Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
210 Cards in this Set
- Front
- Back
An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.
True or False |
T |
|
After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel. True or False |
F |
|
The MD5 hashing algorithm is not susceptible to the possibility of hash collisions. True False |
F |
|
Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP. True or False |
T |
|
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers? laaS PaaS SaaS Xaas |
IaaS |
|
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? laaS SaaS XaaS PaaS |
SaaS |
|
Which of the following is NOT an encryption algorithm used by SSH? SHA-2 DES RSA Kerberos |
SHA-2 |
|
The SSH service listens on what TCP port? 20 21 22 23 |
22 |
|
The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length? 128 bit 160 bit 256 bit 512 bit |
160 BIT |
|
What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers? MS-CHAP MS-CHAPv2 EAP TKIP |
EAP |
|
When using public and private keys to connect to an SSH server, where must your public key be placed before you can connect? In an authorization file under your home directory on your computer. In an authorization file on the host where the SSH server is. in the /etc/ssh/keys folder. In the /var/run/ssh/public folder. |
In an authorization file on the host where the SSH server is. |
|
What security principle provides proof of delivery and proof of the sender's identity? utility integrity availability non-repudiation |
non-repudiation |
|
The combination of a public key and a private key are known by what term below? key Set key team key pair key tie |
key pair |
|
Digital certificates are issued by organizations known as what term? Certification authorities certification registrars identity verifiers certificate exchanges |
Certification authorities |
|
What Security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission? L2TP TLS IPSeC SSL |
IPSeC |
|
At what layer of the OSI model does the IPsec encryption protocol operate? Physical layer Network layer Transport layer Application layer |
Network layer |
|
The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field? priority FCS FEC encryption |
FCS |
|
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites? VPN proxy VPN Server VPN transport VPN gateway |
VPN gateway |
|
Amazon and RackSpace both utilize what virtualization software below to create their cloud environments? VMware vSphere Oracle VirtualBox Parallels Citrix Xem |
Citrix Xem |
|
What protocol below is a Microsoft proprietary protocol first available in Windows Vista? L2TP PPTP TTLS SSTP |
SSTP |
|
What authentication protocol sends authentication information in cleartext without encryption? PAP MS-CHAP MS-CHAPv2 EAP |
PAP |
|
How often should administrators and network users be required to change their password? 60 days 90 days 120 days 180 days |
60 days |
|
What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?Kerberos TKIP AES EAP |
TKIP |
|
A SecurlD key chain fob from RSA security generates a password that changes how often?every 20 seconds every 30 seconds every 60 seconds every 70 seconds |
every 60 seconds |
|
What two protocols below are Data Link Layer protocols designed to connect WAN endpoints in a direct connection, such as when a client computer connects to a server at an ISP using a dialup or DSL connection and modem? OpenVPN SLIP PPTP PPP |
SLIP PPP |
|
What two different types of encryption can be used by IPsec during data transfer? Secure Sockets Layer (SSL) Authentication Header (AH) Encapsulating Security Payload (ESP ) Advanced Encryption Standard (AES) |
Authentication Header (AH) Encapsulating Security Payload (ESP |
|
The key management phase of IPSec is reliant on which two services below? Internet Key Exchange (IKE)
Internet Security Association and Key Management Protocol (ISAKMP) Authentication Header (AH) Encapsulating Security Payload (ESP) |
Internet Security Association and Key Management Protocol (ISAKMP) |
|
What two key lengths are the most popular for the SHA-2 hashing algorithm? 160 256 512 1024 |
256 512 |
|
What two options below are AAA services?OpenSSH OpenVPN RADIUS TACACS+ |
RADIUS TACACS+ |
|
The__ cloud service model provides virtual environments online that can be tailored to the needs of developers. |
Platform as a Service (PaaS) |
|
A__ is a Service that is shared between multiple organizations, but not available publicly. |
community cloud |
|
A variant of TLS is ______ which provides authentication like SSL/TLS, but does not require a certificate for each user. |
Tunneled Transport Layer Security (TTLS) |
|
in Kerberos, a temporary set of credentials that a client uses to prove that its identity has been validated is known as a____ |
ticket |
|
When PPP is used over an Ethernet network, it is known as_________ |
PPPoE |
|
Different types of organizations have similar levels of network security risks. True False |
F |
|
A firewall typically involves a combination of hardware and software. True False |
T |
|
The simplest type of firewall is a content filtering firewall. True False |
F |
|
A SOHO wireless router typically acts as a firewall and may include packet filtering options. True False |
T |
|
The term malware is derived from a combination of the words malicious and Software. True False |
T |
|
Which software below combines known scanning techniques and exploits to allow for hybrid exploits? NeSSuS metasploit nmap Sub7 |
metasploit |
|
What kind of attack involves a flood of broadcast ping messages, with the originating Source address being spoofed to appear as a host on the network? amplification attack Smurf attack zombie attack SYN attack |
Smurf attack |
|
Botnets often make use of what chat protocol in order to receive commands? XMPP AIM IRC Skype |
IRC |
|
Which virus below combines polymorphism and stealth techniques to create a very destructive virus? NataS Macro Michelangelo Stoned |
NataS |
|
What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size, and internal instructions) to avoid detection? encryption Stealth polymorphism time dependence |
polymorphism |
|
What type of virus are dormant until a specific condition is met, such as the changing of a file or a match of the current date? encrypted virus logic bomb boot sector virus WORM |
logic bomb |
|
Programs that run independently and travel between computers and across networks, Such as by e-mail attachment or virtually any kind of file transfer, are known as which option below?file-infector viruses worms network viruses maCro Viruses |
worms |
|
If multiple honeypots are connected to form a larger network, what term is used to describe the network? Combolure lurenet honeycomb honeynet |
honeynet |
|
A system that is capable of collecting and analyzing information generated by firewalls, IDS, and IPS systems is known as which term below? event Collector architecture Syslog System SIEM system log or ORganizer |
SIEM system |
|
A proxy that provides Internet clients access to services on its own network is known as what type of proxy? reverse proxy Cache proxy service proxy inverse proxy |
reverse proxy |
|
At what layer of the OSI model do firewalls operate? Transport Data link Network Application |
Network |
|
Which software below serves as the firewall for Linux systems? ZoneAlarm Comodo iptables ipf |
iptables |
|
A reflective attack can be increased in intensity by combining it with what type of attack? Smurf attack SYN attack amplification attack friendly attack |
amplification attack |
|
An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below? banner-grabbing attack reflective attack friendly attack IP spoofing attack |
banner-grabbing attack |
|
An attack that involves a person redirecting or capturing secure transmissions as they occur is known as what type of attack? buffer overflow session hijacking attack man-in-the-middle attack banner-grabbing attack |
man-in-the-middle attack |
|
Which option below is a standard created by the NSA that defines protections against radio frequency emanations? EmSeC TEMPEST RFGUARD BlockSec move/copy question to another bank |
TEMPEST |
|
The process in which a person attempts to glean access for authentication information by posing as someone who needs that information is known as what option below?mining phishing hunting doxing |
phishing |
|
What feature on some network switches can be used to detect faked arp messages? DHCP Snooping session monitoring dynamic packet inspection dynamic ARP inspection |
dynamic ARP inspection |
|
In ACL statements, the any keyword is equivalent to using which wildcard mask?255.255.255.255 O.O.O.O O.O.255.255 255.255.0.0 |
O.O.O.O |
|
What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire? transparent wire mode virtual access mode pass-thru mode virtual wire mode |
virtual wire mode |
|
What two types of agents are used to check compliance with network security policies?dissolvable agent temporary agent persistent agent permanent agent |
dissolvable agent persistent agent |
|
What two options below are IDS implementations used to provide additional security on a network?
IIDS PIDS HIDS NIDS |
HIDS NIDS |
|
What two terms describe a network of compromised computers that are then used to perform coordinated DDoS attacks without their owners' knowledge or consent? reflectorS botnet zombie army repeaters |
botnet zombie army |
|
Which two viruses below are examples of boot sector viruses? Michelangelo Stoned NataS Klez |
Michelangelo Stoned |
|
Which two terms can be used to describe a decoy system that is purposely vulnerable for the sake of attracting attackers? honeypot pandora box trap lure |
honeypot lure |
|
The_____ proxy server software is available for use on the UNIX/Linux platform. |
SQUID |
|
The ______utility is a Windows console that is used to control what users do and how the System can be used. |
group policy editor |
|
Networks that use______ , such as T-1 or DSL connections to the Internet, are vulnerable to eavesdropping at a building's demarc (demarcation point), at a remote Switching facility, or in a central office. |
leased public lines |
|
A ____on a device attempts to alter management interfaces within the hardware to the point where the device is irreparable. |
physical attack |
|
A ________form is a document that is used to ensure that employees are aware of the fact that their use of company equipment and accounts will be monitored and reviewed as needed for Security purposes. |
consent to monitoring |
|
Most UNIX and Linux desktop operating Systems provide a GUI application for easily viewing and filtering the information in system logs. TrueFalse |
T |
|
TCP is preferred over UDP for real time services. TrueFalse |
F |
|
CALEA requires telecommunications carriers and equipment manufacturers to provide for surveillance capabilities. TrueFalse |
T |
|
The SNMP version 3 protocol introduces authentication, validation, and encryption for messages exchanged between devices and the network management console. TrueFalse |
T |
|
Wireshark or any other monitoring software running on a single computer connected to a switch doesn't see all the traffic on a network, but only the traffic the switch sends to it, which includes broadcast traffic and traffic specifically addressed to the computer. TrueFalse |
T |
|
SNMP agents receive requests from an NMS on what port number? 161 162 163 160 |
161 |
|
What security standard below was created to protect credit card data and transactions, requiring network segmentation as part of Security controls? CALEA HIPAA PCI DSS CAARA |
PCI DSS |
|
Packets that exceed the medium's maximum packet size are known by what term? giants runts ghosts jabbers |
giants |
|
Packets that are smaller than a medium's minimum packet size are known by what term below? jabbers giants ghosts rUntS |
rUntS |
|
When a device handles electrical signals improperly, usually resulting from a bad NIC, it is referred to by what term below? ghost jabber talker blabber |
jabber |
|
Which of the following is not a requirement in order to use a softphone? An IP telephony client.
The ability to communicate with a digital telephone switch. A microphone and speakers, or a headset. A wireless carrier to handle the voice path. |
A wireless carrier to handle the voice path. |
|
What percentage of internet traffic, as estimated by Cisco Systems, will be devoted to video traffic by 2018? 20% 65% 79% 93% |
79% |
|
In a VoIP call, what method of transmission is used between two IP phones? global multicast multicast unicast broadcast |
unicast |
|
On circuit switched portions of a PSTN, what set of standards established by the ITU is used to handle call signaling? MCU H.323 H.225 SS7 |
SS7 |
|
Which element of H.323 is a device that provides translation between network devices running the H.323 signaling protocols and devices running other types of signaling protocols? H.323 terminal H.323 gateway H.323 gatekeeper MCU |
H.323 gateway |
|
In H.323, which protocol below handles call or videoconference signaling? H.225 H.245 H.200 H.252 |
H.225 |
|
A computer that provides support for multiple H.323 terminals and manages communication between them is known as what term below?H.323 gateway H.323 gatekeeper MCU H.323 Server |
MCU |
|
A server running the SIP protocol listens on what TCP/UDP port for unsecured Communications? 6050 5060 5061 6051 |
5060 |
|
What Component of SIP is a server that responds to user agent clients' requests for session initiation and termination? proxy server registrar Server user agent server redirect server |
user agent server |
|
When using SIP, what term is used to describe end-user devices, which may include workstations, tablet computers, Smartphones, or IP phones? user agent user agent client user agent proxy user agent node |
user agent client |
|
In order for gateways to exchange and translate signaling and control information with each other So that voice and video packets are properly routed through a network, what intermediate device is needed? media gateway media proxy server media gateway controller analog Switch |
media gateway controller |
|
When using DiffServ, what type of forwarding utilizes a minimum departure rate from a given node, which is then assigned to each data stream? assured forwarding prioritized forwarding Scaled forwarding expedited forwarding |
expedited forwarding |
|
The Priority Code Point field in a frame consists of how many bits? 2 bits 3 bits 5 bits 8 bits |
3 bits |
|
What protocol enables multiple types of Layer 3 protocols to travel over any one of several connection-oriented Layer 2 protocols? DiffSerV MPLS COS SIP |
MPLS |
|
A highly available server is available what percentage of the time? 90% 99% 99.9% 99.99% |
99.99% |
|
What two log files are used by older versions of Unix and newer version of Linux to store log information? /var/log/messages /var/log/Syslog /var/log/log /var/adm/messages |
/var/log/messages /var/log/Syslog |
|
What two terms below are used to describe a telephone switch that connects and manages calls within a private organization? public branch exchange private branch exchange PBX PBE |
private branch exchange PBX |
|
What two terms below describe the process of manipulating certain characteristics of packets, data streams, or connections to manage the type and amount of traffic traversing a network or interface at any moment? bandwidth policing throughput shaping traffic shaping packet shaping |
traffic shaping packet shaping |
|
What two terms below describe a network device with three ports, two of which send and receive all traffic, and the third port mirrors the traffic? network hub network tap network splitter packet sniffer |
network tap packet sniffer |
|
What two terms below are used to describe an analog-to-digital voice conversion device that accepts and interprets both analog and digital voice signals? IP PBX digital PBX ATA PBX ePBX |
IP PBX digital PBX |
|
One aspect of the__ regulation addresses the security and privacy of medical records, including those stored or transmitted electronically. |
HIPAA |
|
A dropped packet is often referred to as a____ |
DISCARD |
|
____is the detection and signaling of device, link, or component faults. |
Fault management |
|
SNMP messages can be secured with ____ , in which case agents receive requests on port UDP 10161, and the NMS receives responses and traps on UDP 10162. |
TLS |
|
____are frames that are not actually data frames, but aberrations caused by a device misinterpreting stray voltage on the wire. |
GHOSTS |
|
Network segmentation decreases both performance and security on a network. True False |
F |
|
Only Class B and Class C networks can be subnetted.TrueFalse |
F |
|
The use of virtualization allows for isolation of each guest system such that problems on one System do not affect another system.TrueFalse |
T |
|
Because Layer 2 switches use MAC addresses for communication, and each port is assigned a MAC address, VLANs are considered a Layer 2 solution for segmenting a network.TrueFalse |
T |
|
The Spanning Tree Protocol stipulates that on any bridge, only one root port, which is the bridge's port that is closest to the root bridge, can forward frames toward the rootbridge.TrueFalse |
T |
|
A network with the Subnet mask 255.255.255.0 would have what CIDR block? /20 /24 /28 /32 |
/24 |
|
A network with 6 bits remaining for the host portion will have how many usable host addresses? 254 126 62 30 |
254 |
|
A single Switch can manage traffic belonging to several VLANs on a single interface, by configuring which option on the interface? A router A trunk port An access port A VLAN port |
A trunk port |
|
What type of VLAN automatically receives all untagged frames? Default VLAN Native VLAN Mirrored VLAN Untagged VLAN |
Native VLAN |
|
How can VLAN hopping attacks be prevented on a network? install an additional Switch to isolate traffic. Disable auto trunking and move native VLANs to unused VLANs. install a router to process the untagged traffic on the VLAN. Use MAC address filtering. |
Disable auto trunking and move native VLANs to unused VLANs. |
|
The first iteration of STP was defined in what EEE standard below? 8O2.3d 802.1d 802.11S 802.1C |
802.1d |
|
STP selects the rootbridge based on which parameter? port number bridge ID (BID) bridge version number (BVN) Software revision code |
bridge ID (BID) |
|
Telnet and SSH are known as what type of management System? out-of-band side-band external-band |
in-band |
|
With VTP, the VLAN database is stored on a switch known as which option below? root bridge Stack master trunk root vlan Server |
Stack master |
|
in order to allow Communication between VLANs for exchange of data, what must be used?a firewall a Switch a router a rootbridge |
a router |
|
What IEEE Standard specifies how VLAN information appears in frames and how switches interpret that information? 802.1C 802.1Q 802.1V 802.1D |
802.1Q |
|
Which of the following is not a valid reason for using virtualization? increase performance save money by purchasing few machines simplify backups and recovery efficient use of resources |
increase performance |
|
Which supernet mask below would allow an organization to cover the following networks with one routing entry: 192.168.0.0/24, 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24?255.255.255.0 255.255.252.0 255.255.255.128 255.255.240.O |
255.255.255.0 |
|
In an IPv6 address, the first 64 bits of the address are known as what? host prefix equipment ID routing prefix prefix mask |
routing prefix |
|
Which network type allows a VNIC to access a network directly using the host machine's NIC?bridged mode NAT mode host only mode direct mode |
bridged mode |
|
What protocol is used to provide a common language between virtualized service applications and a network's physical devices?VRRP OpenFlow CommonStack OpenArch |
OpenFlow |
|
The Shortest Path Bridging protocol is defined in what IEEE standard? 802.1d 802.1aq 802.1Q 802.1S |
802.1aq |
|
The management option that can provide on-site infrastructure access when the network is down or complete remote access in cases of connectivity failures on the network, such as via a cellular signal, is known as? in-band management out-of-band management open management side channel management |
out-of-band management |
|
A CIDR block of /26 is equivalent to what subnet mask below? 255.255.192.0 255.255.254.0 255.255.255.192 255.255.O.O. |
255.255.255.192 |
|
Which virtual network type allows VMs to communicate with each other on the same host, but disallows communication with other nodes on the network? host-only mode bridged mode NAT mode restricted mode |
host-only mode |
|
Which of the following describes a router protocol that is used to assign a virtual IP address to a group of routerS So that the routers function as a group? (Choose two.) VRRP GBRP HSRP CARP |
VRRP HSRP |
|
Which two properties indicate to other connectivity devices which VLAN a transmission belongs to?
VID SAID Security association identifier VMAC |
SAID Security association identifier |
|
What two items make up a Bridge ID? 2 byte priority field MAC address relevant port number Software version |
2 byte priority field MAC address |
|
Which two standards below represent newer versions of STP?
802.1d 802.1f 802.1W 802.1S |
802.1W 802.1S |
|
What two Standards below have been developed to replace the Spanning Tree Protocol?
TRILL SPB VSRP HSRP move/copy question to another bank |
TRILL SPB |
|
In _________, a VNIC relies on the host machine to act as a NAT device. |
NAT MODE |
|
A Centrally managed DHCP server can provide DHCP to multiple VLANs by configuring a ________. |
DHCP relay agent |
|
A Switch is typically preconfigured with one_______ that includes all its ports. |
default VLAN |
|
A ________occurs when an attacker generates transmissions that appear, to the switch, to belong to a protected VLAN. |
VLAN hopping attack
|
|
To eliminate the possibility of traffic loops on switches and bridges, the_______ is used. |
Spanning Tree Protocol (STP) |
|
WANs connect nodes, such as workstations, servers, printers, and other devices, in a small geographical area on a single network. True FALSE |
F |
|
A bus topology WAN is often the best option for an organization with only a few sites and the capability to use dedicated circuits. T/F |
T |
|
The carrier's endpoint on a WAN is called the Data Communications Equipment (DCE).T/F |
T |
|
T-1 cables cannot utilize straight through cables using the same wiring scheme as LAN patch cables.T/F |
F |
|
In a PON setup, the system is considered passive because no repeaters or other devices intervene between the carrier and the customer. T/F |
T |
|
The customer's endpoint device on the WAN is called the _______ |
Data Terminal Equipment (DTE) |
|
Multiplexing enables a single ________ circuit to carry 24 channels, each capable of 64 Kbps throughput |
T-1 |
|
The ______distributes signals to multiple endpoints via fiber-optic cable, in the case of FTTP, or via copper or coax cable. |
Optical Network Unit (ONU) |
|
lf the line between the carrier and the customer experiences significant errors on a T-1, a__________ will report this fact to the carrier. |
SMART JACK |
|
In ATM, a packet is called a__________ and always consists of 48 bytes of data plus a 5 byte header. |
CELL |
|
in what type of topology is each site connected to two other sites, providing redundancy? bus topology ring topology Star topology circle topology |
ring topology |
|
What is the maximum throughput of a DS3 connection? 1.544 3.152 44.736 274.176 |
44.736 |
|
How many channels exist in a T1 connection? 1 24 48 96 |
24 |
|
in an ISDN connection, what is the size throughput did a single B channel provide? 32 Kbps 48Kbps 64Kbp 96 Kbps |
64Kbp |
|
In a PON System, an OLT contains a splitter that splits each port into how many logical channels?16 32 64 96 |
32 |
|
What is the size of an ATM packet? 48 bytes 53 bytes 64 bytes 84 bytes |
53 bytes |
|
Which option below is an advantage of leasing a frame relay circuit over leasing a dedicated circuit? You are guaranteed to receive the maximum amount of bandwidth specified in the circuit contract You pay only for the banddwidth required. The paths that your data will take are always know frame relay is a newly established network tech with more features than other thech |
You pay only for the banddwidth required. |
|
What xDSL standard is the most popular? VDSL G.LITE ADSL HDSL |
ADSL |
|
What xDSL version provides a maximum throughput of 24 Mbps downstream and 3.3 Mbps upstream? VDSL ADSL ADSL2+M HDSL |
ADSL2+M |
|
The DTE endpoint device for a leased line is known as which device below? CSU/DSU cable modem DSL modem ISDN modem |
CSU/DSU |
|
What OC level is primarily used as a regional ISP backbone, and occasionally by very large hospitals, universities, or other major enterprises? OC-3 OC-12 Oc-48 OC-96 |
Oc-48 |
|
What is the maximum amount of throughput provided by an OC-12? 51.84 Mbps 155.52 Mbps 622.08 MbpS 1244.16 Mbps |
622.08 MbpS |
|
What is the frequency range of the C-band that is used by satellites? 1.5 - 2.7 GHz 2.7- 3.5 GHz 3.4 - 6.7 GHz 12 - 18 GHz |
3.4 - 6.7 GHz |
|
What Layer 3 technology is employed by distance-vector routing protocols in which a router knows which of its interfaces a routing update and will not retransmit, or advertise, that sameupdate on the same interface? split horizon round robin reverse path check spanning tree protocol |
split horizon |
|
What protocol is commonly used to aggregate/bond T-1 / T-3 lines? STP MLPPP MPLS PPTP |
MLPPP |
|
When copper cabling is used to carry T-1 traffic, what kind of connector is used? RJ-11 RJ-25 RJ-45 RJ-48 |
RJ-48 |
|
When using frame relay, what is the name of the identifier that routers use to determine which circuit to send frames to? SVC identifier data link connection identifier PVC identifier frame path identifier |
data link connection identifier |
|
Which version of DOCSIS provides 38 Mbps per channel and requires a minimum of 4 channels to be used? DOCSIS 1 DOCSIS 2 DOCSIS 3 DOCSIS 4 |
DOCSIS 3 |
|
The best 802.11n signal can travel approximately how far? 1 mile 1/2 mile 1/4 MILE 300 feet |
1/4 MILE |
|
In metro Settings, end-to-end, carrier-grade Ethernet networks can be established via what protocol? Metro Carrier Transport Carrier Ethernet Transport Intra-city Ethernet Ethernet SONET |
Carrier Ethernet Transport |
|
A MAN connection is also known as which two terms below? Ethernet MAN Metro Ethernet Carrier ETHERNET Packet MAN |
Ethernet MAN Metro Ethernet |
|
What two competing standards exist for cellphone networks? ATM WiMAX GSM CDMA |
GSM CDMA |
|
What two network protocols below rely on virtual circuits? SDH SONET ATM frame relay |
ATM frame relay |
|
Frame relay relies on what two different types of virtual circuits? LVC PVC TVC SVC |
PVC SVC |
|
At what two layers of the OSI model are LAN and WAN protocols likely to differ? LAYER 4 LAYER 2 LAYER 1 LAYER 3 |
LAYER 2 LAYER 1 |
|
The first step in asset management is to inventory all the components on the network. T/F |
T |
|
Cipher locks are not designed for physical security, such as on an outside door. T/F |
T |
|
Any device in an ICS that is motorized and can control the physical system is called a fieldbus T/F |
F |
|
Every security policy should include a response policy, which specifically defines the characteristics of an event that qualifies as a formal incident and the steps that should befollowed as a result. T/F |
T |
|
The first step of a response policy should be to secure the area. T/F |
F |
|
A server that collects and stores raw data, and connects to field devices from which it receives raw data and passes data on to other SCADA systems, is known as what two terms below? loop server master terminal unit ácquisitions server I/O Server |
Acquisitions server I/O Server |
|
What two methods might be used by an ICS to control a physical system? cyclical control system actuating loop System open loop System closed loop system |
open loop System closed loop system |
|
A ROLLBACK is also known by what two terms below? backleveling backstepping downleveling downgrading |
backleveling downgrading |
|
What two terms describe the process that can reveal a great deal of information, called ESI (electronically stored information)? active data eDiscovery electronic discovery AMBIENT DATA |
eDiscovery electronic discovery |
|
eDiscovery and computer forensics reveal what two different types of data? transient dATA active data ambient data encrypteD DATA |
active data ambient data |
|
A ____is an enclosure made of a conductive material that is designed to block electromagnetic signals, including Wi-Fi. |
Faraday Cage |
|
A_____ is a small network that is segmented from the rest of the network, and contains computers, called test beds |
TESTING LAB |
|
Microsoft sometimes releases a major group of patches to Windows or a Microsoft application, which it calls a_______ |
SERVICE PACK |
|
The goal of a disaster recovery plan is to ensure________ |
BUSINESS CONTINUITY |
|
________is a process of investigating deeper data on a computer and will essentially autopsy the computer to discover hidden data, such as deleted files and file fragments, and who has accessed that data and when. |
COMPUTER FORENSICS |
|
An active card, which contains an internal battery, can provide a usable range of up to what distance? 100 m 150 m 200 m 250 m |
150 m |
|
What type of Software is a correction, improvement, or enhancement to a piece of software? PаtсH upgrade rollback kludge |
PаtсH |
|
In Computer forensics, hidden data such as deleted files and file fragments are known as what term? AMBIENT DATA transient data tombstone data low level data |
AMBIENT DATA |
|
Which team role is the person on call who first notices or is alerted to a problem? DISPATCHER MANAGER TECHNICAL SUPPORT SPECIALIST PUBLIC RELATIONS SPECIALIST |
DISPATCHER |
|
What team member role coordinates the resources necessary to solve a problem?dispatcher manager technical Support specialist public relations specialist |
manager |
|
What team member role focuses on only one thing: solving the problem as quickly as possible? dispatcher Manager Technical SUPPORT SPECIALIST public relations specialist |
Technical SUPPORT SPECIALIST |
|
What team member role, if necessary, learns about the situation and the response and then acts as official Spokesperson for the organization to the public or other interested parties? DISPATCHER MANAGER TECHNICAL SUPPORT SPECIALIST PUBLIC RELATIONS SPECIALIST |
PUBLIC RELATIONS SPECIALIST |
|
Which of the following is NOT a step that should be taken as part of a response policy? secure the area and disconnect devices from the network create documentation detailing the scene attempt to access files to determine if they are compromised protect the chain of custody of evidence |
attempt to access files to determine if they are compromised |
|
What should be the first step of a response policy? Determine if escalation is necessary Secure the area Document the scene Monitor evidence and data Collection |
Determine if escalation is necessary |
|
At what type of recovery site would computers, devices, and connectivity necessary to rebuilt a network exist, and all are appropriately configured, updated, and connected to match your network's current state? Cold site Warm Site temp site hot site |
hot site |
|
Which type of recovery site is a place where computers, devices, and connectivity necessary to rebuild a network exist, with some pieces appropriately configured, updated, or connected? Cold site warm Site hot site temp site |
warm Site |
|
Which type of disaster recovery site is a place where the computers, devices, and connectivity necessary to rebuild a network exist, but they are not appropriately configured, updated, or Connected? Cold site temp site Warm Site hot site |
Cold site |
|
What type of physical security solution involves a device that scans an individual's unique physical characteristics? proximity access biorecognition access ÁTT access keypad access |
biorecognition access |
|
The time period in which a change can be implemented is known as what option below?change period maintenance window work order time Service affecting work interval |
maintenance window |
|
When performing inventory on Software packages, which of the following is not something that should be inventoried? version number vendor licensing proprietary Source Code |
proprietary Source Code |
|
In order to provide access to a historian by personnel working on the corporate network that are got authorized to work on the ICS network, where should the historian be placed?DMZ corporate network Internet private network |
DMZ |
|
What is a historian? Centralized database of collected and analyzed data and control actives
A server that collects and stores raw data. A Supervisory Computer or server, which can control the physical system. Computers, including hardware and Software, that people use to monitor and manage the physical Systems. |
Centralized database of collected and analyzed data and control actives |
|
What type of device can be used to erase contents of a hard drive using a magnetic field?electromagnetic resonance chamber degausser targeted magneto-wipe polarized magnet |
degausser |
|
If a destructive program is running that might be destroying evidence, what should be done?Perform an immediate full backup Attempt to end the process Pull the power cable Record the destruction using a video capture of the screen |
Pull the power cable |
|
Upon receipt of what type of notification is a company required to activate a defensible policy for the preservation of relevant data? SUBPOENA LEGAL HOLD discovery request chain of custody notice |
LEGAL HOLD |
|
PPP can support several types of Network layer protocols that might use the connection. true or False |
T |