Security+ Chapter 3 review

Card Set Information

Author:
northendtrooper
ID:
254067
Filename:
Security+ Chapter 3 review
Updated:
2013-12-21 18:00:55
Tags:
Security Chapter
Folders:
Comptia
Description:
Security+
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user northendtrooper on FreezingBlue Flashcards. What would you like to do?


  1. Which of the following protocols is a file transfer protocol using SSH?
    A. SFTP
    B. SICMP
    C. CCMP
    D. TFTP
    A. Secure FTP (SFTP) is a secure implementation of FTP, an extension of Secure Shell (SSH), andtransmits data using port 22. Trivial FTP is a form of FTP using UDP to transmit smaller amounts of data than FTP.ICMP is a diagnostic protocol used by tools such as ping, but there is no such thing as SICMP. CCMP is anencryption protocol used with wireless networks.
    (this multiple choice question has been scrambled)
  2. Of the following choices, which one provides the most security for FTP?
    A. FTP active mode
    B. FTPS
    C. TFTP
    D. SCP
    B. File Transfer Protocol Secure (FTPS) uses SSL to secure FTP transmissions. FTP can work in active orpassive mode, but this only affects how the ports are used, not the security. TFTP is a trivial form of FTP anddoesn’t provide security. SCP uses SSH to copy files over a network and isn’t related to FTP.
    (this multiple choice question has been scrambled)
  3. Of the following choices, what is a benefit of IPsec?
    A. Payload encryption
    B. Load balancing
    C. MAC filtering
    D. Flood guard
    A. Internet Protocol security (IPsec) includes Encapsulating Security Payload (ESP), which can encrypt theIP packet payload. Port security and network access control can use MAC filtering. A flood guard protects againstSYN flood attacks, and a load balancer can optimize and distribute data loads across multiple computers, butneither are related to IPsec.
    (this multiple choice question has been scrambled)
  4. What protocol is used to monitor and configure network devices?
    A. ICMP
    B. SFTP
    C. SNMP
    D. DNS
    C. Simple Network Management Protocol (SNMP) can monitor and manage network devices such asrouters or switches and uses device traps. Diagnostic tools such as ping use ICMP, and many firewalls block ICMPtraffic. SFTP is a secure form of FTP used to upload and download files. DNS resolves host names to IPaddresses.
    (this multiple choice question has been scrambled)
  5. Which of the following is an IPv6 address?
    A. FE80:20D4:3FF7:003F:DE62
    B. 192.168.1.100
    C. 192.168.1.100/128
    D. FE80:0000:0000:0000:20D4:3FF7:003F:DE62
    D. An IPv6 address uses 128-bit IP addresses and includes eight groups of four hexadecimal characters.IPv4 (not IPv6) uses the dotted decimal format with decimals separated by dots. A double colon indicates zerocompression, when less than eight groups are shown, but if omitted the address isn’t valid.
    (this multiple choice question has been scrambled)
  6. Which of the following IP addresses are on the same subnet? (Choose all that apply.)
    A. 192.168.1.50, 255.255.255.192
    B. 192.168.1.100, 255.255.255.192
    C. 192.168.1.165, 255.255.255.192
    D. 192.168.1.189, 255.255.255.192
    C, D. Both 192.168.1.165 and 192.168.1.189 are on the same subnet since bits 25 and 26 are the same(10). Bits 25 and 26 are 00 for 192.168.1.50, and 01 for 192.168.1.100 so these two are on different subnetsfrom the any of the other IP addresses.
  7. An administrator decides to block Telnet access to an internal network from any remote device on theInternet. Which of the following is the best choice to accomplish this?
    A. Block port 23 at the network firewall
    B. Block port 22 at the host firewall
    C. Block port 22 on internal routers
    D. Block port 23 on internal routers
    A. You can block all telnet traffic into the network by blocking port 23 on the network firewall. Port 22 isused for SSH, SCP or SFTP, not Telnet (unless Telnet is encrypted with SSH). Additionally, blocking it at the hostfirewall only blocks it to the host, not the network. It’s easier to block the port once at the firewall rather thanblock the port on all internal routers. Additionally, the scenario states that the goal is to block access from the Internet, but Telnet may be authorized internally.
    (this multiple choice question has been scrambled)
  8. What port does SFTP use?
    A. 1443
    B. 443
    C. 22
    D. 23
    C. Secure File Transfer Protocol (SFTP) uses port 22, as do other protocols encrypted with Secure Shell(SSH) such as Secure Copy (SCP). Telnet uses port 23. HTTPS uses port 443. Microsoft’s SQL Server uses port1443.
    (this multiple choice question has been scrambled)
  9. What ports do HTTP and HTTPS use?
    A. 22 and 25
    B. 20 and 21
    C. 80 and 1433
    D. 80 and 443
    D. Hypertext Transfer Protocol (HTTP) uses port 80 and HTTP Secure (HTTPS) uses port 443, and theyare both used to transfer web pages. FTP uses ports 20 and 21. Microsoft’s SQL server uses port 1433. SFTPand SCP use port 22. SMTP uses port 25.
    (this multiple choice question has been scrambled)
  10. What port does SMTP use?
    A. 22
    B. 110
    C. 25
    D. 143
    C. Simple Mail Transfer Protocol (SMTP) uses port 25. SCP, TFTP, and SSH all use port 22. POP3 usesport 110. IMAP4 uses port 143.
    (this multiple choice question has been scrambled)
  11. Of the following choices, what ports are used by NetBIOS? (Choose two.)
    A. 80
    B. 137
    C. 139
    D. 3389
    B, C. NetBIOS uses ports 137, 138, and 139. HTTP uses port 80, and remote desktop services uses port3389.
  12. Your organization uses switches for connectivity. Of the following choices, what will protect the switch?
    A. Disable unused ports
    B. Disable unused MAC addresses
    C. Disable unused IPv4 addresses
    D. Disable unused IPv6 addresses
    A. Disabling unused ports is a part of basic port security. While switches can associate MAC addressesassociated with ports, it’s not possible to disable unused MAC addresses on the switch. Switches track trafficbased on MAC addresses, not IP addresses.
    (this multiple choice question has been scrambled)
  13. A user plugged a cable into two RJ-45 wall jacks connected to unused ports on a switch. In a shortperiod, this disrupted the overall network performance. What should you do to protect against this problem inthe future?
    A. Enable loop protection on the switch
    B. Use a VLAN
    C. Disable port security
    D. Create DMZ
    A. Loop protection such as Spanning Tree Protocol (STP) protects against the switching loop problemdescribed in the scenario. While disabling unused ports may help against this problem, you do this byimplementing port security, not disabling port security. A DMZ is used to host Internet facing servers and isn’trelevant in this situation. VLANs can logically separate computers using the same switch but do not preventswitching loops.
    (this multiple choice question has been scrambled)
  14. What can you use to logically separate computers in two different departments within a company?
    A. A flood guard
    B. NAT
    C. A hub
    D. A VLAN
    D. A virtual local area network (VLAN) can group several different computers into a virtual network, orlogically separate the computers in two different departments. A hub doesn’t have any intelligence and can’tseparate the computers. NAT translates private IP addresses to public IP addresses, and public back to private. Aflood guard protects against SYN flood attacks.
    (this multiple choice question has been scrambled)
  15. Most firewalls have a default rule placed at the end of the firewall’s ACL. Which of the following is themost likely default rule?
    A. Allow TCP all
    B. Deny ICMP all
    C. Allow all all
    D. Deny any any
    D. A deny any any or drop all statement is placed at the end of an ACL and enforces an implicit denystrategy. While many firewalls include a rule to deny ICMP traffic (such as pings or ICMP sweeps), it isn’t a defaultrule and wouldn’t be placed last. An allow all all rule allows all protocol traffic that wasn’t previously blocked butis rarely (if ever) used in a firewall. Similarly, it’s rare to allow all TCP traffic on any port. Instead, a firewall uses animplicit deny principle by specifying what is allowed, and blocking everything else.
    (this multiple choice question has been scrambled)
  16. Of the following choices, what best describes a method of managing the flow of network traffic by allowing or denying traffic based on ports, protocols, and addresses?
    A. Firewall logs
    B. Firewall rules
    C. Proxy server content filter
    D. Implicit deny
    B. Firewalls use firewall rules (or rules within an ACL) to identify what traffic is allowed and what traffic isdenied, and a basic packet filtering firewall can filter traffic based on ports, protocols, and addresses. Firewalls useimplicit deny to block all traffic not previously allowed, but this more accurately describes what is blocked ratherdescribing the entire flow of traffic. A proxy server content filter can filter traffic based on content (such asURLs), but can’t allow or deny traffic based on ports or protocols. Firewall logs are useful to determine whattraffic a firewall has allowed or blocked but do not allow or deny traffic themselves
    (this multiple choice question has been scrambled)
  17. Of the following choices, what represents the best choice to prevent intrusions on an individual computer?
    A. Host-based firewall
    B. Network-based firewalls
    C. HIDS
    D. NIDS
    A. A host-based firewall can help prevent intrusions on individual computers such as a server or desktopcomputer. A host-based intrusion detection system (HIDS) and a network-based intrusion detection system(NIDS) can detect intrusions, not prevent them. A network-based firewall is used to monitor and control trafficon a network, not just an individual system.
    (this multiple choice question has been scrambled)
  18. Your network includes a subnet that hosts accounting servers with sensitive data. You want to ensurethat users in the Marketing Department (on a separate subnet) cannot access these servers. Of the following choices, what would be the easiest to achieve the goal?
    A. Use an ACL
    B. Add a host-based firewall to each server
    C. Enable port security
    D. Enable load balancing
    A. An access control list (ACL) on a router can block access to the subnet from another subnet. A loadbalancer can optimize and distribute data loads across multiple computers or multiple networks, but it doesn’tisolate traffic. Disabling unused ports is a part of basic port security and wouldn’t separate subnet traffic. A hostbasedfirewall can protect against intrusions on individual systems and could block the traffic, but you’d have toenable it on every server, as opposed to creating a single rule in an ACL.
    (this multiple choice question has been scrambled)
  19. Of the following choices, what controls traffic between networks?
    A. Load balancer
    B. Protocol analyzer
    C. A firewall
    D. VPN concentrator
    C. A firewall controls traffic between networks using rules within an ACL. A load balancer can optimize anddistribute data loads across multiple computers. A VPN concentrator provides access to an internal network froma public network such as the Internet. A protocol analyzer (a sniffer) is used to view headers and clear-text contents in IP packets, but it can’t control the traffic.
    (this multiple choice question has been scrambled)
  20. An organization has a web security gateway installed. What function is this performing?
    A. Hiding internal IP addresses
    B. MAC filtering
    C. Content filtering
    D. Caching content
    C. A web security gateway performs content filtering (including filtering for malicious attachments,malicious code, blocked URLs, and more). Port security and network access control use MAC filtering to limitaccess. A proxy server caches content. NAT translates public IP addresses to private IP addresses, private backto public, and can hide addresses on the internal network.
    (this multiple choice question has been scrambled)
  21. Your organization hosts a large website served by multiple servers. They need to optimize the workloadand distribute it equally among all the servers. What should they use?
    A. Web security gateway
    B. Load balancer
    C. Security appliance
    D. Proxy server
    B. A load balancer can optimize and distribute data loads across multiple computers or multiple networks.A proxy server provides content filtering and caching. Web security gateways and all-in-one security appliancesprovide content filtering, but not load balancing.
    (this multiple choice question has been scrambled)
  22. Of the following choices, what can be used to allow access to specific services from the Internet while protecting access to an internal network?
    A. SSH
    B. Port security
    C. DMZ
    D. Implicit deny
    C. A demilitarized zone (DMZ) can provide access to services (hosted on servers) from the Internet whileproviding a layer of protection for the internal network. SSH encrypts traffic such as Telnet, SCP, and SFTP overport 22, but it can’t control access. Implicit deny blocks all traffic not explicitly allowed. Port security enhancesswitch security and includes disabling unused ports.
    (this multiple choice question has been scrambled)
  23. Of the following choices, what hides the IP addresses of computers inside a network from computers outside the network?
    A. NAT
    B. WAF
    C. Web security gateway
    D. Replacing all hubs with switches
    A. Network Address Translation (NAT) translates public IP addresses to private IP addresses, and privateback to public, and hides addresses on the internal network. A Web security gateway performs content filtering,including filtering for malicious attachments, malicious code, blocked URLs, and more. Replacing hubs withswitches improves network performance and adds security, but doesn’t hide addresses outside of a network. AWAF is an additional firewall designed to protect a web application.
    (this multiple choice question has been scrambled)
  24. Of the following choices, what is the best choice for a device to filter and cache content from webpages?
    A. Proxy server
    B. VPN concentrator
    C. Web security gateway
    D. MAC filtering
    A. A proxy server includes the ability to filter and cache content from web pages. A web securitygateway can filter web-based content, but it doesn’t always have caching capabilities. A VPN concentratorprovides access to VPN clients. MAC filtering can be used with port security on a switch, but doesn’t filter webpage content.
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview