1.
All of the following provide confidentiality as part of the underlying protocol EXCEPT:
Correct Answer
C. L2TP
Explanation
L2TP (Layer 2 Tunneling Protocol) does not provide confidentiality as part of the underlying protocol. L2TP is primarily used for creating virtual private networks (VPNs) and does not include encryption or confidentiality features. In contrast, SSL (Secure Sockets Layer), SSH (Secure Shell), and IPSec (Internet Protocol Security) are all protocols that offer encryption and confidentiality to secure data transmission over networks.
2.
Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?
Correct Answer
A. SteganograpHy
Explanation
Steganography is the correct answer because it is the practice of concealing secret information within an innocuous carrier, such as an image or audio file, by manipulating the least significant bits. This technique allows an attacker to embed data without raising suspicion, as the changes made to the carrier file are minimal and difficult to detect. Steganography is often used for covert communication or to hide malicious code within seemingly harmless files.
3.
Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?
Correct Answer
B. TCP/IP hijacking
Explanation
TCP/IP hijacking is a type of attack where an attacker intercepts and manipulates TCP/IP packets to gain unauthorized access to a network. In this scenario, the attacker can capture HTTP requests and send back a spoofed page, tricking the user into thinking they are interacting with a legitimate website or service. This type of attack exploits vulnerabilities in the TCP/IP protocol stack, allowing the attacker to manipulate data packets and deceive the user.
4.
How should a company test the integrity of its backup data?
Correct Answer
C. By restoring part of the backup
Explanation
To test the integrity of its backup data, a company should restore part of the backup. This involves actually retrieving and restoring a portion of the backup data to ensure that it is accessible and usable. By doing so, the company can verify that the backup process is working correctly and that the data can be successfully recovered if needed. Conducting another backup, using software to recover deleted files, and reviewing written procedures are not direct methods of testing the integrity of the backup data.
5.
Which of the following can BEST be used to determine the topology of a network and discover unknown devices?
Correct Answer
D. Network mapper
Explanation
A network mapper is the best tool to determine the topology of a network and discover unknown devices. It allows for the visualization of the network infrastructure, including routers, switches, and devices, and identifies any connected devices that may not be known or authorized. This tool scans the network and creates a map or diagram, showing the relationships and connections between devices, helping to identify any potential vulnerabilities or unauthorized access points. It provides a comprehensive overview of the network, making it an ideal choice for determining the network's topology and discovering unknown devices.
6.
When should a technician perform penetration testing?
Correct Answer
C. When the technician has permission from the owner of the network
Explanation
A technician should perform penetration testing when they have permission from the owner of the network. Penetration testing involves simulating real-world attacks on a network to identify vulnerabilities and weaknesses. It is important to have permission from the network owner to ensure that the testing is conducted legally and ethically. Unauthorized penetration testing can cause harm to the network and its users, and may even be illegal. Therefore, obtaining permission is crucial to ensure that the testing is conducted in a controlled and responsible manner.
7.
An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the servers public IP address is now reported in a spam real-time block list. Which of the following is wrong with the server?
Correct Answer
A. SMTP open relaying is enabled
Explanation
The correct answer is SMTP open relaying is enabled. This means that the server is allowing anyone to use it as a relay to send emails, which can be exploited by spammers to send large amounts of spam. This is why the server's public IP address is reported in a spam real-time block list. To resolve this issue, the administrator should disable open relaying on the SMTP server.
8.
Which of the following is MOST efficient for encrypting large amounts of data?
Correct Answer
B. Symmetric key algorithms
Explanation
Symmetric key algorithms are the most efficient for encrypting large amounts of data. Unlike asymmetric key algorithms, which use separate keys for encryption and decryption, symmetric key algorithms use a single key for both operations. This makes them faster and more efficient for encrypting and decrypting large volumes of data. Hashing algorithms, on the other hand, are used for generating fixed-size output (hash) from input data, but they do not provide encryption. ECC algorithms, or elliptic curve cryptography, are a type of asymmetric key algorithm and are generally more efficient than traditional asymmetric key algorithms, but they are not specifically designed for encrypting large amounts of data.
9.
Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
Correct Answer
B. War driving
Explanation
Disabling the SSID broadcast of wireless access points can help prevent war driving. War driving is the act of searching for and mapping out wireless networks, often with malicious intent. By disabling the SSID broadcast, the network becomes less visible to potential attackers, making it harder for them to identify and target the network. This adds an extra layer of security to the company's wireless network infrastructure.
10.
Which of the following BEST describes ARP?
Correct Answer
C. Discovering the MAC address of a device from the IP address
Explanation
ARP (Address Resolution Protocol) is a network protocol used to discover the MAC address of a device from its IP address. When a device wants to communicate with another device on the same network, it needs to know the MAC address of the destination device. ARP helps in mapping the IP address to the corresponding MAC address by sending an ARP request to the network. The device with the matching IP address responds with its MAC address, allowing the sender to establish a direct communication link. Therefore, the given answer correctly describes the purpose of ARP.
11.
Which of the following would be BEST to use to apply corporate security settings to a device?
Correct Answer
D. A security template
Explanation
A security template would be the best option to apply corporate security settings to a device. A security template is a predefined configuration that includes security settings for various aspects of a device, such as user accounts, password policies, and network settings. It allows for consistent and efficient application of security settings across multiple devices within an organization. Unlike a security patch or hotfix, which are typically used to address specific vulnerabilities or bugs, a security template provides a comprehensive set of security configurations that can be easily applied to ensure the device meets the organization's security requirements. An OS service pack, on the other hand, is a collection of updates and fixes for an operating system, but it may not specifically focus on security settings.
12.
A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?
Correct Answer
B. $2,290
Explanation
The expected net savings of $2,290 can be calculated by considering the potential cost of not purchasing the anti-malware software. Without the software, there is a 90% chance each year that workstations will be compromised, resulting in a three-hour downtime for the 30 staff members. Since the staff members are paid $90 per hour, the cost of this downtime would be 90 x 3 x 30 = $8,100. Therefore, by purchasing the software for $5,000 per year, the business can save $8,100 - $5,000 = $3,100. However, the question asks for the expected net savings, which takes into account the 90% chance of compromise. Therefore, the expected net savings would be 90% of $3,100, which is 0.9 x $3,100 = $2,790.
13.
Which of the following improves security in a wireless system?
Correct Answer
B. MAC filtering
Explanation
MAC filtering improves security in a wireless system by allowing the network administrator to control which devices can connect to the network based on their MAC addresses. By only allowing authorized devices to connect, MAC filtering helps to prevent unauthorized access to the network. This adds an extra layer of security to the wireless system, as even if someone knows the network's SSID, they won't be able to connect unless their device's MAC address is allowed.
14.
A user wants to implement secure LDAP on the network. Which of the following port numbers secure LDAP use by default?
Correct Answer
D. 636
Explanation
Secure LDAP (LDAPS) uses port number 636 by default. LDAP is a protocol used for accessing and managing directory services, while LDAPS is a secure version of LDAP that incorporates SSL/TLS encryption for secure communication. Port 636 is designated for LDAPS to ensure that the communication between the LDAP client and server is encrypted and protected from unauthorized access or tampering. Therefore, when implementing secure LDAP on the network, port number 636 should be used.
15.
How many keys are utilized with asymmetric cryptography?
Correct Answer
B. Two
Explanation
Asymmetric cryptography, also known as public-key cryptography, uses a pair of keys - a public key and a private key. The public key is used for encryption, while the private key is used for decryption. This allows for secure communication and authentication between two parties. Therefore, the correct answer is Two.
16.
During a risk assessment it is discovered that only one system administrator is assigned several critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?
Correct Answer
D. Single point of failure
Explanation
The recommendation to cross train other system administrators to perform critical tasks mitigates the risk of a single point of failure. This means that if the only system administrator is unavailable or unable to perform their duties, there are other trained individuals who can step in and ensure the continuity of operations. By having multiple administrators capable of handling these tasks, the organization reduces its dependency on a single individual and minimizes the risk of disruptions or failures in the system.
17.
Which of the following network filtering devices will rely on signature updates to be effective?
Correct Answer
C. NIDS
Explanation
A Network Intrusion Detection System (NIDS) relies on signature updates to be effective. NIDS monitors network traffic for suspicious or malicious activity by comparing it to a database of known attack signatures. These signatures are updated regularly to include new threats and vulnerabilities. By relying on signature updates, NIDS can stay up to date with the latest attack techniques and provide effective protection against them. Proxy servers, firewalls, and honeynets do not necessarily rely on signature updates for their effectiveness.
18.
Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?
Correct Answer
C. Honeypot
Explanation
A honeypot is a single server that is intentionally set up in the DMZ or outer perimeter of a network to attract and distract attackers. It is designed to appear as a valuable target to attackers, luring them away from the actual sensitive systems and data. By monitoring the activities and techniques used by attackers on the honeypot, organizations can gain valuable insights into their tactics and improve their overall security measures.
19.
Which of the following encryption algorithms is decrypted in the LEAST amount of time?
Correct Answer
B. AES
Explanation
AES (Advanced Encryption Standard) is decrypted in the least amount of time compared to the other encryption algorithms mentioned. This is because AES is a symmetric encryption algorithm, meaning the same key is used for both encryption and decryption processes. It is known for its efficiency and speed, making it faster than RSA and 3DES. L2TP, on the other hand, is not an encryption algorithm but a tunneling protocol used for secure communication, so it is not applicable to compare its decryption time with the other encryption algorithms.
20.
An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet?
Correct Answer
C. Firewall
Explanation
A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between the internal network (DMZ) and the external network (Internet), preventing unauthorized access and protecting the DMZ from attacks launched from the Internet. Firewalls analyze network data packets and determine whether to allow or block them based on the configured rules. By enforcing security policies and controlling network traffic, firewalls play a crucial role in securing networks from external threats.
21.
Which of the following is a way to manage operating system updates?
Correct Answer
D. Change management
Explanation
Change management is a way to manage operating system updates. It involves planning, implementing, and controlling changes to the operating system in a systematic and organized manner. This includes evaluating the need for updates, assessing their impact, scheduling and coordinating the updates, and ensuring that they are properly tested and deployed. Change management helps to minimize disruptions and risks associated with operating system updates, and ensures that they are carried out efficiently and effectively.
22.
Which of the following is a list of discrete entries that are known to be benign?
Correct Answer
A. Whitelist
Explanation
A whitelist is a list of discrete entries that are known to be benign. It is a security measure that allows only pre-approved entities or actions to be permitted, while blocking all others. By using a whitelist, any entry not on the list will be considered potentially harmful or unauthorized. Therefore, a whitelist is a list of entries that are trusted and considered safe.
23.
Which of the following increases the collision resistance of a hash?
Correct Answer
A. Salt
Explanation
Adding salt to a hash increases its collision resistance because it adds a random and unique value to the input before hashing. This makes it harder for attackers to precompute hash values or use rainbow tables, as the salted hash will be different even if the input is the same. Therefore, salt helps protect against dictionary attacks and increases the security of the hash function.
24.
A programmer has decided to alter the server variable in the coding of an authentication function for a proprietary sales application. Before implementing the new routine on the production application server, which of the following processes should be followed?
Correct Answer
A. Change management
Explanation
Change management should be followed before implementing the new routine on the production application server. Change management is a process that ensures any changes made to a system or software are properly planned, tested, and documented. It helps in minimizing the risks associated with changes and ensures that the changes are implemented smoothly without causing any disruptions or issues in the system. Therefore, before altering the server variable in the coding of the authentication function, it is important to follow the change management process to ensure the change is properly managed and implemented.
25.
When deploying 50 new workstations on the network, which of the following should be completed FIRST?
Correct Answer
C. Apply the baseline configuration
Explanation
The baseline configuration should be completed first when deploying 50 new workstations on the network. Applying the baseline configuration involves setting up the initial standard configuration for the workstations, which includes installing necessary software, configuring network settings, and ensuring security measures are in place. This step establishes a consistent starting point for all workstations, making it easier to manage and maintain them in the long run. Once the baseline configuration is applied, other tasks like installing a word processor, running the latest spyware, and running OS updates can be performed.
26.
Which of the following should be implemented to have all workstations and severs isolated in their own broadcast domains?
Correct Answer
A. VLANs
Explanation
VLANs (Virtual Local Area Networks) should be implemented to have all workstations and servers isolated in their own broadcast domains. VLANs allow network administrators to logically divide a single physical network into multiple virtual networks, each with its own broadcast domain. This isolation ensures that broadcast traffic is contained within each VLAN, preventing it from being transmitted to other VLANs. By implementing VLANs, workstations and servers can be grouped together based on their functional requirements while maintaining separate broadcast domains, enhancing network security and efficiency.
27.
End users are complaining about receiving a lot of email from online vendors and pharmacies. Which of the following is this an example of?
Correct Answer
B. Spam
Explanation
This is an example of spam. Spam refers to unsolicited and unwanted emails that are sent in bulk to a large number of recipients. In this case, the end users are receiving a lot of emails from online vendors and pharmacies, which they did not request or give consent to receive.
28.
Which of the following BEST describes a private key in regards to asymmetric encryption?
Correct Answer
A. The key owner has exclusive access to the private key
Explanation
A private key in regards to asymmetric encryption refers to a key that is only accessible to the key owner. This means that the key owner has exclusive access to the private key and no one else can access it. This is an important aspect of asymmetric encryption as it ensures that only the intended recipient can decrypt the encrypted messages or data.
29.
Which of the following logs might reveal the IP address and MAC address of a rogue device within the local network?
Correct Answer
B. DHCP logs
Explanation
DHCP logs can reveal the IP address and MAC address of a rogue device within the local network. DHCP (Dynamic Host Configuration Protocol) is responsible for assigning IP addresses to devices on a network. The DHCP logs keep a record of all IP addresses that have been assigned, including the corresponding MAC addresses. By analyzing these logs, network administrators can identify any unauthorized or rogue devices that have been assigned an IP address, allowing them to take appropriate action to secure the network.
30.
Which of the following is commonly used in a distributed denial of service (DDoS) attack?
Correct Answer
C. Botnet
Explanation
A botnet is a network of infected computers, known as bots, that are controlled by a central server or a group of attackers. In a distributed denial of service (DDoS) attack, the attackers use the botnet to flood a target website or network with a massive amount of traffic, overwhelming its resources and causing it to become unavailable to legitimate users. This is done by sending a high volume of requests from the compromised computers simultaneously, making it difficult for the target to handle the load. Therefore, a botnet is commonly used in a DDoS attack.
31.
Which of the following practices is MOST relevant to protecting against operating system security flaws?
Correct Answer
B. Patch management
Explanation
Patch management is the most relevant practice to protect against operating system security flaws. Patch management involves regularly updating and applying patches provided by the operating system vendor. These patches are designed to fix vulnerabilities and security flaws that have been discovered. By keeping the operating system up to date with the latest patches, organizations can ensure that any known security weaknesses are addressed, reducing the risk of exploitation by malicious actors. Network intrusion detection, firewall configuration, and antivirus selection are also important security practices, but they do not directly address operating system security flaws like patch management does.
32.
Which of the following is a best practice for coding applications in a secure manner?
Correct Answer
A. Input validation
Explanation
Input validation is a best practice for coding applications in a secure manner because it ensures that all user input is properly validated and sanitized before being processed. This helps to prevent various security vulnerabilities such as SQL injection, cross-site scripting, and command injection attacks. By validating and sanitizing user input, developers can ensure that only safe and expected data is accepted by the application, reducing the risk of malicious code execution or unauthorized access to sensitive information.
33.
Which of the following technologies can be used as a means to isolate a host OS from some types of security threats?
Correct Answer
B. Virtualization
Explanation
Virtualization is a technology that can be used to isolate a host OS from some types of security threats. It allows for the creation of virtual machines that run on a single physical machine, each with its own operating system and resources. By running applications and processes within these virtual machines, any potential security threats are contained within the virtual environment and cannot affect the host OS. This helps to protect the host OS from malware, viruses, and other security risks. Intrusion detection, kiting, and cloning are not directly related to isolating a host OS from security threats.
34.
Which of the following network tools would provide the information on what an attacker is doing to compromise a system?
Correct Answer
B. Honeypot
Explanation
A honeypot is a network tool that is designed to attract and deceive attackers, making them believe that they have successfully compromised a system. By monitoring the activities of the attacker within the honeypot, administrators can gain valuable insights into the attacker's methods, techniques, and intentions. This information can then be used to better understand the attacker's tactics and strengthen the security of the actual system being protected. Therefore, a honeypot is the most appropriate network tool for providing information on what an attacker is doing to compromise a system.
35.
Assigning proper security permissions to files and folders is the primary method of mitigating which of the following?
Correct Answer
C. Trojan
Explanation
Assigning proper security permissions to files and folders is the primary method of mitigating Trojan attacks. By assigning appropriate permissions, access to sensitive files and folders can be restricted, preventing unauthorized modifications or execution of malicious code that may be associated with a Trojan. This helps to prevent the Trojan from infiltrating the system and carrying out its intended malicious activities.
36.
Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker?
Correct Answer
B. Account expiration
Explanation
Account expiration would be the most appropriate logical access control to use when creating an account for a temporary worker. This control ensures that the account is only valid for a specific period of time, typically aligned with the duration of the worker's contract or assignment. Once the account expires, the temporary worker will no longer have access to the system, reducing the risk of unauthorized access or misuse of resources. This control is particularly useful for managing access to sensitive information or systems, as it automatically revokes access after the designated time period.
37.
Which of the following may be an indication of a possible system compromise?
Correct Answer
B. A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline
Explanation
A performance monitor indicating a recent and ongoing drop in speed, disk space, or memory utilization from the baseline may be an indication of a possible system compromise. This could suggest that the system has been compromised and is being used for unauthorized activities, such as running malicious processes or using up system resources for nefarious purposes.
38.
An administrator suspects that files are being copied to a remote location during off hours. The file server does not have logging enabled. Which of the following logs would be the BEST place to look for information?
Correct Answer
B. Firewall logs
Explanation
Firewall logs would be the best place to look for information in this scenario. Firewall logs record all incoming and outgoing network traffic, including any attempts to access remote locations. By analyzing the firewall logs, the administrator can identify any suspicious or unauthorized connections to remote locations during off hours, which could indicate files being copied to a remote location. The other options, such as intrusion detection logs, antivirus logs, and DNS logs, may provide some information, but they are less likely to specifically track file copying to a remote location.
39.
Which of the following access control methods grants permissions based on the users position in the company?
Correct Answer
D. Role-Based Access Control (RBAC)
Explanation
Role-Based Access Control (RBAC) is an access control method that grants permissions based on the users' position in the company. In RBAC, access rights are assigned to roles, and users are then assigned to those roles based on their position or job function within the organization. This allows for a more structured and efficient way of managing permissions, as access can be easily granted or revoked by assigning or removing users from specific roles. RBAC provides a centralized and scalable approach to access control, making it suitable for organizations with a hierarchical structure.
40.
Which of the following access control methods includes switching work assignments at preset intervals?
Correct Answer
A. Job rotation
Explanation
Job rotation is an access control method that involves switching work assignments at preset intervals. This practice helps to prevent any single individual from gaining excessive access or knowledge about a particular system or process. By regularly rotating job responsibilities, organizations can reduce the risk of fraud, collusion, or unauthorized access. This approach also promotes cross-training and skill development among employees, leading to a more flexible and resilient workforce.
41.
Which of the following authentication methods would MOST likely prevent an attacker from being able to successfully deploy a replay attack?
Correct Answer
D. Kerberos
Explanation
Kerberos is a network authentication protocol that provides strong authentication and prevents replay attacks. It achieves this by using timestamps and session keys to encrypt and authenticate messages exchanged between clients and servers. This prevents an attacker from intercepting and replaying previously captured authentication messages, as the timestamps and session keys are unique for each authentication session. Therefore, Kerberos is the most likely authentication method to prevent a replay attack.
42.
Which of the following would an attacker use to footprint a system?
Correct Answer
C. Port scanner
Explanation
An attacker would use a port scanner to footprint a system. A port scanner is a tool that scans a target system for open ports, which can provide information about the services and vulnerabilities present on the system. By identifying open ports, an attacker can gather information about the network architecture and potentially exploit any vulnerabilities associated with those open ports. This information can be used to plan further attacks or gain unauthorized access to the system.
43.
Which of the following ensures a user cannot deny having sent a message?
Correct Answer
C. Non-repudiation
Explanation
Non-repudiation ensures that a user cannot deny having sent a message. It provides evidence that the message was indeed sent by the user and cannot be disputed. This is achieved through the use of digital signatures or other authentication mechanisms that can uniquely identify the sender. Non-repudiation is important in legal and business contexts where proof of communication and accountability is required.
44.
Which of the following allows an attacker to embed a rootkit into a picture?
Correct Answer
C. SteganograpHy
Explanation
Steganography is the technique of hiding information within other files, such as images, without altering their appearance. In the context of the question, an attacker can use steganography to embed a rootkit into a picture, making it difficult to detect. The rootkit can then be executed when the picture is opened or accessed, giving the attacker unauthorized access and control over the targeted system. Unlike trojans, worms, or viruses, which rely on specific malicious code, steganography allows for covert communication and exploitation by concealing the presence of the rootkit within the image file.
45.
Which of the following is a publication of inactivated user certificates?
Correct Answer
A. Certificate Revocation List
Explanation
A Certificate Revocation List (CRL) is a publication of inactivated user certificates. It is a list maintained by a Certificate Authority (CA) that contains the serial numbers of certificates that have been revoked or invalidated before their expiration date. This list is distributed to users and relying parties to check the validity of certificates before trusting them. By consulting the CRL, users can ensure that the certificates they are using have not been compromised or revoked, thereby enhancing the security of their communications.
46.
Which of the following is a method of encrypting email?
Correct Answer
A. S/MIME
Explanation
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a method of encrypting email. It provides end-to-end encryption and digital signing of messages, ensuring privacy and authenticity. S/MIME uses public-key cryptography to encrypt the email content and attachments, making it secure from unauthorized access or tampering. It also verifies the sender's identity through digital signatures, preventing impersonation and ensuring message integrity. S/MIME is widely used in email communication to protect sensitive information and maintain the confidentiality of email exchanges.
47.
Which of the following risks would be reduced by implementing screen filters?
Correct Answer
D. Shoulder surfing
Explanation
Implementing screen filters would reduce the risk of shoulder surfing. Shoulder surfing is a type of attack where an unauthorized person can view or capture sensitive information by looking over someone's shoulder while they are using their device. By using screen filters, the visibility of the screen is limited to the user, making it difficult for shoulder surfers to see the information being displayed. This helps protect the user's privacy and reduces the risk of unauthorized access to sensitive data.
48.
Which of the following allows an attacker to hide the presence of malicious code by altering the systems process and registry entries?
Correct Answer
D. Rootkit
Explanation
A rootkit is a type of malicious software that allows an attacker to hide the presence of their code by altering the system's processes and registry entries. It is designed to gain unauthorized access to a computer system and maintain control over it while remaining undetected. By modifying the system's processes and registry entries, the rootkit can hide its files, processes, and network connections, making it difficult for antivirus software and other security measures to detect and remove it. This allows the attacker to maintain control over the compromised system and carry out malicious activities without being detected.
49.
Which of the following will propagate itself without any user interaction?
Correct Answer
A. Worm
Explanation
A worm is a type of malware that can self-replicate and spread across computer networks without any user interaction. Unlike viruses, which require a host file or program to spread, worms are standalone programs that can exploit vulnerabilities in a system's security to automatically propagate themselves. This ability to replicate and spread autonomously sets worms apart from other types of malware such as rootkits, trojans, and viruses, which generally rely on user actions or the execution of infected files to spread.
50.
An administrator wants to setup their network with only one public IP address. Which of the following would allow for this?
Correct Answer
D. NAT
Explanation
NAT (Network Address Translation) allows for the translation of private IP addresses to a single public IP address. This enables multiple devices on a network to share the same public IP address, conserving the limited supply of public IP addresses. By using NAT, the administrator can set up their network with only one public IP address, ensuring connectivity for all devices on the network while maintaining security.