2.8.2 Module 2 – System and Network Defense Quiz Answers

Network Defense Module 2.8.2 Module 2 – System and Network Defense Quiz Questions Exam Answers

1. A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?

  • Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded.
  • Turn off antivirus on all the computers.
  • Install the program on individual computers.
  • Distribute the program on a thumb drive.
  • Encrypt the program and require a password after it is downloaded.

Explanation: Hashing is a method to ensure integrity and ensures that the data is not changed.

2. A user is running a routine audit of the server hardware in the company data center. Several servers are using single drives to host operating systems and multiple types of attached storage solutions for storing data. The user wants to offer a better solution to provide fault tolerance during a drive failure. Which solution is best?

  • offsite backup
  • RAID
  • tape backup
  • UPS

Explanation: Fault tolerance is addressing a single point of failure, in this case the hard drives.

3. A user was hired by a company to provide a highly available network infrastructure. The user wants to build redundancy into the network in case of a switch failure, but wants to prevent Layer 2 looping. What would the user implement in the network?

  • Spanning Tree Protocol
  • GLBP
  • HSRP
  • VRRP

Explanation: Loops and duplicate frames cause poor performance in a switched network. The Spanning Tree Protocol (STP) provides a loop-free path through the switch network.

4. Why is WPA2 better than WPA?

  • reduced keyspace
  • reduced processing time
  • mandatory use of AES algorithms
  • supports TKIP

Explanation: A good way to remember wireless security standards is to consider how they evolved from WEP to WPA, then to WPA2. Each evolution increased security measures.

5. An administrator of a small data center wants a flexible, secure method of remotely connecting to servers.Which protocol would be best to use?

  • Secure Shell
  • Remote Desktop
  • Telnet
  • Secure Copy

Explanation: Because hackers sniffing traffic can read clear text passwords, any connection needs to be encrypted. Additionally, a solution should not be operating system-dependent.

6. Which service will resolve a specific web address into an IP address of the destination web server?

  • DHCP
  • ICMP
  • NTP
  • DNS

Explanation: DNS resolves a website address to the actual IP address of that destination.

7. A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance?

  • Type II
  • CER
  • false rejection
  • Type I

Explanation: There are two types of errors that biometrics can have: false acceptance and false rejection. False acceptance is a Type II error. The two types can intersect at a point called the crossover error rate.

8. Mutual authentication can prevent which type of attack?

  • wireless sniffing
  • wireless IP spoofing
  • wireless poisoning
  • man-in-the-middle

Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

9. Which utility uses the Internet Control Messaging Protocol (ICMP)?

  • RIP
  • DNS
  • NTP
  • ping

Explanation: ICMP is used by network devices to send error messages.

10. Which technology can be used to protect VoIP against eavesdropping?

  • ARP
  • strong authentication
  • SSH
  • encrypted voice messages

Explanation: Many advanced technologies such as VoIP, streaming video, and electronic conferencing require advanced countermeasures.

11. What is the purpose of a DMZ?

  • It analyzes traffic for intrusion attempts and sends reports to management stations.
  • It creates an encrypted and authenticated tunnel for remote hosts to access the internal network.
  • It provides secure connectivity for clients that connect to the internal network through a wireless LAN.
  • It allows external hosts to access specific company servers while maintaining the security restrictions for the internal network.

Explanation: The DMZ is an area of the network that is accessible to both internal and external users. It is more secure than the external network but not as secure as the internal network. It allows external hosts to access internal servers.

12. What two steps should be taken before connecting any IoT device to a home or business network? (Choose 2.)

  • Update the device firmware with all relevant security patches.
  • Reset all IoT device settings to their defaults before connecting to a live network.
  • Record the administrative credentials on the login plate in case you forget them.
  • Change all default administrator credentials.
  • Ensure all IoT devices are isolated to a single broadcast domain.

Explanation: IoT devices should be evaluated to ensure that they are able to update their firmware with security patches, preferably over wireless networks. In addition, default administrator credentials on these devices should always be changed from the default settings because these settings are publicly known.

Notify of

Inline Feedbacks
View all comments