Network Defense Module 9.3.2 Technologies and Protocols Quiz Questions Exam Answers
1. How do cybercriminals make use of a malicious iFrame?
- The iFrame allows the browser to load a web page from another source.
- The attacker embeds malicious content in business appropriate files.
- The attacker redirects traffic to an incorrect DNS server.
- The iFrame allows multiple DNS subdomains to be used.
2. In which way does the use of HTTPS increase the security monitoring challenges within enterprise networks?
- HTTPS traffic is much faster than HTTP traffic.
- HTTPS traffic enables end-to-end encryption.
- HTTPS traffic does not require authentication.
- HTTPS traffic can carry a much larger data payload than HTTP can carry.
3. Which network service synchronizes the time across all devices on the network?
- NTP
- SNMP
- NetFlow
- syslog
4. Which type of server daemon accepts messages sent by network devices to create a collection of log entries?
- SSH
- NTP
- syslog
- AAA
5. What port number would be used if a threat actor was using NTP to direct DDoS attacks?
- 25
- 69
- 123
- 443
6. Which protocol is used to send e-mail messages between two servers that are in different e-mail domains?
- HTTP
- POP3
- SMTP
- IMAP4
7. What type of server can threat actors use DNS to communicate with?
- CnC
- database
- NTP
- web
8. Which type of server would support the SMTP, POP, and IMAP protocols?
- DHCP
- proxy
- syslog
9. What method allows VPN traffic to remain confidential?
- authentication
- encryption
- verification
- encapsulation
10. To facilitate the troubleshooting process, which inbound ICMP message should be permitted on an outside interface?
- echo request
- echo reply
- time-stamp request
- time-stamp reply
- router advertisement
11. Which statement describes the function provided by the Tor network?
- It distributes user packets through load balancing.
- It allows users to browse the Internet anonymously.
- It conceals packet contents by establishing end-to-end tunnels.
- It manipulates packets by mapping IP addresses between two networks.
12. How can NAT/PAT complicate network security monitoring if NetFlow is being used?
- It changes the source and destination MAC addresses.
- It conceals the contents of a packet by encrypting the data payload.
- It disguises the application initiated by a user by manipulating port numbers.
- It hides internal IP addresses by allowing them to share one or a few outside IP addresses.
13. A cyberanalyst is reviewing an entry-point ACL. What three types of ICMP traffic should be allowed to access an internal network from the internet? (Choose three.)
- request
- reply
- time exceeded
- squelch
- ping
- destination unreachable
14. A company decides to purchase a device capable of managing load balancing so that traffic will be distributed between their servers. What could be a potential problem using the new device on the network?
- It will require the purchase of more servers so that existing servers are not overwhelmed.
- The LBM probe messages may appear as suspicious traffic.
- The traffic will require more bandwidth to send to multiple servers.
- All links to redundant servers will require encrypted tunneling protocols.
- It will cause extra traffic going to a server resource that is not available.