Last Updated on November 1, 2019 by Admin
Implementing Network Security ( Version 2.0) – CCNAS Chapter 1 Exam Online
CCNAS – Chapter 1 Exam
Quiz-summary
0 of 24 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
Information
CCNAS – Chapter 1 Exam
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 24 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- Answered
- Review
-
Question 1 of 24
1. Question
1 pointsWhat causes a buffer overflow?
Correct
Incorrect
By sending too much data to a specific area of memory, adjacent memory locations are overwritten, which causes a security issue because the program in the overwritten memory location is affected.
Hint
By sending too much data to a specific area of memory, adjacent memory locations are overwritten, which causes a security issue because the program in the overwritten memory location is affected.
-
Question 2 of 24
2. Question
3 pointsWhat are the three major components of a worm attack? (Choose three.)
Correct
Incorrect
A computer can have a worm installed through an email attachment, an executable program file, or a Trojan Horse. The worm attack not only affects one computer, but replicates to other computers. What the worm leaves behind is the payload–the code that results in some action.
Hint
A computer can have a worm installed through an email attachment, an executable program file, or a Trojan Horse. The worm attack not only affects one computer, but replicates to other computers. What the worm leaves behind is the payload–the code that results in some action.
-
Question 3 of 24
3. Question
1 pointsA disgruntled employee is using Wireshark to discover administrative Telnet usernames and passwords. What type of network attack does this describe?
Correct
Incorrect
Wireshark is a free download that allows network packet inspection. Someone using this tool for malicious intent would be performing a reconnaissance attack. Through the capture of network packets, weak security network connectivity protocols such as Telnet can be caught, inspected, and then analyzed for detailed network information, including passwords.
Hint
Wireshark is a free download that allows network packet inspection. Someone using this tool for malicious intent would be performing a reconnaissance attack. Through the capture of network packets, weak security network connectivity protocols such as Telnet can be caught, inspected, and then analyzed for detailed network information, including passwords.
-
Question 4 of 24
4. Question
1 pointsAn attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?
Correct
Incorrect
An access attack tries to gain access to a resource using a hijacked account or other means. The five types of access attacks include the following:password – a dictionary is used for repeated login attempts
trust exploitation – uses granted privileges to access unauthorized material
port redirection – uses a compromised internal host to pass traffic through a firewall
man-in-the-middle – an unauthorized device positioned between two legitimate devices in order to redirect or capture traffic
buffer overflow – too much data sent to a memory location that already contains dataHint
An access attack tries to gain access to a resource using a hijacked account or other means. The five types of access attacks include the following:password – a dictionary is used for repeated login attempts
trust exploitation – uses granted privileges to access unauthorized material
port redirection – uses a compromised internal host to pass traffic through a firewall
man-in-the-middle – an unauthorized device positioned between two legitimate devices in order to redirect or capture traffic
buffer overflow – too much data sent to a memory location that already contains data -
Question 5 of 24
5. Question
2 pointsWhich two statements characterize DoS attacks? (Choose two.)
Correct
Incorrect
DoS attacks can be launched using free software downloaded from the Internet. The software is designed to consume resources in order to disrupt network operations for legitimate network users and network devices. The L0phtCrack or LC5 application is used to perform a brute-force attack to obtain a Windows server password.
Hint
DoS attacks can be launched using free software downloaded from the Internet. The software is designed to consume resources in order to disrupt network operations for legitimate network users and network devices. The L0phtCrack or LC5 application is used to perform a brute-force attack to obtain a Windows server password.
-
Question 6 of 24
6. Question
2 pointsWhich two network security solutions can be used to mitigate DoS attacks? (Choose two.)
Correct
Incorrect
Antivirus software is used to protect a system against viruses. Encryption helps with reconnaissance and man-in-the-middle attacks. The most important components that are used to deal with DoS attacks are firewalls and IPSes.
Hint
Antivirus software is used to protect a system against viruses. Encryption helps with reconnaissance and man-in-the-middle attacks. The most important components that are used to deal with DoS attacks are firewalls and IPSes.
-
Question 7 of 24
7. Question
3 pointsWhat are the three core components of the Cisco Secure Data Center solution? (Choose three.)
Correct
Incorrect
Secure segmentation is used when managing and organizing data in a data center. Threat defense includes a firewall and intrusion prevention system (IPS). Data center visibility is designed to simplify operations and compliance reporting by providing consistent security policy enforcement.
Hint
Secure segmentation is used when managing and organizing data in a data center. Threat defense includes a firewall and intrusion prevention system (IPS). Data center visibility is designed to simplify operations and compliance reporting by providing consistent security policy enforcement.
-
Question 8 of 24
8. Question
1 pointsWhich condition describes the potential threat created by Instant On in a data center?
Correct
Incorrect
The phrase Instant On describes a potential threat to a VM when it is brought online after it has not been used for a period of time. Because it is offline for a while, it may have outdated security policies that deviate from the baseline security and can introduce security vulnerabilities.
Hint
The phrase Instant On describes a potential threat to a VM when it is brought online after it has not been used for a period of time. Because it is offline for a while, it may have outdated security policies that deviate from the baseline security and can introduce security vulnerabilities.
-
Question 9 of 24
9. Question
1 pointsWhat functional area of the Cisco Network Foundation Protection framework is responsible for device-generated packets required for network operation, such as ARP message exchanges and routing advertisements?
Correct
Incorrect
There are three functional areas of the Cisco Network Foundation Protection (NFP) framework:Control plane: Responsible for routing functions. Consists of the traffic generated by network devices to operate the network.
Management plane: Responsible for managing network devices.
Data (Forwarding) plane: Responsible for forwarding user data.Hint
There are three functional areas of the Cisco Network Foundation Protection (NFP) framework:Control plane: Responsible for routing functions. Consists of the traffic generated by network devices to operate the network.
Management plane: Responsible for managing network devices.
Data (Forwarding) plane: Responsible for forwarding user data. -
Question 10 of 24
10. Question
3 pointsWhat are the three components of information security ensured by cryptography? (Choose three.)
Correct
Incorrect
There are three components of information security that are ensured by cryptography:Confidentiality, which uses encryption algorithms to encrypt and hide data
Integrity, which uses hashing algorithms to ensure that data arrives at the destination unaltered
Availability, which ensures that data is accessibleHint
There are three components of information security that are ensured by cryptography:Confidentiality, which uses encryption algorithms to encrypt and hide data
Integrity, which uses hashing algorithms to ensure that data arrives at the destination unaltered
Availability, which ensures that data is accessible -
Question 11 of 24
11. Question
1 pointsWhat worm mitigation phase involves actively disinfecting infected systems?
Correct
Incorrect
The four phases of worm mitigation are:Containment
Inoculation
Quarantine
Treatment
Disinfecting systems is accomplished in the treatment phase and involves terminating the worm process, removing infected files, and patching vulnerabilities exploited by the worm.Hint
The four phases of worm mitigation are:Containment
Inoculation
Quarantine
Treatment
Disinfecting systems is accomplished in the treatment phase and involves terminating the worm process, removing infected files, and patching vulnerabilities exploited by the worm. -
Question 12 of 24
12. Question
1 pointsWhat is the primary method for mitigating malware?
Correct
Incorrect
Antivirus software installed on hosts is the most effective mitigation method to prevent the spread of malware. Automatic updates to antivirus software ensure that hosts are protected from the most current forms of malware.
Hint
Antivirus software installed on hosts is the most effective mitigation method to prevent the spread of malware. Automatic updates to antivirus software ensure that hosts are protected from the most current forms of malware.
-
Question 13 of 24
13. Question
1 pointsWhat is the first step in the risk management process specified by the ISO/IEC?
Correct
Incorrect
There are 12 network security domains in the security framework specified by the ISO/IEC. The first task in this framework is to conduct a risk assessment.This assessment will enable an organization to quantify risks and threats.
Hint
There are 12 network security domains in the security framework specified by the ISO/IEC. The first task in this framework is to conduct a risk assessment.This assessment will enable an organization to quantify risks and threats.
-
Question 14 of 24
14. Question
1 pointsWhat role does the Security Intelligence Operations (SIO) play in the Cisco SecureX architecture?
Correct
Incorrect
Security Intelligence Operations (SIO) are able to distinguish legitimate traffic from malicious traffic. SIO uses a monitoring database for the sole purpose of identifying and stopping malicious traffic.
Hint
Security Intelligence Operations (SIO) are able to distinguish legitimate traffic from malicious traffic. SIO uses a monitoring database for the sole purpose of identifying and stopping malicious traffic.
-
Question 15 of 24
15. Question
1 pointsWhich statement accurately characterizes the evolution of threats to network security?
Correct
Incorrect
Internal threats can be intentional or accidental and cause greater damage than external threats because the internal user has direct access to the internal corporate network and corporate data.
Hint
Internal threats can be intentional or accidental and cause greater damage than external threats because the internal user has direct access to the internal corporate network and corporate data.
-
Question 16 of 24
16. Question
1 pointsWhat commonly motivates cybercriminals to attack networks as compared to hactivists or state-sponsored hackers?
Correct
Incorrect
Cybercriminals are commonly motivated by money. Hackers are known to hack for status. Cyberterrorists are motivated to commit cybercrimes for religious or political reasons.
Hint
Cybercriminals are commonly motivated by money. Hackers are known to hack for status. Cyberterrorists are motivated to commit cybercrimes for religious or political reasons.
-
Question 17 of 24
17. Question
1 pointsWhat is an objective of a state-sponsored attack?
Correct
Incorrect
State-sponsored attacks are government-funded and guided operations motivated by objectives of the government.
Hint
State-sponsored attacks are government-funded and guided operations motivated by objectives of the government.
-
Question 18 of 24
18. Question
1 pointsWhat is the significant characteristic of worm malware?
Correct
Incorrect
Worm malware can execute and copy itself without being triggered by a host program. It is a significant network and Internet security threat.
Hint
Worm malware can execute and copy itself without being triggered by a host program. It is a significant network and Internet security threat.
-
Question 19 of 24
19. Question
1 pointsWhat method can be used to mitigate ping sweeps?
Correct
Incorrect
To mitigate ping sweeps, ICMP echo and echo-reply messages can be blocked on network edge routers. This does come at a cost. Because ICMP is also used for network diagnostic data, this diagnostic data will be blocked as well.
Hint
To mitigate ping sweeps, ICMP echo and echo-reply messages can be blocked on network edge routers. This does come at a cost. Because ICMP is also used for network diagnostic data, this diagnostic data will be blocked as well.
-
Question 20 of 24
20. Question
1 pointsWhat is a characteristic of a Trojan horse as it relates to network security?
Correct
Incorrect
A Trojan horse carries out malicious operations under the guise of a legitimate program. Denial of service attacks send extreme quantities of data to a particular host or network device interface. Password attacks use electronic dictionaries in an attempt to learn passwords. Buffer overflow attacks exploit memory buffers by sending too much information to a host to render the system inoperable.
Hint
A Trojan horse carries out malicious operations under the guise of a legitimate program. Denial of service attacks send extreme quantities of data to a particular host or network device interface. Password attacks use electronic dictionaries in an attempt to learn passwords. Buffer overflow attacks exploit memory buffers by sending too much information to a host to render the system inoperable.
-
Question 21 of 24
21. Question
1 pointsWhat is a ping sweep?
Correct
Incorrect
A ping sweep is a tool that is used during a reconnaissance attack. Other tools that might be used during this type of attack include a ping sweep, port scan, or Internet information query. A reconnaissance attack is used to gather information about a particular network, usually in preparation for another type of network attack.
Hint
A ping sweep is a tool that is used during a reconnaissance attack. Other tools that might be used during this type of attack include a ping sweep, port scan, or Internet information query. A reconnaissance attack is used to gather information about a particular network, usually in preparation for another type of network attack.
-
Question 22 of 24
22. Question
2 pointsWhich two statements describe access attacks? (Choose two.)
Correct
Incorrect
An access attack tries to gain access to a resource using a hijacked account or other means. The five types of access attacks include the following:password – a dictionary is used for repeated login attempts
trust exploitation – uses granted privileges to access unauthorized material
port redirection – uses a compromised internal host to pass traffic through a firewall
man-in-the-middle – an unauthorized device positioned between two legitimate devices in order to redirect or capture traffic
buffer overflow – too much data sent to a memory location that already contains dataHint
An access attack tries to gain access to a resource using a hijacked account or other means. The five types of access attacks include the following:password – a dictionary is used for repeated login attempts
trust exploitation – uses granted privileges to access unauthorized material
port redirection – uses a compromised internal host to pass traffic through a firewall
man-in-the-middle – an unauthorized device positioned between two legitimate devices in order to redirect or capture traffic
buffer overflow – too much data sent to a memory location that already contains data -
Question 23 of 24
23. Question
1 pointsHow is a smurf attack conducted?
Correct
Incorrect
With a smurf attack, a large number of ICMP requests are sent using a spoofed source IP address of an intended target. All echo replies will be forwarded to the targeted host on the same network in an attempt to overwhelm it. A ping of death DoS attack sends an echo request in an IP packet that is larger than the maximum packet of 65,535 bytes. A TCP SYN flood attack sends a large number of packets with the TCP SYN flag set from a forged source address.
Hint
With a smurf attack, a large number of ICMP requests are sent using a spoofed source IP address of an intended target. All echo replies will be forwarded to the targeted host on the same network in an attempt to overwhelm it. A ping of death DoS attack sends an echo request in an IP packet that is larger than the maximum packet of 65,535 bytes. A TCP SYN flood attack sends a large number of packets with the TCP SYN flag set from a forged source address.
-
Question 24 of 24
24. Question
1 pointsWhat is the role of an IPS?
Correct
Incorrect
An intrusion prevention system (IPS) provides real-time detection and blocking of attacks.
Hint
An intrusion prevention system (IPS) provides real-time detection and blocking of attacks.