NSA that defines protections against radio frequency emanations?
?TEMPEST
What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire??
?virtual wire mode
At what layer of the OSI model do firewalls operate??
Network
?What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size, and internal instructions) to avoid detection?
?polymorphism
Botnets often make use of what chat protocol in order to receive commands??
?IRC
Which software below serves as the firewall for Linux systems??
?iptables
Which software below combines known scanning techniques and exploits to allow for hybrid exploits??
?metasploit
What type of virus are dormant until a specific condition is met, such as the changing of a file or a match of the current date??
logic bomb?
What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire??
?virtual wire mode
In ACL statements, the "any" keyword is equivalent to using what wildcard mask below?
0.0.0.0
?A reflective attack can be increased in intensity by combining it with what type of attack?
amplification attack
An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below??
banner-grabbing attack
Programs that run independently and travel between computers and across networks, such as by e-mail attachment or virtually any kind of file transfer, are known as which option below??
worms
A proxy that provides Internet clients access to services on its own network is known as what type of proxy??
reverse proxy
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites??
VPN gateway
What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol??
TKIP
?A SecurID key chain fob from RSA security generates a password that changes how often?
every 60 seconds
What authentication protocol sends authentication information in cleartext without encryption??
PAP
The combination of a public key and a private key are known by what term below?
Key pair
How often should administrators and network users be required to change their password?
60 days
What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol??
TKIP
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers??
IaaS?
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?
?SaaS
When using public and private keys to connect to an SSH server, where must your public key be placed??
?In the authorized keys file on the host where the SSH server is.
When using public and private keys to connect to an SSH server, where must your public key be placed??
In the authorized keys file on the host where the SSH server is.
The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length??
160 bit
At what layer of the OSI model does the IPSec encryption protocol operate??
Network Layer
What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol??
TKIP
The SSH service listens on what TCP port?
22
How often should administrators and network users be required to change their password?
60 days
What authentication protocol sends authentication information in cleartext without encryption??
PAP
At what layer of the OSI model does the IPSec encryption protocol operate??
?Network layer
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?
SaaS
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites??
VPN gateway
What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol??
TKIP
What protocol below is a Microsoft proprietary protocol first available in Windows Vista??
SSTP
?The combination of a public key and a private key are known by what term below?
?key pair
?The SSH service listens on what TCP port?
?22
What authentication protocol sends authentication information in cleartext without encryption??
PAP
Digital certificates are issued by organizations known as what term??
certification authorities
At what layer of the OSI model does the IPSec encryption protocol operate??
?Network layer
When using public and private keys to connect to an SSH server, where must your public key be placed??
?In the authorized keys file on the host where the SSH server is.
?What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?
?IPSec
?The combination of a public key and a private key are known by what term below?
key pair
Digital certificates are issued by organizations known as what term??
?certification authorities
What authentication protocol sends authentication information in cleartext without encryption??
?PAP
What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?
IPSec
Digital certificates are issued by organizations known as what term??
certification authorities
What security principle provides proof of delivery and proof of the sender's identity??
non-repudiation
What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers?
EAP
Amazon and Rackspace both utilize what virtualization software below to create their cloud environments??
Citrix Xen
What protocol enables multiple types of Layer 3 protocols to travel over any one of several connection-oriented Layer 2 protocols?
MPLS
Which of the following is not a requirement in order to use a softphone??
A wireless carrier to handle the voice path.
Which element of H.323 is a device that provides translation between network devices running the H.323 signaling protocols and devices running other types of signaling protocols?
H.323 gateway
When using SIP, what term is used to describe end-user devices, which may include workstations, tablet computers, smartphones, or IP phones??
user agent client
SNMP agents receive requests from an NMS on what port number??
161
What component of SIP is a server that responds to user agent clients' requests for session initiation and termination?
user agent server
A highly available server is available what percentage of the time??
99.99%
A server running the SIP protocol listens on what TCP/UDP port for unsecured communications??
5060
What percentage of Internet traffic, as estimated by Cisco Systems, will be devoted to video traffic by 2018??
79%
In H.323, which protocol below handles call or videoconference signaling?
H.225
When a device handles electrical signals improperly, usually resulting from a bad NIC, it is referred to by what term below??
Jabber
When using SIP, what term is used to describe end-user devices, which may include workstations, tablet computers, smartphones, or IP phones??
user agent client
The Priority Code Point field in a frame consists of how many bits??
3 bits
What component of SIP is a server that responds to user agent clients' requests for session initiation and termination?
user agent server
Packets that exceed the medium's maximum packet size are known by what term??
giants
?On circuit switched portions of a PSTN, what set of standards established by the ITU is used to handle call signaling?
SS7
A server running the SIP protocol listens on what TCP/UDP port for unsecured communications?
5060
SNMP agents receive requests from an NMS on what port number??
?161
Packets that are smaller than a medium's minimum packet size are known by what term below?
runts
What security standard below was created to protect credit card data and transactions, requiring network segmentation as part of security controls??
PCI DSS
?In a VoIP call, what method of transmission is used between two IP phones?
unicast
In order for gateways to exchange and translate signaling and control information with each other so that voice and video packets are properly routed through a network, what intermediate device is needed??
media gateway controller
A computer that provides support for multiple H.323 terminals and manages communication between them is known as what term below?
MCU
Which two terms can be used to describe a decoy system that is purposely vulnerable for the sake of attracting attackers??
honeypots
lure
What two protocols below are Data Link Layer protocols designed to connect WAN endpoints in a direct connection, such as when a client computer connects to a server at an ISP using a dial-up or DSL connection and modem?
SLIP
PPP
A _________________ is a service that is shared between multiple organizations, but not available publicly.?
Community Cloud
The key management phase of IPSec is reliant on which two services below?
Internet Key Exchange (IKE)
?Internet Security Association and Key Management Protocol (ISAKMP)
What feature on some network switches can be used to detect faked arp messages?
?dynamic ARP inspection
CALEA requires telecommunications carriers and equipment manufacturers to provide for surveillance capabilities.
True
What two different types of encryption can be used by IPSec during data transfer??
Authentication Header (AH)
?Encapsulating Security Payload (ESP)
Different types of organizations have similar levels of network security risks.
False
What protocol below is a Microsoft proprietary protocol first available in Windows Vista??
SSTP
Networks that use ________________, such as T-1 or DSL connections to the Internet, are vulnerable to eavesdropping at a building' s demarc (demarcation point), at a remote switching facility, or in a central office.
leased public lines
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers??
laaS
An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.
True
Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP
False
What option below is not an encryption algorithm method that is used by SSH?
SHA-2
A SOHO wireless router typically acts as a firewall and may include packet filtering options
True
What two terms below describe the process of manipulating certain characteristics of packets, data streams, or connections to manage the type and amount of traffic traversing a network or interface at any moment??
traffic shaping?
?packet shaping
What two terms describe a network of compromised computers that are then used to perform coordinated DDoS attacks without their owners' knowledge or consent??
botnet
?zombie army
?What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?
IPSec
What two options below are AAA services??
RADIUS
TACACS+
The simplest type of firewall is a content filtering firewall.?
False
After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.?
False
Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP.
True
Most UNIX and Linux desktop operating systems provide a GUI application for easily viewing and filtering the information in system logs.
True
What kind of attack involves a flood of broadcast ping messages, with the originating source address being spoofed to appear as a host on the network??
NOT SYN attck
The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field??
NOT encription
?What two terms below are used to describe an analog-to-digital voice conversion device that accepts and interprets both analog and digital voice signals?
NOT
NOT
NOT
Digital PBX
ATA PBX