Check answers here:
Modules 1 – 4: Securing Networks Group Exam Answers Full
Quiz-summary
0 of 25 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
Information
Network Security (Version1.0) Modules 1 – 4: Securing Networks Group Test Online
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 25 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- Answered
- Review
-
Question 1 of 25
1. Question
1 pointsAn administrator defined a local user account with a secret password on router R1 for use with SSH. Which three additional steps are required to configure R1 to accept only encrypted SSH connections? (Choose three.)Correct
Incorrect
Hint
There are three steps to configure SSH support on a Cisco router:- Step 1: Configure a hostname.
- Step 2: Configure a domain name.
- Step 3: Generate crypto keys.
-
Question 2 of 25
2. Question
1 pointsWhich command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?Correct
Incorrect
Hint
The correct syntax is RouterA(config)# login block-for (number of seconds) attempts (number of attempts) within (number of seconds). -
Question 3 of 25
3. Question
1 pointsWhich two practices are associated with securing the features and performance of router operating systems? (Choose two.)Correct
Incorrect
Hint
Configuring a router with maximum available memory allows support for the widest range of security services and can help to protect against certain DoS attacks. Secure copies of router operating system images and configuration files provide backups needed for device recovery. Installing a UPS device provides physical security for networking devices but does not affect the security of their operating systems. Disabling unnecessary ports and services is part of the process of router hardening, and does not specifically involve the router operating system. -
Question 4 of 25
4. Question
1 pointsPasswords can be used to restrict access to all or parts of the Cisco IOS. Select the modes and interfaces that can be protected with passwords. (Choose three.)Correct
Incorrect
Hint
Access to the VTY and console interfaces can be restricted using passwords. Out-of-band management of the router can be restricted in both user EXEC and privileged EXEC modes. -
Question 5 of 25
5. Question
1 pointsA network administrator enters the service password-encryption command into the configuration mode of a router. What does this command accomplish?Correct
Incorrect
Hint
The startup-config and running-config files display most passwords in plaintext. Use the service password-encryption global config command to encrypt all plaintext passwords in these files. -
Question 6 of 25
6. Question
1 pointsOn which two interfaces or ports can security be improved by configuring executive timeouts? (Choose two.)Correct
Incorrect
Hint
Executive timeouts allow the Cisco device to automatically disconnect users after they have been idle for the specified time. Console, vty, and aux ports can be configured with executive timeouts. -
Question 7 of 25
7. Question
1 pointsA security service company is conducting an audit in several risk areas within a major corporation. What statement describes an attack vector?Correct
Incorrect
-
Question 8 of 25
8. Question
1 pointsWhat is the purpose of mobile device management (MDM) software?Correct
Incorrect
Hint
Mobile device management (MDM) software is used with mobile devices so that corporate IT personnel can track the devices, implement security settings, as well as control software configurations. -
Question 9 of 25
9. Question
1 pointsWhich security implementation will provide management plane protection for a network device?Correct
Incorrect
Hint
Management plane processes typically use protocols such as Telnet and SSH. Role-based access control ensures that only authorized users have management privileges. ACLs perform packet filtering and antispoofing functions on the data plane to secure packets generated by users. Routing protocol authentication on the control plane ensures that a router does not accept false routing updates from neighbor routers. -
Question 10 of 25
10. Question
1 pointsA security service company is conducting an audit in several risk areas within a major corporation. What statement describes the risk of access to cloud storage devices?Correct
Incorrect
-
Question 11 of 25
11. Question
1 pointsWhich security measure is best used to limit the success of a reconnaissance attack from within a campus area network?Correct
Incorrect
Hint
The implementation of an access list may provide extra security by permitting denying a flow of traffic, but it will not provide a direct response to limit the success of the attack. The implementation of a firewall on the network edge may prevent reconnaissance attacks from the Internet, but attacks within the local network are not prevented. By implementing restrictions on the sending of ICMP echo-reply messages within a local network, devices may not respond to ping messages, but port scans are not prevented and clear-text data sent on the network are still vulnerable. The best security measure is to encrypt as much network traffic as possible, both user data and network management traffic. -
Question 12 of 25
12. Question
1 pointsWhat are two evasion methods used by hackers? (Choose two.)Correct
Incorrect
Hint
- The following methods are used by hackers to avoid detection:Encryption and tunneling – hide or scramble the malware content
- Resource exhaustion – keep the host device too busy to detect the invasion
- Traffic fragmentation – split the malware into multiple packets
- Protocol-level misinterpretation – sneak by the firewall
- Pivot – use a compromised network device to attempt access to another device
- Rootkit – allow the hacker to avoid detection as well as hide software installed by the hacker
-
Question 13 of 25
13. Question
1 pointsMatch the security concept to the description.Correct
Incorrect
-
Question 14 of 25
14. Question
1 pointsWhich attack involves threat actors positioning themselves between a source and destination with the intent of transparently monitoring, capturing, and controlling the communication?Correct
Incorrect
Hint
The man-in-the-middle attack is a common IP-related attack where threat actors position themselves between a source and destination to transparently monitor, capture, and control the communication. -
Question 15 of 25
15. Question
1 pointsWhat is the motivation of a white hat attacker?Correct
Incorrect
Hint
White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization. -
Question 16 of 25
16. Question
1 pointsA user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.)Correct
Incorrect
Hint
Common symptoms of computers infected with malware:- Appearance of files, applications, or desktop icons
- Security tools such as antivirus software or firewalls turned off or changed
- System crashes
- Emails spontaneously sent to others
- Modified or missing files
- Slow system or browser response
- Unfamiliar processes or services running
- Unknown TCP or UDP ports open
- Connections made to unknown remote devices
-
Question 17 of 25
17. Question
1 pointsWhich security feature or device would more likely be used within a CAN than a SOHO or data center?Correct
Incorrect
Hint
A Cisco Email Security Appliance (ESA) and Web Security Appliance (WSA) provide advanced threat defense, application visibility and control, reporting, and secure mobility to secure and control email and web traffic at within a campus area network (CAN). A wireless router is a common defense mechanism used in a SOHO. Exit sensors and a security trap are features used within a data center. A virtual security gateway is integrated into Cisco Nexus switches and is used for inter-virtual machine security. -
Question 18 of 25
18. Question
1 pointsA company has several sales offices distributed within a city. Each sales office has a SOHO network. What are two security features that are commonly found in such a network configuration? (Choose two.)Correct
Incorrect
Hint
Small Office and Home Office (SOHO) networks are typically protected using a consumer grade wireless router that includes both wired and wireless connections. WPA2 is commonly used for wireless encryption and port security is used to ensure non-company devices are not plugged into the wired network. -
Question 19 of 25
19. Question
1 pointsWhat are two data protection functions provided by MDM? (Choose two.)Correct
Incorrect
Hint
Data protection functions include PIN locking, encryption, and remote data wiping. In contrast, data loss prevention prevents authorized users from doing careless or malicious things with data important to the organization. -
Question 20 of 25
20. Question
1 pointsWhich condition describes the potential threat created by Instant On in a data center?Correct
Incorrect
Hint
The phrase Instant On describes a potential threat to a VM when it is brought online after it has not been used for a period of time. Because it is offline for a while, it may have outdated security policies that deviate from the baseline security and can introduce security vulnerabilities. -
Question 21 of 25
21. Question
1 pointsWhat functional area of the Cisco Network Foundation Protection framework is responsible for device-generated packets required for network operation, such as ARP message exchanges and routing advertisements?Correct
Incorrect
Hint
There are three functional areas of the Cisco Network Foundation Protection (NFP) framework:- Control plane: Responsible for routing functions. Consists of the traffic generated by network devices to operate the network.
- Management plane: Responsible for managing network devices.
- Data (Forwarding) plane: Responsible for forwarding user data.
-
Question 22 of 25
22. Question
1 pointsA security service company is conducting an audit in several risk areas within a major corporation. What statement describes the risk of using social networking?Correct
Incorrect
-
Question 23 of 25
23. Question
1 pointsA security service company is conducting an audit in several risk areas within a major corporation. What statement describes the risk of access to removable media?Correct
Incorrect
-
Question 24 of 25
24. Question
1 pointsWhat is the purpose of a reconnaissance attack on a computer network?Correct
Incorrect
Hint
Curriculum Reference: Module 1.1 This item is based on information contained in the presentation. Preventing users from accessing network resources is a denial of service attack. Being able to steal data from the network servers may be the objective after a reconnaissance attack gathers information about the target network and system. Redirecting data traffic so it can be monitored is a man-in-the middle attack. -
Question 25 of 25
25. Question
1 pointsA security service company is conducting an audit in several risk areas within a major corporation. What statement describes an internal threat?Correct
Incorrect