Module 1: Quiz – Securing Networks (Answers) Network Security

1. Which security measure is typically found both inside and outside a data center facility?

  • a gate
  • biometrics access
  • exit sensors
  • security traps
  • continuous video surveillance

Explanation: Continuous video surveillance is a security measure found both inside and outside a data center facility. A gate provides outside perimeter security. Security traps, biometrics access, and exit sensors provide inside perimeter security.

2. Which statement accurately characterizes the evolution of threats to network security?

  • Threats have become less sophisticated while the technical knowledge needed by an attacker has grown.
  • Early Internet users often engaged in activities that would harm other users.
  • Internal threats can cause even greater damage than external threats.
  • Internet architects planned for network security from the beginning.

Explanation: Internal threats can be intentional or accidental and cause greater damage than external threats because the internal user has direct access to the internal corporate network and corporate data.

3. Which security technology is commonly used by a teleworker when accessing resources on the main corporate office network?

  • SecureX
  • IPS
  • VPN
  • biometric access

Explanation: VPNs are commonly used between corporate sites and between mobile or remote workers that connect to and use resources on the corporate network.

4. A security intern is reviewing the corporate network topology diagrams before participating in a security review. Which network topology would commonly have a large number of wired desktop computers?

  • cloud
  • CAN
  • data center
  • SOHO

Explanation: Campus area networks (CANs) commonly have multiple LANs that have host devices attached. A SOHO topology contains wired and wireless hosts on a limited basis. Data centers and cloud topologies typically do not have PCs.

5. In the video that describes the anatomy of an attack, a threat actor was able to gain access through a network device, download data, and destroy it. Which flaw allowed the threat actor to do this?

  • a flat network with no subnets or VLANs
  • improper physical security to gain access to the building
  • lack of a strong password policy
  • open ports on the firewall

Explanation: The company had a flat network with no subnets. The threat actor was able to access and destroy all kinds of corporate data due to a thermostat that was on the network, but was not scanned as part of the security procedures.

6. Which type of network commonly makes use of redundant air conditioning and a security trap?

  • cloud
  • WAN
  • data center
  • CAN

Explanation: Data centers use a variety of techniques for security including redundant heating, ventilation, and air conditioning (HVAC), UPS systems, fire alarms, sprinklers, video surveillance, electronic motion detectors, security traps, biometric security, security officers, fences, gates, video surveillance, and security breach alarms. Even though cloud-based virtualized servers and network devices may be housed in a data center, protection for cloud computing requires other technologies.

7. Which technology is used to secure, monitor, and manage mobile devices?

  • VPN
  • rootkit
  • ASA firewall
  • MDM

Explanation: Mobile Device Management (MDM) is used to secure, monitor, and manage both corporate-owned and employee-owned devices such as smartphones, tablets, laptops, and desktops.

8. When considering network security, what is the most valuable asset of an organization?

  • customers
  • financial resources
  • personnel
  • data

Explanation: Data, such as research and development data, sales data, financial data, human resource and legal data, employee data, contractor data, and customer data, is likely to be the most valuable asset for an organization.

9. What is hyperjacking?

  • adding outdated security software to a virtual machine to gain access to a data center server
  • using processors from multiple computers to increase data processing power
  • overclocking the mesh network which connects the data center servers
  • taking over a virtual machine hypervisor as part of a data center attack

Explanation: Hyperjacking occurs when an attacker hijacks a virtual machine (VM) hypervisor and then uses that VM to launch an attack on other data center devices.

10. Which resource is affected due to weak security settings for a device owned by the company, but housed in another location?

  • cloud storage device
  • hard copy
  • removable media
  • social networking

Explanation: Cloud storage is popular and has many benefits. However data stored there could be compromised due to weak security settings.

11. Refer to the exhibit. An IT security manager is planning security updates on this particular network. Which type of network is displayed in the exhibit and is being considered for updates?

  • WAN
  • CAN
  • data center
  • SOHO

Explanation: A distinguishing factor of campus area networks (CANs) are that they have interconnected LANs.

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x