cybersecurity test review
DESCRIPTION
Cybersecurity Test Review. Chapter Three. Question 1. Which of the following protocols is a file transfer protocol using SSH? SFTP TFTP SICMP CCMP. Question 2. Of the following choices, which one provides the most security for FTP? FTP active mode FTPS TFTP SCP. Question 3. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/1.jpg)
Cybersecurity Test ReviewChapter Three
![Page 2: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/2.jpg)
Which of the following protocols is a file transfer protocol using SSH?A. SFTPB. TFTPC. SICMPD. CCMP
Question 1
![Page 3: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/3.jpg)
Of the following choices, which one provides the most security for FTP?A. FTP active modeB. FTPSC. TFTPD. SCP
Question 2
![Page 4: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/4.jpg)
Of the following choices, what is a benefit for IPsec?A. MAC filteringB. Flood guardC. Load balancingD. Payload encryption
Question 3
![Page 5: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/5.jpg)
What protocol is used to monitor and configure network devices?A. ICMPB. SFTPC. SNMPD. DNS
Question 4
![Page 6: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/6.jpg)
Which of the following is an IPv6 address?A. 192.168.1.100B. 192.168.1.100/128C. FE80:20D4:3FF7:003F:DE62D. FE80:0000:0000:0000:20D4:3FF7:003F:DE62
Question 5
![Page 7: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/7.jpg)
Which of the following IP addresses are on the same subnet? (Choose all that apply)A. 192.168.5.50, 255.255.255.192B. 192.168.1.100, 255.255.255.192C. 192.168.1.165, 255.255.255.192D. 192.168.1.189, 255.255.255.192
Question 6
![Page 8: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/8.jpg)
An administrator decides to block Telnet access to an internal network from any remote device on the internet. Which of the following is the best choice to accomplish this?A. Block port 22 at the host firewallB. Block port 22 on the internal routersC. Block port 23 at the network firewallD. Block port 23 on internal routers
Question 7
![Page 9: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/9.jpg)
What port does SFTP use?A. 22B. 23C. 443D. 1443
Question 8
![Page 10: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/10.jpg)
What ports do HTTP and HTTPS use?A. 20 and 21B. 22 and 25C. 80 and 443D. 80 and 1433
Question 9
![Page 11: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/11.jpg)
What port does SMTP use?A. 22B. 25C. 110D. 143
Question 10
![Page 12: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/12.jpg)
Of the following choices, what ports are used by NetBIOS? (Choose two.)A. 80B. 137C. 139D. 3389
Question 11
![Page 13: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/13.jpg)
Your organization uses switches for connectivity. Of the following choices, what will protect the switch?A. Disable unused MAC addressesB. Disable unused portsC. Disable unused IPv4 addressesD. Disable unused IPv6 addresses
Question 12
![Page 14: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/14.jpg)
YA user unplugged a cable into two RJ-45 wall jacks connected to unused ports on a switch. In a short period, this disrupted the overall network performance. What should you do to protect against this problem in the future?A. Enable loop protection on the switchB. Disable port securityC. Use a VLAND. Create DMZ
Question 13
![Page 15: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/15.jpg)
What can you use to logically separate computers in two different departments within a company?A. A hubB. A VLANC. NATD. A flood guard
Question 14
![Page 16: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/16.jpg)
Most firewalls have a default rule placed at the end of the firewall’s ACL. Which of the following is the most likely default rule?A. Deny any anyB. Deny ICMP allC. Allow all allD. Allow TCP all
Question 15
![Page 17: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/17.jpg)
Of the following choices, what best describes a method of managing the flow of network traffic by allowing or denying traffic based on ports, protocols and addresses?A. Implicit denyB. Firewall rulesC. Proxy server content filterD. Firewall logs
Question 16
![Page 18: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/18.jpg)
Of the following choices, what represents the best choice to prevent intrusions on an individual computer?
A. HIDSB. NIDSC. Host-based firewallD. Network-based firewalls
Question 17
![Page 19: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/19.jpg)
Your network includes a subnet that hosts accounting server with sensitive data. You want to ensure that users in the Marketing Department (on a separate subnet) cannot access these servers. Of the following choices, what would be the easiest to achieve the goal?
A. Enable load balancingB. Enable port securityC. Use an ACLD. Add a host-based firewall to each server
Question 18
![Page 20: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/20.jpg)
Of the following choices, what controls traffic between networks?
A. A firewallB. Load balancerC. VPN connectorD. Protocol analyzer
Question 19
![Page 21: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/21.jpg)
An organization has a web security gateway installed. What function is this performing?
A. MAC filteringB. Caching contentC. Hiding internal IP addressesD. Content filtering
Question 20
![Page 22: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/22.jpg)
Your organization hosts a large website served by multiple servers. They need to optimize the workload and distribute it equally among all servers. What should they use?
A. Proxy serverB. Load balancerC. Web security gatewayD. Security appliance
Question 21
![Page 23: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/23.jpg)
Of the following choices, what can be used to allow access to specific servers from the internet while protecting access to an internal network?
A. SSHB. Implicit denyC. DMZD. Port security
Question 22
![Page 24: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/24.jpg)
Of the following choices, what hides the IP addresses of computers inside a network from computers outside the network?
A. Web security gatewayB. Replacing all hubs with switchesC. WAFD. NAT
Question 23
![Page 25: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/25.jpg)
Of the following choices, what is the best choice for a device to filter and cache content from web pages?
A. Web security gatewayB. VPN connectorC. Proxy serverD. MAC filtering
Question 24
![Page 26: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/26.jpg)
In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access? (Select TWO).
A. SubnettingB. NATC. FirewallD. NACE. VPN
Question 25
![Page 27: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/27.jpg)
Which of the following can prevent an unauthorized person from accessing the network by plugging into an open network jack?
A. 802.1xB. DHCPC. 802.1qD. NIPS
Question 26
![Page 28: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/28.jpg)
After verifying that the server and database are running, Jane, the administrator, is still unable tomake a TCP connection to the database. Which of the following is the MOST likely cause for this?
A. The server has data execution prevention enabled
B. The server has TPM based protection enabledC. The server has HIDS installedD. The server is running a host-based firewall
Question 27
![Page 29: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/29.jpg)
A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check?
A. FirewallB. ApplicationC. IDSD. Security
Question 28
![Page 30: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/30.jpg)
Which of the following devices would MOST likely have a DMZ interface?
A. FirewallB. SwitchC. Load balancerD. Proxy
Question 29
![Page 31: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/31.jpg)
Which of the following tools would Matt, a security administrator, MOST likely use to analyze a malicious payload?
A. Vulnerability scannerB. FuzzerC. Port scannerD. Protocol analyzer
Question 30
![Page 32: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/32.jpg)
Which of the following BEST describes a protective countermeasure for SQL injection?
A. Eliminating cross-site scripting vulnerabilities
B. Installing an IDS to monitor network trafficC. Validating user input in web applicationsD. Placing a firewall between the Internet and
database servers
Question 31
![Page 33: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/33.jpg)
Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic?
A. Connect the WAP to a different switch.B. Create a voice VLAN.C. Create a DMZ.D. Set the switch ports to 802.1q mode.
Question 32
![Page 34: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/34.jpg)
Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO).
A. 10.4.4.125B. 10.4.4.158C. 10.4.4.165D. 10.4.4.189E. 10.4.4.199
Question 33
![Page 35: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/35.jpg)
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?
A. Spam filterB. Protocol analyzerC. Web application firewallD. Load balancer
Question 34
![Page 36: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/36.jpg)
An ACL placed on which of the following ports would block IMAP traffic?
A. 110B. 143C. 389D. 465
Question 35
![Page 37: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/37.jpg)
Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?
A. HIDSB. FirewallC. NIPSD. Spam filter
Question 36
![Page 38: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/38.jpg)
Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?
A. Packet filtering firewallB. VPN gatewayC. SwitchD. Router
Question 37
![Page 39: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/39.jpg)
Matt, the IT Manager, wants to create a new network available to virtual servers on the samehypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished?
A. Create a VLAN without a default gateway.B. Remove the network from the routing table.C. Create a virtual switch.D. Commission a stand-alone switch.
Question 38
![Page 40: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/40.jpg)
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?
A. 20B. 21C. 22D. 23
Question 39
![Page 41: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/41.jpg)
Which of the following protocols would be implemented to secure file transfers using SSL?
A. TFTPB. SCPC. SFTPD. FTPS
Question 40
![Page 42: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/42.jpg)
Which of the following are used to implement VPNs? (Select TWO).
A. SFTPB. IPSecC. HTTPSD. SNMPE. SSL
Question 41
![Page 43: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/43.jpg)
Matt, a security administrator, is receiving reports about several SQL injections and buffer overflows through his company’s website. Which of the following would reduce the amount of these attack types?
A. AntivirusB. Anti-spamC. Input validationD. Host based firewalls
Question 42
![Page 44: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/44.jpg)
Pete, the security administrator, wants to ensure that traffic to the corporate intranet is secure using HTTPS. He configures the firewall to deny traffic to port 80. Now users cannot connect to the intranet even through HTTPS. Which of the following is MOST likely causing the issue?
A. The web server is configured on the firewall’s DMZ interface.
B. The VLAN is improperly configured.C. The firewall’s MAC address has not been entered
into the filtering list.D. The firewall executes an implicit deny.
Question 43
![Page 45: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/45.jpg)
Which of the following protocols can be used to secure traffic for telecommuters?
A. WPAB. IPSecC. ICMPD. SMTP
Question 44
![Page 46: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/46.jpg)
Which of the following must Jane, a security administrator, implement to ensure all wired ports are authenticated before a user is allowed onto the network?
A. Intrusion prevention systemB. Web security gatewayC. Network access controlD. IP access control lists
Question 45
![Page 47: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/47.jpg)
A security administrator needs to open ports on the firewall to allow for secure data transfer. Which of the following TCP ports would allow for secure transfer of files by default?
A. 21B. 22C. 23D. 25
Question 46
![Page 48: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/48.jpg)
Which of the following technologies would allow for a secure tunneled connection from one site to another? (Select TWO).
A. SFTPB. IPSecC. SSHD. HTTPSE. ICMP
Question 47
![Page 49: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/49.jpg)
Which of the following network design elements provides for a one-to-one relationship between an internal network address and an external network address?
A. NATB. NACC. VLAND. PAT
Question 48
![Page 50: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/50.jpg)
Sara, a security administrator, needs to implement the equivalent of a DMZ at the datacenter entrance. Which of the following must she implement?
A. Video surveillanceB. MantrapC. Access listD. Alarm
Question 49
![Page 51: Cybersecurity Test Review](https://reader033.vdocument.in/reader033/viewer/2022042720/56815535550346895dc30c0d/html5/thumbnails/51.jpg)
Sara, a security technician, has been asked to design a solution which will enable external users to have access to a Web server, while keeping the internal network unaffected by this access. Which of the following would BEST meet this objective?
A. Place the Web server on a VLANB. Place the Web server inside of the internal
firewallC. Place the Web server in a DMZD. Place the Web server on a VPN
Question 50