CS/IS 190 Homework #6
Instructions: Answer all questions and put the answers on the excel spreadsheet which is available on my web page. Note that some questions have multiple correct answers. Print out the answer sheet or email it to me before the due deadline. Be sure to put your name on the answer sheet.
Chapter 19
Protecting Your Network
1. Which term is sometimes used to describe the people who carry out network threats?
A. Worm catcher
B. Threat agent
C. Vulnerability analyst
D. Trojan horse
2. Which type of attack uses hundreds, thousands, or even millions of computers under the control of a single operator to launch a coordinated attack?
A. DDoS
B. Smurf attack
C. Phishing
D. DHCP snooping
3. Which term refers to a single computer under the control of an operator?
A. DDoS
B. Smurf attack
C. Phishing
D. Zombie
4. Which tool watches for and ignores incoming DHCP requests from unknown MAC addresses?
A. TEMPEST
B. DHCP snooping
C. NMap
D. RF emanation
5. ARP poisoning is a common method for ______attacks.
A. DDoS
B. phishing
C. man in the middle
D. smurf
6. Which type of attack involves the attacker tapping into communications between two systems?
A. Phishing
B. Malware
C. Man in the middle
D. Leeching
7. Which term refers to trying every permutation of some form of data in an attempt to discover protected information?
A. Brute force
B. RF emanation
C. Amplification
D. Reflection
8. Installing backup power in case of electrical failure is a form of ______.
A. firewall
B. DMZ
C. redundancy
D. inheritance
9. Which term describes a technology that spreads data across multiple drives?
A. Inheritance
B. Macro
C. RAID
D. Honeypot
10. One of the first techniques that malicious users try is to probe hosts to identify any ______ports.
A. open
B. closed
C. blocked
D. locked
11. Which term refers to the administrative account native to Linux?
A. Administrator
B. Admin
C. Root
D. Supervisor
12. Which type of malware replicates exclusively through networks?
A. Rootkit
B. Worm
C. Macro
D. Trojan
13. Which type of malware looks or pretends to do one thing while, at the same time, doing something evil?
A. Rootkit
B. Worm
C. Macro
D. Trojan
14. Which type of malware takes advantage of very low-level operating system functions to hide itself from all but the most aggressive of anti-malware tools?
A. Rootkit
B. Worm
C. Macro
D. Trojan horse
15. Which term refers to a program that monitors the types of Web sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows?
A. Spyware
B. Adware
C. Macro
D. Trojan Horse
16. Which term refers to an aspect of any program that sends information about your system or your actions over the Internet?
A. Spyware
B. Adware
C. Macro
D. Trojan Horse
17. Which type of attack is a form of social engineering?
A. Denial of Service
B. Smurf attack
C. Phishing
D. Zombie
18. What series of standards does the U.S National Security Agency (NSA) define to block RF emanation?
A. Leeching
B. HTTPS
C. DMZ
D. TEMPEST
19. Fingerprint readers, facial recognition cameras, voice analyzers, retinal blood vessel scanners or other more exotic characteristics are all examples of ______.
A. unified threat management (UTM)
B. multifactor authentication
C. biometric devices
D. inheritance
20. Biometric access calls for using a(n) ______physical characteristic of a person to permit access to a controlled IT resource.
A. shared
B. public
C. unique
D. common
21. IP cameras and ______are specific implementations of video monitoring.
A. voice analyzers
B. RFID chips
C. closed-circuit televisions
D. access control lists
22. Cisco uses what it calls ______as one of its tools to implement network admission control.
A. stateless inspection
B. botnets
C. posture assessment
D. persistent agent
23. What type of agent is composed of modules that perform a thorough inventory of each security-oriented element in the computer?
A. Inbound agent
B. Persistent agent
C. Private agent
D. Non-persistent agent
24. Your first and last bastion of defense for your entire infrastructure’s security is at the individual ______.
A. NICs
B. ports
C. hosts
D. user accounts
25. Which term refers to a system with very high network output?
A. Host
B. Honeypot
C. Top talker
D. Demilitarized zone
26. What are the most common symptoms of malware on a compromised system?
A. General sluggishness and random messages
B. Random messages and blank screen
C. General sluggishness and random crashes
D. Dropping Internet connection and intermittent blank screens
27. Which type of firewall is built into most consumer-grade routers?
A. A Host-based firewall
B. A Small office/home office (SOHO) firewall
C. A Software-based firewall
D. A Windows Firewall
28. Which type of firewall packet inspection is aware is aware of the packet’s state, as it relates to other packets?
A. Stateful
B. Stateless
C. Port
D. Filtered
29. Which type of firewall packet inspection inspects each packet fresh, with no regard to the state of the packet’s relation to any other packet?
A. Stateful
B. Stateless
C. Port
D. Filtered
30. Which technology consists of devices or software that protect an internal network from unauthorized access by acting as a filter?
A. Ports
B. Demilitarized zones
C. Honeypots
D. Firewalls
31. An access control list (ACL) is a rule applied to an interface that allows or denies traffic based on things like source or ______.
A. destination filtering
B. MAC addresses
C. network address translation
D. destination IP addresses
32. Which technology provides critical filtering to keep traffic flowing where it should and prohibiting traffic in areas where traffic should not flow?
A. ARP cache poisoning
B. Demilitarized zone
C. RF emanation
D. Access control list (ACL)
33. Access control lists (ACLs) consider traffic as either ______.
A. encrypted or unencrypted
B. private or public
C. persistent or non-persistent
D. inbound or outbound
34. A(n) ______can consist of an external firewall and an internal firewall.
A. demilitarized zone (DMZ)
B. honeypot
C. posture assessment
D. quarantine network
35. Which firewall comes in and sits between publicly accessible servers and the trusted network that houses all the organizations private serves and workstations?
A. The external firewall
B. The internal firewall
C. The proxy server
D. The access control list
--- END CHAPTER 19 ---
Chapter 20
Network Monitoring
1. Which underlying protocol enables network monitoring tools to work?
A. TCP
B. SNMP
C. UDP
D. SMTP
2. The SNMP manager requests and processes information from ______devices.
A. opened
B. closed
C. managed
D. privileged
3. Managed devices run specialized ______called agents.
A. robots
B. switches
C. drones
D. software
4. An SNMP system has up to ______core functions (depending on the version of SNMP).
A. two
B. four
C. six
D. eight
5. Which core function is sent when an SNMP manager wants to query an agent?
A. Set
B. Get
C. Response
D. Trap
6. Which core function is sent by the agent after the SNMP manager queries an agent with a GetRequest or GetNextRequest?
A. Set
B. Get
C. Response
D. Trap
7. An NMS can tell an agent to make changes to the information it queries and sends through a ______protocol data unit (PDU).
A. Set
B. Get
C. Response
D. Trap
8. An agent can solicit information from an NMS with the ______protocol data unit (PDU).
A. Set
B. Get
C. Response
D. Trap
9. The snmpwalk utility tells the SNMP manager to perform a series of ______commands.
A. Set
B. Get
C. Response
D. Trap
10. What is the CompTIA Network+ shortened name for the snmpwalk utility?
A. Snmpwk
B. Trip
C. Swalk
D. Walk
11. When an SNMP manager queries an agent, the agent sends a ______of the requested information.
A. set
B. hash
C. response
D. trap
12. What User Datagram Protocol (UDP) ports does SNMP use for unsecure communication?
A. 61 and 62
B. 610 and 612
C. 161 and 162
D. 10162 and 10161
13. What User Datagram Protocol (UDP) ports does SNMP use for secure communication?
A. 61 and 62
B. 610 and 612
C. 161 and 162
D. 10162 and 10161
14. On which port does the NMS receives/listen?
A. 160
B. 161
C. 162
D. 163
15. A packet sniffer is a program that queries a network interface and collects packets in a file called a ______file.
A. capture
B. log
C. flow cache
D. syslog
16. Packet sniffers need to capture all the packets they can so it is typical for them to connect to an interface in ______mode.
A. clear text
B. closed
C. promiscuous
D. open
17. In the case of a switch, it is typical for packet sniffers to connect to an interface using a ______port.
A. virtual
B. mirrored
C. promiscuous
D. closed
18. Which program is an example of a powerful and free protocol analyzer?
A. Wireshark
B. Syslog
C. Cisco Network Assistant (CNA)
D. PerfMon
19. Which filtering term does Wireshark use when creating a file that only shows DHCP packets?
A. DHCP
B. FilterDHCP
C. bootp
D. FILTER
20. Which tool was developed for packet flow monitoring and was subsequently included in Cisco routers and switches?
A. NetFlow
B. Wireshark
C. PerfMon
D. Syslog
21. In NetFlow, a single flow is a flow of ______from one specific place to another.
A. frames
B. packets
C. segments
D. cylinders
22. In NetFlow, single flows are stored in a ______.
A. log
B. flow cache
C. packet
D. frame
23. If you want to know how hard your network is working,usea(n) ______.
A. management information base
B. flow cache
C. performance manager
D. interface monitor
24. Interface monitors track the quantity and utilization of traffic through a physical ______or ports on a single device.
A. network interface card (NIC)
B. port
C. switch
D. frame
25. A port will drop a packet for one of two reasons: ______.
A. an error or a discard
B. a discards or a drop
C. a delay or a drop
D. an error or a delay
26. The cornerstone of every performance monitor are the system’s ______.
A. switches
B. speed limits
C. ports
D. logs
27. Which term does PerfMon use when referring to the monitored aspect of the system?
A. Facilities
B. Counters
C. Modes
D. Characteristics
28. What term does syslog use when referring to the monitored aspect of the system?
A. Facilities
B. Counters
C. Modes
D. Characteristics
29. Which common tool comes with all versions of Windows and is used to create a baseline on Windows systems?
A. Performance Monitor
B. Cacti
C. Syslog
D. NetFlow
30. Which program is an example of a graphing tool that could be used show everything about specific switches?
A. NetFlow
B. Cacti
C. Syslog
D. Cisco Network Assistant (CNA)
--- END CHAPTER 20 ---
Chapter 21
Network Troubleshooting
1. Which tool can be used to notify a technician where a cable break is occurring on a copper cable?
A. Cable tester
B. Certifier
C. TDR
D. OTDR
2. Which tool tests a cable to ensure that it can handle its rated amount of capacity?
A. Cable tester
B. Certifier
C. TDR
D. OTDR
3. Which tool can be used to notify a technician of a continuity problem or if a wire map is not correct?
A. Cable tester
B. Certifier
C. TDR
D. OTDR
4. Which tool can be used to notify a technician where a cable break is occurring on a fiber cable?
A. Cable tester
B. Certifier
C. TDR
D. OTDR
5. Which term is another name for an optical power meter?
A. Line tester
B. Light meter
C. Looking glass
D. Multimeter
6. A cable might experiencecrosstalk, where the electrical signal bleeds from one wire pair to another, creating ______.
A. interference
B. voltage spikes
C. noise
D. impedance
7. ______problems manifest themselves as intermittent problems.
A. Broken cables and switch
B. Broken cables and heat
C. Broken cables and power
D. Heat and power
8. Which utility is categorized in the CompTIA Network+ exam as a hardware tool?
A. Protocol analyzer
B. Port scanner
C. Packet sniffer
D. Throughput tester
9. Which tool will provide a technician with Application, Session, Transport, Network, and Data Link layer information from every frame traveling through the network?
A. Voltage event recorder
B. Certifier
C. Protocol analyzer
D. Cable tester
10. Which tool can be used to make unshielded twisted pair (UTP) cables?
A. TDR
B. Cable stripper
C. OTDR
D. Butt set
11. Which tool can be used to tap into a 66-block or 110-block to see if a particular line is working?
A. TDR
B. Cable stripper
C. OTDR
D. Butt set
12. Which tool positions unshielded twisted pair (UTP) wires into 66- and 110-blocks?
A. TDR
B. Cable stripper
C. Punchdown tool
D. Butt set
13. Which command can be used to diagnose where a problem lies when there are issues reaching a remote system?
A. nslookup
B. ipconfig
C. ping
D. tracert
14. Which software tool is built into operating systems?
A. portscan
B. sniffer
C. nmap
D. traceroute
15. Which tool is falls into the category of a third-party software tool?
A. Throughput tester
B. Tone generator
C. Butt set
D. Pathping
16. Which Linux command can be used to view IP settings?
A. ip
B. ipconfig
C. ss
D. config
17. Which command can be used on a Windows computer to view the IP settings?
A. ip
B. ss
C. ipconfig
D. ifconfig
18. Which ipconfig command switch would a technician use to display detailed information (such as DNS servers and MAC addresses)?
A. /verbose
B. /detail
C. /all
D. /display
19. Which command uses Internet Message Control Protocol (ICMP) packets to query by IP or by name?
A. ping
B. traceroute
C. nslookup
D. mtr
20. Which command would a technician use to diagnose DNS problems on a Windows computer?
A. nslookup
B. ipconfig
C. ping
D. dig
21. Which command, while not available on Windows, can be used on UNIX/Linux/OS X systems to diagnose DNS problems?
A. nslookup
B. ipconfig
C. ping
D. dig
22. Which utilities are excellent examples of connectivity applications that enable a technician to determine if a connection can be made between two computers?
A. wireshark and nmap
B. ping and traceroute
C. nbtstat and netstat
D. arp and arping
23. Microsoft has a utility called ______that combines the functions of ping and tracert as well as add some additional functions.
A. routeping
B. pingtrace
C. traceping
D. pathping
24. Which command is a dynamic (keeps running) equivalent to traceroute?
A. mtr
B. routetrace
C. route
D. ping
25. Which route command switch must a technician use to see the current routing table on the computer?
A. display
B. screen
C. show all
D. print
26. Which command shows the local NETBIOS names on a Windows system?
A. nslookup
B. nbtstat -n
C. netstat -r
D. hostname /net
27. Which command would a technician use to see any systems running Samba?
A. ping
B. route
C. netstat
D. nbtstat
28. Which command used in Linux is faster and more powerful than netstat?
A. nbstat
B. ss
C. stat
D. ip
29. Which tool intercepts and logs network packets?
A. Certifier
B. Packet sniffer
C. Throughput tester
D. Port scanner
30. Which tool is an example of a packet sniffer?
A. Speakeasy
B. Wireshark
C. Arp
D. Nmap
31. Which tool is a command line alternative to Wireshark?
A. Speakeasy
B. tcpdump
C. nmap
D. Angry IP Scanner
32. Which tool is an example of a port scanner?
A. Speakeasy
B. Wireshark
C. arp
D. nmap
33. Which task is the first step in troubleshooting?
A. Establish a theory of probable cause.
B. Implement and test the solution.
C. Identify the problem.
D. Test the theory to determine cause.
34. Which protocol will help prevent downtime due to failures on the default gateway?
A. HSRP
B. BGP
C. OSPF
D. RIP v2
35. Which is another name for a switching loop?
A. Routing loop
B. Bridging loop
C. ARPing loop
D. Broadcast loop
--- END CHAPTER 21 ---