1. A cyberanalyst is reviewing an entry-point ACL. What three types of ICMP traffic should be allowed to access an internal network from the internet? (Choose three.)
- destination unreachable
- time exceeded
- ping
- request
- reply
- squelch
2. A company decides to purchase a device capable of managing load balancing so that traffic will be distributed between their servers. What could be a potential problem using the new device on the network?
- It will cause extra traffic going to a server resource that is not available.
- It will require the purchase of more servers so that existing servers are not overwhelmed.
- The traffic will require more bandwidth to send to multiple servers.
- All links to redundant servers will require encrypted tunneling protocols.
- The LBM probe messages may appear as suspicious traffic.
3. What method allows VPN traffic to remain confidential?
- verification
- authentication
- encryption
- encapsulation
4. To facilitate the troubleshooting process, which inbound ICMP message should be permitted on an outside interface?
- time-stamp reply
- echo reply
- time-stamp request
- router advertisement
- echo request
5. In which way does the use of HTTPS increase the security monitoring challenges within enterprise networks?
- HTTPS traffic enables end-to-end encryption.
- HTTPS traffic does not require authentication.
- HTTPS traffic can carry a much larger data payload than HTTP can carry.
- HTTPS traffic is much faster than HTTP traffic.
6. Which type of server would support the SMTP, POP, and IMAP protocols?
- proxy
- syslog
- DHCP
7. Which network service synchronizes the time across all devices on the network?
- NetFlow
- NTP
- SNMP
- syslog
8. What port number would be used if a threat actor was using NTP to direct DDoS attacks?
- 25
- 69
- 443
- 123
9. Which protocol is used to send e-mail messages between two servers that are in different e-mail domains?
- SMTP
- IMAP4
- POP3
- HTTP
10. How do cybercriminals make use of a malicious iFrame?
- The iFrame allows multiple DNS subdomains to be used.
- The attacker embeds malicious content in business appropriate files.
- The attacker redirects traffic to an incorrect DNS server.
- The iFrame allows the browser to load a web page from another source.
11. Which type of server daemon accepts messages sent by network devices to create a collection of log entries?
- NTP
- syslog
- AAA
- SSH
12. What type of server can threat actors use DNS to communicate with?
- web
- NTP
- CnC
- database
13. Which statement describes the function provided by the Tor network?
- It allows users to browse the Internet anonymously.
- It manipulates packets by mapping IP addresses between two networks.
- It distributes user packets through load balancing.
- It conceals packet contents by establishing end-to-end tunnels.
14. How can NAT/PAT complicate network security monitoring if NetFlow is being used?
- It conceals the contents of a packet by encrypting the data payload.
- It hides internal IP addresses by allowing them to share one or a few outside IP addresses.
- It changes the source and destination MAC addresses.
- It disguises the application initiated by a user by manipulating port numbers.