Computer Networks And Security Exams Prep Test

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Themes
T
Themes
Community Contributor
Quizzes Created: 416 | Total Attempts: 700,873
Questions: 100 | Attempts: 276

SettingsSettingsSettings
Computer Networking Quizzes & Trivia

Questions and Answers
  • 1. 

    What important factor listed below differentiates Frame Relay from X.25?

    • A.

      Frame Relay supports multiple PVCs over a single WAN carrier connection.

    • B.

      Frame Relay is a cell-switching technology instead of a packet-switching technology like X.25.

    • C.

      Frame Relay does not provide a Committed Information Rate (CIR).

    • D.

      Frame Relay only requires a DTE on the provider side.

    Correct Answer
    A. Frame Relay supports multiple PVCs over a single WAN carrier connection.
    Explanation
    Frame Relay supports multiple private virtual circuits (PVCs), unlike X.25. It is a
    packet-switching technology that provides a Committed Information Rate (CIR),
    which is a minimum bandwidth guarantee provided by the service provider to
    customers. Finally, Frame Relay requires a DTE/DCE at each connection point, with
    the DTE providing access to the Frame Relay network, and a provider-supplied DCE,
    which transmits the data over the network

    Rate this question:

  • 2. 

    During a security assessment of a wireless network, Jim discovers that LEAP is in use on a network using WPA. What recommendation should Jim make?

    • A.

      Continue to use LEAP. It provides better security than TKIP for WPA networks.

    • B.

      Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported.

    • C.

      Continue to use LEAP to avoid authentication issues, but move to WPA2.

    • D.

      Use an alternate protocol like PEAP or EAP-TLS, and implement Wired Equivalent Privacy to avoid wireless security issues.

    Correct Answer
    B. Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported.
    Explanation
    LEAP, the Lightweight Extensible Authentication Protocol. is a Cisco proprietary
    protocol designed to handle problems with TKIP. Unfortunately, LEAP has significant
    security issues as well and should not be used. Any modern hardware should support
    WPA2 and technologies like PEAP or EAP-TLS. Using WEP, the predecessor to WPA
    and WPA2, would be a major step back in security for any network.

    Rate this question:

  • 3. 

    Ben has connected his laptop to his tablet PC using an 802.11g connection. What wireless network mode has he used to connect these devices?

    • A.

      Infrastructure mode

    • B.

      Wired extension mode

    • C.

      Ad hoc mode

    • D.

      Stand-alone mode

    Correct Answer
    C. Ad hoc mode
    Explanation
    Ben is using ad hoc mode, which directly connects two clients. It can be easy to
    confuse this with stand-alone mode, which connects clients using a wireless access
    point, but not to wired resources like a central network. Infrastructure mode connects
    endpoints to a central network, not directly to each other. Finally, wired extension
    mode uses a wireless access point to link wireless clients to a wired network.

    Rate this question:

  • 4. 

    Lauren’s and Nick’s PCs simultaneously send traffic by transmitting at the same time. What network term describes the range of systems on a network that could be affected by this same issue?

    • A.

      The subnet

    • B.

      The supernet

    • C.

      The supernet

    • D.

      A broadcast domain

    Correct Answer
    C. The supernet
    Explanation
    A collision domain is the set of systems that could cause a collision if they
    transmitted at the same time. Systems outside of a collision domain cannot cause a
    collision if they send at the same time. This is important, as the number of systems in
    a collision domain increases the likelihood of network congestion due to an increase
    in collisions. A broadcast domain is the set of systems that can receive a broadcast
    from each other. A subnet is a logical division of a network, while a supernet is made
    up of two or more networks.

    Rate this question:

  • 5. 

    Sarah is manually reviewing a packet capture of TCP traffic and finds that a system is setting the RST flag in the TCP packets it sends repeatedly during a short period of time. What does this flag mean in the TCP packet header?

    • A.

      RST flags mean “Rest.” The server needs traffic to briefly pause.

    • B.

      RST flags mean “Relay-set.” The packets will be forwarded to the address set in the packet.

    • C.

      RST flags mean “Resume Standard.” Communications will resume in their normal format

    • D.

      RST means “Reset.” The TCP session will be disconnected.

    Correct Answer
    D. RST means “Reset.” The TCP session will be disconnected.
    Explanation
    The RST flag is used to reset or disconnect a session. It can be resumed by
    restarting the connection via a new three-way handshake.

    Rate this question:

  • 6. 

    Gary is deploying a wireless network and wants to deploy the fastest possible wireless technology. Of the 802.11 standards listed below, which is the fastest 2.4 GHz option he has?

    • A.

      802.11a

    • B.

      802.11g

    • C.

      802.11n

    • D.

      802.11ac

    Correct Answer
    C. 802.11n
    Explanation
    He should choose 802.11n, which supports 200+ Mbps in the 2.4 GHz or the 5 GHz
    frequency range. 802.11a and 802.11ac are both 5 GHz only, while 802.11g is only
    capable of 54 Mbps.

    Rate this question:

  • 7. 

    What common applications are associated with each of the following TCP ports: 23, 25, 143, and 515?

    • A.

      Telnet, SFTP, NetBIOS, and LPD

    • B.

      SSH, SMTP, POP3, and ICMP

    • C.

      Telnet, SMTP, IMAP, and LPD

    • D.

      Telnet, SMTP, POP3, and X Windows

    Correct Answer
    C. Telnet, SMTP, IMAP, and LPD
    Explanation
    These common ports are important to know, although some of the protocols are
    becoming less common. TCP 23 is used for Telnet; TCP 25 is used for SMTP (the
    Simple Mail Transfer Protocol); 143 is used for IMAP, the Internet Message Access
    Protocol; and 515 is associated with LPD, the Line Printer Daemon protocol used to
    send print jobs to printers.
    POP3 operates on TCP 110, SSH operates on TCP 22 (and SFTP operates over SSH),
    and X Windows operates on a range of ports between 6000 and 6063.

    Rate this question:

  • 8. 

    Chris is configuring an IDS to monitor for unencrypted FTP traffic. What ports should Chris use in his configuration?

    • A.

      TCP 20 and 21

    • B.

      TCP 21 only

    • C.

      UDP port 69

    • D.

      TCP port 21 and UDP port 21

    Correct Answer
    A. TCP 20 and 21
    Explanation
    The File Transfer Protocol (FTP) operates on TCP ports 20 and 21. UDP port 69 is
    used for the Trivial File Transfer Protocol, or TFTP, while UDP port 21 is not used for
    any common file transfer protocol.

    Rate this question:

  • 9. 

    FHSS, DSSS, and OFDM all use what wireless communication method that occurs over multiple frequencies simultaneously?

    • A.

      Wi-Fi

    • B.

      Spread Spectrum

    • C.

      Multiplexing

    • D.

      Orthogonal modulation

    Correct Answer
    B. Spread Spectrum
    Explanation
    Frequency Hopping Spread Spectrum (FHSS), Direct Sequence Spread Spectrum
    (DSSS), and Orthogonal Frequency-Division Multiplexing (OFDM) all use spread
    spectrum techniques to transmit on more than one frequency at the same time.
    Neither FHSS nor DHSS uses orthogonal modulation, while multiplexing describes
    combining multiple signals over a shared medium of any sort. Wi-Fi may receive
    interference from FHSS systems but doesn’t use it.

    Rate this question:

  • 10. 

    Which authentication protocol commonly used for PPP links encrypts both the username and password and uses a challenge/response dialog that cannot be replayed and periodically reauthenticates remote systems throughout its use in a session?

    • A.

      PAP

    • B.

      CHAP

    • C.

      EAP

    • D.

      LEAP

    Correct Answer
    B. CHAP
    Explanation
    The Challenge-Handshake Authentication Protocol, or CHAP, is used by PPP
    servers to authenticate remote clients. It encrypts both the username and password
    and performs periodic reauthentication while connected using techniques to prevent
    replay attacks. LEAP provides reauthentication but was designed for WEP, while PAP
    sends passwords unencrypted. EAP is extensible and was used for PPP connections,
    but it doesn’t directly address the listed items.

    Rate this question:

  • 11. 

    Which of the following options is not a common best practice for securing a wireless network?

    • A.

      Turn on WPA2.

    • B.

      Enable MAC filtering if used for a relatively small group of clients.

    • C.

      Enable SSID broadcast.

    • D.

      Separate the access point from the wired network using a firewall, thus treating it as external access.

    Correct Answer
    C. Enable SSID broadcast.
    Explanation
    SSID broadcast is typically disabled for secure networks. While this won’t stop a
    determined attacker, it will stop casual attempts to connect. Separating the network
    from other wired networks, turning on the highest level of encryption supported (like
    WPA2), and using MAC filtering for small groups of clients that can reasonably be
    managed by hand are all common best practices for wireless networks.

    Rate this question:

  • 12. 

    What network topology is shown in the image below?

    • A.

      A ring

    • B.

      A bus

    • C.

      A star

    • D.

      A mesh

    Correct Answer
    A. A ring
    Explanation
    A ring connects all systems like points on a circle. A ring topology was used with
    Token Ring networks, and a token was passed between systems around the ring to
    allow each system to communicate. More modern networks may be described as a ring
    but are only physically a ring and not logically using a ring topology.

    Rate this question:

  • 13. 

    What type of firewall design is shown in the diagram?

    • A.

      A single-tier firewall

    • B.

      A two-tier firewall

    • C.

      A three-tier firewall

    • D.

      A four-tier firewall

    Correct Answer
    B. A two-tier firewall
    Explanation
    The firewall in the diagram has two protected zones behind it, making it a two-tier
    firewall design.

    Rate this question:

  • 14. 

    If the VPN grants remote users the same access to network and system resources as local workstations have, what security issue should Chris raise?

    • A.

      VPN users will not be able to access the web server

    • B.

      There is no additional security issue; the VPN concentrator’s logical network location matches the logical network location of the workstations.

    • C.

      VPN bypasses the firewall, creating additional risks.

    • D.

      VPN users should only connect from managed PCs.

    Correct Answer
    D. VPN users should only connect from managed PCs.
    Explanation
    Remote PCs that connect to a protected network need to comply with security
    settings and standards that match those required for the internal network. The VPN
    concentrator logically places remote users in the protected zone behind the firewall,
    but that means that user workstations (and users) must be trusted in the same way
    that local workstations are.

    Rate this question:

  • 15. 

    If Chris wants to stop cross-site scripting attacks against the web server, what is the best device for this purpose, and where should he put it?

    • A.

      A firewall, location A

    • B.

      An IDS, location A

    • C.

      An IPS, location B

    • D.

      A WAF, location C

    Correct Answer
    C. An IPS, location B
    Explanation
    An intrusion protection system can scan traffic and stop both known and unknown
    attacks. A web application firewall, or WAF, is also a suitable technology, but placing it
    at location C would only protect from attacks via the organization’s VPN, which should
    only be used by trusted users. A firewall typically won’t have the ability to identify and
    stop cross-site scripting attacks, and IDS systems only monitor and don’t stop attacks.

    Rate this question:

  • 16. 

    Susan is deploying a routing protocol that maintains a list of destination networks with metrics that include the distance in hops to them and the direction traffic should be sent to them. What type of protocol is she using?

    • A.

      A link-state protocol

    • B.

      A link-distance protocol

    • C.

      A destination metric protocol

    • D.

      A distance-vector protocol

    Correct Answer
    D. A distance-vector protocol
    Explanation
    Distance-vector protocols use metrics including the direction and distance in hops
    to remote networks to make decisions. A link-state routing protocol considers the
    shortest distance to a remote network. Destination metric and link-distance protocols
    don’t exist.

    Rate this question:

  • 17. 

    Ben has configured his network to not broadcast a SSID. Why might Ben disable SSID broadcast, and how could his SSID be discovered?

    • A.

      Disabling SSID broadcast prevents attackers from discovering the encryption key. The SSID can be recovered from decrypted packets.

    • B.

      Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using a wireless sniffer.

    • C.

      Disabling SSID broadcast prevents issues with beacon frames. The SSID can be recovered by reconstructing the BSSID.

    • D.

      Disabling SSID broadcast helps avoid SSID conflicts. The SSID can be discovered by attempting to connect to the network.

    Correct Answer
    B. Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using a wireless sniffer.
    Explanation
    Disabling SSID broadcast can help prevent unauthorized personnel from attempting
    to connect to the network. Since the SSID is still active, it can be discovered by using a
    wireless sniffer. Encryption keys are not related to SSID broadcast, beacon frames are
    used to broadcast the SSID, and it is possible to have multiple networks with the same
    SSID.

    Rate this question:

  • 18. 

    What network tool can be used to protect the identity of clients while providing Internet access by accepting client requests, altering the source addresses of the requests, mapping requests to clients, and sending the modified requests out to their destination?

    • A.

      A gateway

    • B.

      A proxy

    • C.

      A router

    • D.

      A firewall

    Correct Answer
    B. A proxy
    Explanation
    A proxy is a form of gateway that provide clients with a filtering, caching, or other
    service that protects their information from remote systems. A router connects
    networks, while a firewall uses rules to limit traffic permitted through it. A gateway
    translates between protocols.

    Rate this question:

  • 19. 

    During troubleshooting, Chris uses the nslookup command to check the IP address of a host he is attempting to connect to. The IP he sees in the response is not the IP that should resolve when the lookup is done. What type of attack has likely been conducted?

    • A.

      DNS spoofing

    • B.

      DNS poisoning

    • C.

      ARP spoofing

    • D.

      A Cain attack

    Correct Answer
    B. DNS poisoning
    Explanation
    DNS poisoning occurs when an attacker changes the domain name to IP address
    mappings of a system to redirect traffic to alternate systems. DNS spoofing occurs
    when an attacker sends false replies to a requesting system, beating valid replies from
    the actual DNS server. ARP spoofing provides a false hardware address in response to
    queries about an IP, and Cain & Abel is a powerful Windows hacking tool, but a Cain
    attack is not a specific type of attack.

    Rate this question:

  • 20. 

    A remote access tool that copies what is displayed on a desktop PC to a remote computer is an example of what type of technology?

    • A.

      Remote node operation

    • B.

      Screen scraping

    • C.

      Remote control

    • D.

      RDP

    Correct Answer
    B. Screen scraping
    Explanation
    Screen scrapers copy the actual screen displayed and display it at a remote location.
    RDP provides terminal sessions without doing screen scraping, remote node operation
    is the same as dial-up access, and remote control is a means of controlling a remote
    system (screen scraping is a specialized subset of remote control).

    Rate this question:

  • 21. 

    Which email security solution provides two major usage modes: (1) signed messages that provide integrity, sender authentication, and nonrepudiation; and (2) an enveloped message mode that provides integrity, sender authentication, and confidentiality?

    • A.

      S/MIME

    • B.

      MOSS

    • C.

      PEM

    • D.

      DKIM

    Correct Answer
    A. S/MIME
    Explanation
    S/MIME supports both signed messages and a secure envelope method. While the
    functionality of S/MIME can be replicated with other tools, the secure envelope is an
    S/MIME-specific concept. MOSS, or MIME Object Security Services, and PEM can
    also both provide authentication, confidentiality, integrity, and nonrepudiation, while
    DKIM, or Domain Keys Identified Mail, is a domain validation tool.

    Rate this question:

  • 22. 

    During a security assessment, Jim discovers that the organization he is working with uses a multilayer protocol to handle SCADA systems and recently connected the SCADA network to the rest of the organization’s production network. What concern should he raise about serial data transfers carried via TCP/IP?

    • A.

      SCADA devices that are now connected to the network can now be attacked over the network.

    • B.

      Serial data over TCP/IP cannot be encrypted.

    • C.

      Serial data cannot be carried in TCP packets.

    • D.

      TCP/IP’s throughput can allow for easy denial of service attacks against serial devices.

    Correct Answer
    A. SCADA devices that are now connected to the network can now be attacked over the network.
    Explanation
    Multilayer protocols like DNP3 allow SCADA and other systems to use TCP/IPbased networks to communicate. Many SCADA devices were never designed to be
    exposed to a network, and adding them to a potentially insecure network can create
    significant risks. TLS or other encryption can be used on TCP packets, meaning that
    even serial data can be protected. Serial data can be carried via TCP packets because
    TCP packets don’t care about their content; it is simply another payload. Finally,
    TCP/IP does not have a specific throughput as designed, so issues with throughput are
    device-level issues.

    Rate this question:

  • 23. 

    What type of key does WEP use to encrypt wireless communications?

    • A.

      An asymmetric key

    • B.

      Unique key sets for each host

    • C.

      A predefined shared static key

    • D.

      Unique asymmetric keys for each host

    Correct Answer
    C. A predefined shared static key
    Explanation
    WEP has a very weak security model that relies on a single, predefined, shared
    static key. This means that modern attacks can break WEP encryption in less than a
    minute.

    Rate this question:

  • 24. 

    An attack that causes a service to fail by exhausting all of a system’s resources is what type of attack?

    • A.

      A worm

    • B.

      A denial of service attack

    • C.

      A virus

    • D.

      A smurf attack

    Correct Answer
    B. A denial of service attack
    Explanation
    A denial of service attack is an attack that causes a service to fail or to be
    unavailable. Exhausting a system’s resources to cause a service to fail is a common
    form of denial of service attack. A worm is a self-replicating form of malware that
    propagates via a network, a virus is a type of malware that can copy itself to spread,
    and a Smurf attack is a distributed denial of service attack (DDoS) that spoofs a
    victim’s IP address to systems using an IP broadcast, resulting in traffic from all of
    those systems to the target.

    Rate this question:

  • 25. 

    What speed and frequency range is used by 802.11n?

    • A.

      54 Mbps, 5 GHz

    • B.

      200+ Mbps, 5GHz

    • C.

      200+ Mbps, 2.4 and 5 GHz

    • D.

      1 Gbps, 5 GHz4

    Correct Answer
    C. 200+ Mbps, 2.4 and 5 GHz
    Explanation
    802.11n can operate at speeds over 200 Mbps, and it can operate on both the 2.4
    and 5 GHz frequency range. 802.11g operates at 54 Mbps using the 2.4 GHz frequency
    range, and 802.11ac is capable of 1 Gbps using the 5 GHz range. 802.11a and b are both
    outdated and are unlikely to be encountered in modern network installations.

    Rate this question:

  • 26. 

    The Address Resolution Protocol (ARP) and the Reverse Address Resolution Protocol (RARP) operate at what layer of the OSI model?

    • A.

      Layer 1

    • B.

      Layer 2

    • C.

      Layer 3

    • D.

      Layer 4

    Correct Answer
    B. Layer 2
    Explanation
    ARP and RARP operate at the Data Link layer, the second layer of the OSI model.
    Both protocols deal with physical hardware addresses, which are used above the
    Physical layer (layer 1) and below the Network layer (layer 3), thus falling at the Data
    Link layer.

    Rate this question:

  • 27. 

    Which of the following is a converged protocol that allows storage mounts over TCP, and which is frequently used as a lower-cost alternative to Fibre Channel?

    • A.

      MPLS

    • B.

      SDN

    • C.

      VoIP

    • D.

      ISCSI

    Correct Answer
    D. ISCSI
    Explanation
    iSCSI is a converged protocol that allows location-independent file services over
    traditional network technologies. It costs less than traditional Fibre Channel. VoIP is
    Voice over IP, SDN is Software-defined networking, and MPLS is Multiprotocol Label
    Switching, a technology that uses path labels instead of network addresses.

    Rate this question:

  • 28. 

    Chris is building an Ethernet network and knows that he needs to span a distance of over 150 meters with his 1000Base-T network. What network technology should he use to help with this?

    • A.

      Install a repeater or a concentrator before 100 meters.

    • B.

      Use Category 7 cable, which has better shielding for higher speeds.

    • C.

      Install a gateway to handle the distance.

    • D.

      Use STP cable to handle the longer distance at high speeds.

    Correct Answer
    A. Install a repeater or a concentrator before 100 meters.
    Explanation
    A repeater or concentrator will amplify the signal, ensuring that the 100-meter
    distance limitation of 1000Base-T is not an issue. A gateway would be useful if
    network protocols were changing, while Cat7 cable is appropriate for a 10Gbps
    network at much shorter distances. STP cable is limited to 155 Mbps and 100 meters,
    which would leave Chris with network problems.

    Rate this question:

  • 29. 

    Lauren’s organization has used a popular instant messaging service for a number of years. Recently, concerns have been raised about the use of instant messaging.What protocol is the instant messaging traffic most likely to use based on the diagram?

    • A.

      AOL

    • B.

      HTTP

    • C.

      SMTP

    • D.

      HTTPS

    Correct Answer
    B. HTTP
    Explanation
    TCP 80 is typically HTTP.

    Rate this question:

  • 30. 

    Lauren’s organization has used a popular instant messaging service for a number of years. Recently, concerns have been raised about the use of instant messaging.What security concern does sending internal communications from A to B cause?

    • A.

      The firewall does not protect system B.

    • B.

      System C can see the broadcast traffic from system A to B.

    • C.

      It is traveling via an unencrypted protocol.

    • D.

      IM does not provide nonrepudation.

    Correct Answer
    C. It is traveling via an unencrypted protocol.
    Explanation
    HTTP traffic is typically sent via TCP 80. Unencrypted HTTP traffic can be easily
    captured at any point between A and B, meaning that the instant messaging solution
    chosen does not provide confidentiality for the organization’s corporate
    communications.

    Rate this question:

  • 31. 

    Lauren’s organization has used a popular instant messaging service for a number of years. Recently, concerns have been raised about the use of instant messaging.How could Lauren’s company best address a desire for secure instant messaging for users of internal systems A and C?

    • A.

      Use a 3rd party instant messaging service.

    • B.

      Implement and use a locally hosted IM service.

    • C.

      Use HTTPS.

    • D.

      Discontinue use of IM and instead use email, which is more secure.

    Correct Answer
    B. Implement and use a locally hosted IM service.
    Explanation
    If a business need requires instant messaging, using a local instant messaging
    server is the best option. This prevents traffic from traveling to a third-party server
    and can offer additional benefits such as logging, archiving, and control of security
    options like the use of encryption.

    Rate this question:

  • 32. 

    Which of the following drawbacks is a concern when multilayer protocols are allowed?

    • A.

      A range of protocols may be used at higher layers.

    • B.

      Covert channels are allowed.

    • C.

      Filters cannot be bypassed.

    • D.

      Encryption can’t be incorporated at multiple layers.

    Correct Answer
    B. Covert channels are allowed.
    Explanation
    Multilayer protocols create three primary concerns for security practitioners: They
    can conceal covert channels (and thus covert channels are allowed), filters can be
    bypassed by traffic concealed in layered protocols, and the logical boundaries put in
    place by network segments can be bypassed under some circumstances. Multilayer
    protocols allow encryption at various layers and support a range of protocols at higher
    layers.

    Rate this question:

  • 33. 

    What network topology is shown in the image below?

    • A.

      A ring

    • B.

      A star

    • C.

      A bus

    • D.

      A mesh

    Correct Answer
    C. A bus
    Explanation
    A bus can be linear or tree-shaped and connects each system to trunk or backbone
    cable. Ethernet networks operate on a bus topology.

    Rate this question:

  • 34. 

    Chris uses a cellular hot spot (modem) to provide Internet access when he is traveling. If he leaves the hot spot connected to his PC while his PC is on his organization’s corporate network, what security issue might he cause?

    • A.

      Traffic may not be routed properly, exposing sensitive data.

    • B.

      His system may act as a bridge from the Internet to the local network.

    • C.

      His system may be a portal for a reflected DDoS attack.

    • D.

      Security administrators may not be able to determine his IP address if a security issue occurs.

    Correct Answer
    B. His system may act as a bridge from the Internet to the local network.
    Explanation
    When a workstation or other device is connected simultaneously to both a secure
    and a nonsecure network like the Internet, it may act as a bridge, bypassing the
    security protections located at the edge of a corporate network. It is unlikely that
    traffic will be routed improperly leading to the exposure of sensitive data, as traffic
    headed to internal systems and networks is unlikely to be routed to the external
    network. Reflected DDoS attacks are used to hide identities rather than to connect
    through to an internal network, and security administrators of managed systems
    should be able to determine both the local and wireless IP addresses his system uses.

    Rate this question:

  • 35. 

    In her role as an information security professional, Susan has been asked to identify areas where her organization’s wireless network may be accessible even though it isn’t intended to be. What should Susan do to determine where her organization’s wireless network is accessible?

    • A.

      A site survey

    • B.

      Warwalking

    • C.

      Wardriving

    • D.

      A design map

    Correct Answer
    A. A site survey
    Explanation
    Wardriving and warwalking are both processes used to locate wireless networks,
    but are not typically as detailed and thorough as a site survey, and design map is a
    made-up term.

    Rate this question:

  • 36. 

    The DARPA TCP/IP model’s Application layer matches up to what three OSI model layers?

    • A.

      Application, Presentation, and Transport

    • B.

      Presentation, Session, and Transport

    • C.

      Application, Presentation, and Session

    • D.

      There is not a direct match. The TCP model was created before the OSI model.

    Correct Answer
    C. Application, Presentation, and Session
    Explanation
    The DARPA TCP/IP model was used to create the OSI model, and the designers of
    the OSI model made sure to map the OSI model layers to it. The Application layer of
    the TCP model maps to the Application, Presentation, and Session layers, while the
    TCP and OSI models both have a distinct Transport layer.

    Rate this question:

  • 37. 

    One of Susan’s attacks during a penetration test involves inserting false ARP data into a system’s ARP cache. When the system attempts to send traffic to the address it believes belongs to a legitimate system, it will instead send that traffic to a system she controls. What is this attack called?

    • A.

      RARP Flooding

    • B.

      ARP cache poisoning

    • C.

      A denial of ARP attack

    • D.

      ARP buffer blasting

    Correct Answer
    B. ARP cache poisoning
    Explanation
    ARP cache poisoning occurs when false ARP data is inserted into a system’s ARP
    cache, allowing the attacker to modify its behavior. RARP flooding, denial of ARP
    attacks, and ARP buffer blasting are all made-up terms.

    Rate this question:

  • 38. 

    Sue modifies her MAC address to one that is allowed on a network that uses MAC filtering to provide security. What is the technique Sue used, and what non-security issue could her actions cause?

    • A.

      Broadcast domain exploit, address conflict

    • B.

      Spoofing, token loss

    • C.

      Spoofing, address conflict

    • D.

      Sham EUI creation, token loss

    Correct Answer
    C. Spoofing, address conflict
    Explanation
    The process of using a fake MAC (Media Access Control) address is called spoofing,
    and spoofing a MAC address already in use on the network can lead to an address
    collision, preventing traffic from reaching one or both systems. Tokens are used in
    token ring networks, which are outdated, and EUI refers to an Extended Unique
    Identifier, another term for MAC address, but token loss is still not the key issue.
    Broadcast domains refers to the set of machines a host can send traffic to via a
    broadcast message.

    Rate this question:

  • 39. 

    Jim’s audit of a large organization’s traditional PBX showed that Direct Inward System Access (DISA) was being abused by third parties. What issue is most likely to lead to this problem?

    • A.

      The PBX was not fully patched.

    • B.

      The dial-in modem lines use unpublished numbers.

    • C.

      DISA is set up to only allow local calls.

    • D.

      One or more users’ access codes have been compromised.

    Correct Answer
    D. One or more users’ access codes have been compromised.
    Explanation
    Direct Inward System Access uses access codes assigned to users to add a control
    layer for external access and control of the PBX. If the codes are compromised,
    attackers can make calls through the PBX or even control it. Not updating a PBX can
    lead to a range of issues, but this question is looking for a DISA issue. Allowing only
    local calls and using unpublished numbers are both security controls and might help
    keep the PBX more secure.

    Rate this question:

  • 40. 

    One or more users’ access codes have been compromised.

    • A.

      Layer 4

    • B.

      Layer 5

    • C.

      Layer 6

    • D.

      Layer 7

    Correct Answer
    D. Layer 7
    Explanation
    Application-specific protocols are handled at layer 7, the Application layer of the
    OSI model.

    Rate this question:

  • 41. 

    Lauren uses the ping utility to check whether a remote system is up as part of a penetration testing exercise. If she wants to filter ping out by protocol, what protocol should she filter out from her packet sniffer’s logs?

    • A.

      UDP

    • B.

      TCP

    • C.

      IP

    • D.

      ICMP

    Correct Answer
    D. ICMP
    Explanation
    Ping uses ICMP, the Internet Control Message Protocol, to determine whether a
    system responds and how many hops there are between the originating system and
    the remote system. Lauren simply needs to filter out ICMP to not see her pings.

    Rate this question:

  • 42. 

    Lauren wants to provide port-based authentication on her network to ensure that clients must authenticate before using the network. What technology is an appropriate solution for this requirement?

    • A.

      802.11a

    • B.

      802.3

    • C.

      802.15.1

    • D.

      802.1x

    Correct Answer
    D. 802.1x
    Explanation
    802.1x provides port-based authentication and can be used with technologies like
    EAP, the Extensible Authentication Protocol. 802.11a is a wireless standard, 802.3 is
    the standard for Ethernet, and 802.15.1 was the original Bluetooth IEEE standard.

    Rate this question:

  • 43. 

    Ben has deployed a 1000Base-T 1 gigabit network and needs to run a cable to another building. If Ben is running his link directly from a switch to another switch in that building, what is the maximum distance Ben can cover according to the 1000Base-T specification?

    • A.

      2 kilometers

    • B.

      500 meters

    • C.

      185 meters

    • D.

      100 meters

    Correct Answer
    D. 100 meters
    Explanation
    1000Base-T is capable of a 100 meter run according to its specifications. For longer
    distances, a fiber-optic cable is typically used in modern networks.

    Rate this question:

  • 44. 

    Jim’s remote site has only ISDN as an option for connectivity. What type of ISDN should he look for to get the maximum speed possible?

    • A.

      BRI

    • B.

      BPRI

    • C.

      PRI

    • D.

      D channel

    Correct Answer
    C. PRI
    Explanation
    PRI, or Primary Rate Interface, can use between 2 and 23 64 Kbps channels, with a
    maximum potential bandwidth of 1.544 Mbps. Actual speeds will be lower due to the D
    channel, which can’t be used for actual data transmission, but PRI beats BRI’s two B
    channels paired with a D channel for 144 Kbps of bandwidth.

    Rate this question:

  • 45. 

    SPIT attacks target what technology?

    • A.

      Virtualization platforms

    • B.

      Web services

    • C.

      VoIP systems

    • D.

      Secure Process Internal Transfers

    Correct Answer
    C. VoIP systems
    Explanation
    SPIT stands for Spam over Internet Telephony and targets VoIP systems.

    Rate this question:

  • 46. 

    What does a bluesnarfing attack target?

    • A.

      Data on IBM systems

    • B.

      An outbound phone call via Bluetooth

    • C.

      802.11b networks

    • D.

      Data from a Bluetooth-enabled device

    Correct Answer
    D. Data from a Bluetooth-enabled device
    Explanation
    Bluesnarfing targets the data or information on Bluetooth-enabled devices.
    Bluejacking occurs when attackers send unsolicited messages via Bluetooth.

    Rate this question:

  • 47. 

    Which of the following options includes standards or protocols that exist in layer 6 of the OSI model?

    • A.

      NFS, SQL, and RPCOption 1

    • B.

      TCP, UDP, and TLS

    • C.

      JPEG, ASCII, and MIDI

    • D.

      HTTP, FTP, SMTP

    Correct Answer
    C. JPEG, ASCII, and MIDI
    Explanation
    Layer 6, the Presentation layer, transforms data from the Application layer into
    formats that other systems can understand by formatting and standardizing the data.
    That means that standards like JPEG, ASCII, and MIDI are used at the Presentation
    layer for data. TCP, UDP, and TLS are used at the Transport layer; NFS, SQL, and RPC
    operate at the Session layer; and HTTP, FTP, and SMTP are Application layer
    protocols.

    Rate this question:

  • 48. 

    What network topology is shown below?

    • A.

      A ring

    • B.

      A bus

    • C.

      A star

    • D.

      A mesh

    Correct Answer
    D. A mesh
    Explanation
    Fully connected mesh networks provide each system with a direct physical link to
    every other system in the mesh. This is very expensive but can provide performance
    advantages for specific types of computational work.

    Rate this question:

  • 49. 

    There are four common VPN protocols. Which group of four below contains all of the common VPN protocols?

    • A.

      PPTP, LTP, L2TP, IPsec

    • B.

      PPP, L2TP, IPsec, VNC

    • C.

      PPTP, L2F, L2TP, IPsec

    • D.

      PPTP, L2TP, IPsec, SPAP

    Correct Answer
    C. PPTP, L2F, L2TP, IPsec
    Explanation
    PPTp, L2F, L2TP, and IPsec are the most common VPN protocols. TLS is also used
    for an increasingly large percentage of VPN connections and may appear at some point
    in the CISSP exam. PPP is a dial-up protocol, LTP is not a protocol, and SPAP is the
    Shiva Password Authentication Protocol sometimes used with PPTP.

    Rate this question:

  • 50. 

    What network technology is best described as a token-passing network that uses a pair of rings with traffic flowing in opposite directions?

    • A.

      A ring topology

    • B.

      Token Ring

    • C.

      FDDI

    • D.

      SONET

    Correct Answer
    C. FDDI
    Explanation
    FDDI, or Fiber Distributed Data Interface, is a token-passing network that uses a
    pair of rings with traffic flowing in opposite directions. It can bypass broken segments
    by dropping the broken point and using the second, unbroken ring to continue to
    function. Token Ring also uses tokens, but it does not use a dual loop. SONET is a
    protocol for sending multiple optical streams over fiber, and a ring topology is a
    design, not a technology.

    Rate this question:

Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.