SEC Technologies And Tools - Cyber Security Quiz

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Alfredhook3
A
Alfredhook3
Community Contributor
Quizzes Created: 2944 | Total Attempts: 2,859,606
| Attempts: 614
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/78 Questions

    Your company's web site experiences a large number of client requests during certain times of the year. Which of the following would your company add to ensure the web site's availability during these times? 

    • (A) Fall-open cluster
    • (B) Certificates
    • (C) Web application firewall
    • (D) Load balancing
Please wait...
About This Quiz

As an innovative company, SEC Technologies is continuously working on game-changing solutions to protect government agencies, organizations and companies of all sizes and industries against the increasing number of cyber-attacks.
This is a Cyber Security Quiz about SEC Technologies and Tools!

SEC Technologies And Tools - Cyber SECurity Quiz - Quiz

Quiz Preview

  • 2. 

    Lisa is enabling NTP on some servers within the DMZ. Which of the following cases is the MOST likely supporting with this action?

    • (A) Support voice and video transmissions

    • (B) Provide time synchronization

    • (C) Enable email usage

    • (D) Encrypt data-in-transit

    Correct Answer
    A. (B) Provide time synchronization
    Explanation
    Enabling NTP (Network Time Protocol) on servers within the DMZ is most likely supporting the action of providing time synchronization. NTP is a protocol used for synchronizing the clocks of computer systems over a network. By enabling NTP on the servers, Lisa ensures that all the servers within the DMZ have accurate and synchronized time, which is important for various network operations, logging, authentication, and other time-sensitive processes. This action helps in maintaining consistency and coordination among the servers within the DMZ.

    Rate this question:

  • 3. 

    Management within your organization wants some users to be able to access internal network resources from remote locations. Which of the following is the BEST choice to meet this need? 

    • (A) NAC

    • (B) VPN

    • (C) IDS

    • (D) IPS

    Correct Answer
    A. (B) VPN
    Explanation
    A VPN (Virtual Private Network) is the best choice to meet the need of allowing users to access internal network resources from remote locations. A VPN creates a secure and encrypted connection over a public network, such as the internet, allowing users to access resources as if they were directly connected to the internal network. This ensures the privacy and security of the data being transmitted between the user and the internal network, making it the ideal solution for remote access.

    Rate this question:

  • 4. 

    Lisa is enabling NTP on some servers within the DMZ. Which of the following use cases is she MOST likely supporting with this action?

    • (A) Support voice and video transmissions

    • (B) Provide time synchronization

    • (C) Enable email usage

    • (D) Encrypt data-in-transit

    Correct Answer
    A. (B) Provide time synchronization
    Explanation
    Enabling NTP (Network Time Protocol) on servers within the DMZ is most likely done to provide time synchronization. NTP is a protocol used to synchronize the clocks of computers on a network, ensuring that they all have the same time. This is important for various reasons, such as accurate logging, coordination of events, and maintaining consistency in distributed systems. It is not directly related to supporting voice and video transmissions, enabling email usage, or encrypting data-in-transit.

    Rate this question:

  • 5. 

    Management within your organization wants some users to be able to access internal network resources from remote locations. Which of the following is the BEST choice to meet this need?

    • (A) NAC

    • (B) VPN

    • (C) IDS

    • (D) IPS

    Correct Answer
    A. (B) VPN
    Explanation
    A VPN (Virtual Private Network) is the best choice to meet the need of allowing users to access internal network resources from remote locations. A VPN creates a secure and encrypted connection between the user's device and the internal network, ensuring that data is protected from unauthorized access while being transmitted over the internet. This allows users to securely access internal resources, such as files, applications, and servers, as if they were directly connected to the internal network. NAC (Network Access Control), IDS (Intrusion Detection System), and IPS (Intrusion Prevention System) are not specifically designed to provide remote access to network resources.

    Rate this question:

  • 6. 

    Your organization's security policy requires that PII data-in-transit must be encrypted. Which of the following protocols would BEST meet this requirement? 

    • (A) FTP

    • (B) SSH

    • (C) SMTP

    • (D) HTTP

    Correct Answer
    A. (B) SSH
    Explanation
    SSH (Secure Shell) is a network protocol that provides a secure way to access and transfer data over an unsecured network. It uses encryption to protect the confidentiality and integrity of data during transmission. Therefore, SSH would be the best protocol to meet the organization's security policy requirement of encrypting PII data-in-transit. FTP, SMTP, and HTTP do not provide the same level of encryption and security as SSH.

    Rate this question:

  • 7. 

    You manage a Linux computer used for security within your network. You plan to use it to inspect and handle network-based traffic using iptables. Which of the following network devices can this replace?

    • (A) Wireless access point

    • (B) Firewall

    • (C) Layer 2 switch

    • (D) Bridge

    Correct Answer
    A. (B) Firewall
    Explanation
    Iptables is a powerful firewall tool in Linux that allows you to inspect and handle network-based traffic. It can filter and manipulate packets based on various criteria such as source/destination IP addresses, ports, protocols, etc. Therefore, using iptables on a Linux computer can replace a dedicated firewall device, making option (B) the correct answer.

    Rate this question:

  • 8. 

    Your organization is planning to deploy a new e-commerce web site. Management anticipates heavy processing requirements for a back-end application. The current design will use one web server and multiple application servers. Which of the following BEST describes the application servers?

    • (A) Load balancing

    • (B) Clustering

    • (C) RAID

    • (D) Affinity scheduling

    Correct Answer
    A. (A) Load balancing
    Explanation
    The application servers in this scenario are responsible for distributing the processing load among multiple servers to ensure efficient and effective handling of the heavy processing requirements. Load balancing involves evenly distributing the incoming requests across multiple servers, thereby optimizing performance and preventing any single server from becoming overwhelmed. This approach helps to improve scalability, availability, and responsiveness of the e-commerce web site.

    Rate this question:

  • 9. 

    You suspect that an attacker has been sending specially crafted TCP packets to a server trying to exploit vulnerability. You decide to capture TCP packets being sent to this server for later analysis and you want to use a command-line tool to do so. Which of the following tools will BEST meet your need? 

    • (A) Wiredump

    • (B) Tcpdump

    • (C) Netcat

    • (D) Nmap

    Correct Answer
    A. (B) Tcpdump
    Explanation
    Tcpdump is the best tool to capture TCP packets being sent to a server for later analysis. Tcpdump is a command-line packet analyzer that allows you to capture and display network packets. It can capture packets in real-time and save them to a file for later analysis. By using Tcpdump, you can monitor the network traffic and analyze the packets to identify any suspicious activity or potential attacks.

    Rate this question:

  • 10. 

    Your organization recently suffered a loss from malware that wasn't previously known by any trusted sources. Which of the following BEST describes this attack? 

    • (A) Phishing

    • (B) Zero-day

    • (C) Open-source intelligence

    • (D) Hoax

    Correct Answer
    A. (B) Zero-day
    Explanation
    The correct answer is (B) Zero-day. A zero-day attack refers to a cyber attack that exploits a vulnerability in a software or system that is unknown to the software developers or security experts. In this scenario, the organization suffered a loss from malware that was not previously known by any trusted sources, indicating that the attack took advantage of a vulnerability that was not yet discovered or patched. This type of attack can be particularly dangerous as there are no known defenses or countermeasures available to protect against it.

    Rate this question:

  • 11. 

    A penetration tester is running several tests on a server within your organization's DMZ. The tester wants to identify the operating system of the remote host. Which of the following tools or methods are MOST likely to provide this information?

    • (A) Banner grabbing

    • (B) Vulnerability scan

    • (C) password cracker

    • (D) Protocol analyzer

    Correct Answer
    A. (A) Banner grabbing
    Explanation
    Banner grabbing is the most likely tool or method to identify the operating system of a remote host. Banner grabbing involves capturing and analyzing the banners or headers that are sent by the server in response to a connection request. These banners often contain information about the server's operating system, version, and other details. By analyzing the banners, a penetration tester can determine the operating system of the remote host. Vulnerability scans, password crackers, and protocol analyzers are not specifically designed to identify the operating system of a remote host.

    Rate this question:

  • 12. 

    Your organization wants to combine some of the security controls used to control incoming and outgoing network traffic. At a minimum, the solution should include malware inspection, content inspection, and a DDOS mitigator. Which of the following BEST meets this goal? 

    • (A) VLAN

    • (B) NAT

    • (C) UTM

    • (D) DNSSEC

    Correct Answer
    A. (C) UTM
    Explanation
    A UTM (Unified Threat Management) solution is the best choice for combining security controls for incoming and outgoing network traffic. UTM integrates multiple security features such as malware inspection, content inspection, and DDOS mitigation into a single platform, making it efficient and effective in protecting the network. VLAN (A) is a network segmentation technique and does not provide the required security controls. NAT (B) is a network address translation technique and does not offer the necessary security features. DNSSEC (D) is a security extension for DNS but does not encompass all the required controls. Therefore, UTM is the most suitable option for this scenario.

    Rate this question:

  • 13. 

    Developers recently configured a new service on ServerA. Server A is in a DMZ and accessed by internal users and via the Internet. Network administrators modified firewall rules to access the service. Testing shows the service works when accessed from the internal systems. However, it does not work when accessed from the Internet. Which of the following is MOST likely configured incorrectly?

    • (A) The new service

    • (B) An ACL

    • (C) ServerA

    • (D) The VLAN

    Correct Answer
    A. (B) An ACL
    Explanation
    The most likely configuration that is incorrect in this scenario is the ACL (Access Control List). An ACL is a set of rules that determines what traffic is allowed or denied on a network. Since the service works when accessed from internal systems but not from the internet, it suggests that the ACL is blocking incoming internet traffic to the service on ServerA.

    Rate this question:

  • 14. 

    Your organization hosts an e-commerce business that has become quite successful recently. It includes a web farm and a database server within the DMZ. IT management is concerned that there isn't enough staff working around the clock to protect these servers. Which of the following would provide the BEST automated protection for these servers? 

    • (A) NIDS and HIDS

    • (B) NIPS and HIPS

    • SIEM and NIPS

    • SIEM and NIDS

    Correct Answer
    A. (B) NIPS and HIPS
    Explanation
    NIPS (Network Intrusion Prevention System) and HIPS (Host Intrusion Prevention System) provide the best automated protection for the servers in this scenario. NIPS monitors network traffic for any suspicious activity and can actively block or prevent any potential attacks. HIPS, on the other hand, is installed on individual servers and monitors for any unauthorized access or malicious activity on the host level. Together, NIPS and HIPS provide comprehensive protection for both the network and the individual servers, ensuring the security of the e-commerce business.

    Rate this question:

  • 15. 

    Your network includes dozens of servers. Administrators in your organization are having problems aggregating and correlating the logs from these services. Which of the following provides the BEST solution for these problems?

    • (A) SIEM

    • (B) Network mapper

    • (C) Network scanner

    • (D) Nmap

    Correct Answer
    A. (A) SIEM
    Explanation
    SIEM (Security Information and Event Management) provides the best solution for aggregating and correlating logs from multiple servers. SIEM systems collect and analyze data from various sources, including logs, to identify and respond to security incidents. By centralizing logs and providing real-time analysis, SIEM enables administrators to detect and investigate security threats more effectively. Network mappers and scanners, such as Nmap, are used for network discovery and vulnerability scanning, but they do not offer the same level of log aggregation and correlation capabilities as SIEM. Therefore, SIEM is the most suitable solution for the given problem.

    Rate this question:

  • 16. 

    Which type of device would have the following entries used to define its operation?  permit IP any any eq 80 permit IP any any eq 443 deny IP and any any

    • (A) Firewall

    • (B) Layer 2 switch

    • (C) Proxy server

    • (D) Web server

    Correct Answer
    A. (A) Firewall
    Explanation
    The given entries "permit IP any any eq 80" and "permit IP any any eq 443" indicate that the device is allowing incoming traffic on ports 80 and 443, which are commonly used for HTTP and HTTPS protocols respectively. The entry "deny IP any any" suggests that the device is blocking all other types of IP traffic. This behavior aligns with the functionality of a firewall, which is designed to monitor and control network traffic based on predefined rules. Therefore, the correct answer is (A) Firewall.

    Rate this question:

  • 17. 

    Your organization has a dedicated classroom for teaching computer classes. Students include internal employees and visiting guests. Security administrators recently discovered that students were unplugging the network cable from some classroom computers and plugging the network cable into their laptop computer, giving them access to network resources. Which of the following is the BEST solution to prevent this activity? 

    • (A) Flood guard

    • (B) VLAN

    • (C) Port security

    • (D) Loop protection

    Correct Answer
    A. (C) Port security
    Explanation
    Port security is the best solution to prevent students from unplugging the network cable from classroom computers and plugging it into their laptops. Port security allows administrators to restrict access to network resources by binding specific MAC addresses to specific switch ports. This means that only authorized devices with registered MAC addresses can access the network through a particular port, preventing unauthorized devices from gaining network access.

    Rate this question:

  • 18. 

    You need to perform tests on your network to identify missing security controls. However, you want to have the least impact on your systems that users are accessing. Which of the following tools is the BEST to meet this need?

    • (A) A syn stealth scan

    • (B) Vulnerability scan

    • (C) Ping scan

    • (D) Penetration test

    Correct Answer
    A. (B) Vulnerability scan
    Explanation
    A vulnerability scan is the best tool to meet the need of identifying missing security controls with the least impact on the systems that users are accessing. Unlike other options, such as a syn stealth scan or penetration test, a vulnerability scan focuses on identifying vulnerabilities and weaknesses in the network infrastructure and systems. It does not attempt to exploit or disrupt the systems being tested, minimizing the impact on the systems and users. A ping scan, on the other hand, is a basic network scanning technique that only checks the availability of hosts and does not provide detailed information about security controls.

    Rate this question:

  • 19. 

    Lisa wants to manage and monitor the switches and routers in her network. Which of the following protocols would she use?

    • (A) NAT

    • (B) SRTP

    • (C) SNMPv3

    • (D) DNSSEC

    Correct Answer
    A. (C) SNMPv3
    Explanation
    Lisa would use SNMPv3 (Simple Network Management Protocol version 3) to manage and monitor the switches and routers in her network. SNMPv3 is a widely used protocol for network management and provides secure access to network devices, allowing Lisa to gather information about their performance, configure settings, and receive notifications of any issues or changes. It offers authentication and encryption features, making it a suitable choice for ensuring the security of her network management activities.

    Rate this question:

  • 20. 

    Your organization hosts several web servers in a web farm. They have recently been attacked, resulting in unacceptable downtime. Management wants to implement a solution that will provide protection for the web farm and include load balancing to improve the overall performance of the farm. Which of the following BEST meet this need?

    • (A) Stateless firewall

    • (B) Stateful firewall

    • (C) Web application firewall

    • (D) Host-based firewall

    Correct Answer
    A. (C) Web application firewall
    Explanation
    A web application firewall is the best solution to meet the organization's need for protection and load balancing in the web farm. A web application firewall is specifically designed to protect web applications from various types of attacks, including those that caused the recent downtime. It can inspect and filter incoming and outgoing traffic to detect and block malicious requests. Additionally, a web application firewall can also distribute incoming traffic across multiple servers in the web farm, thereby improving the overall performance and availability of the web applications.

    Rate this question:

  • 21. 

    Bizzfad is planning to implement a CYOD deployment model. You're asked to provide input for the new policy. Which of the following concepts are appropriate for this policy?

    • (A) SCADA access

    • (B) Storage segmentation

    • (C) Database security

    • (D) Embedded RTOS

    Correct Answer
    A. (B) Storage segmentation
    Explanation
    Storage segmentation is an appropriate concept for a CYOD (Choose Your Own Device) deployment model. CYOD allows employees to choose their own devices for work purposes, but it also requires implementing policies to ensure security and control. Storage segmentation involves dividing the storage space on a device into separate partitions, allowing for better organization and security of data. This concept is relevant in a CYOD policy as it helps to ensure that sensitive company data is stored separately from personal data on the employee's chosen device, maintaining data security and privacy.

    Rate this question:

  • 22. 

    Management suspects that employees have been sending proprietary data out of the network via email. They want to implement a solution that will detect and block similar incidents in the future. Which of the following is the BEST choice to meet this need? 

    • (A) Mail gateway

    • (B) UTM appliance

    • (C) Forward proxy

    • (D) Reverse proxy

    Correct Answer
    A. (A) Mail gateway
    Explanation
    A mail gateway is the best choice to meet the need of detecting and blocking incidents of sending proprietary data out of the network via email. A mail gateway is a security solution that monitors and filters email traffic, allowing organizations to enforce policies and prevent unauthorized data transfers. It can scan email attachments and content for sensitive information, detect patterns that indicate data leakage, and block or quarantine suspicious emails. By implementing a mail gateway, management can effectively prevent future incidents of sending proprietary data out of the network via email.

    Rate this question:

  • 23. 

    Ned is not able to access any network resources from his Linux-based computer. Which of the following commands would he use to view the network configuration of his system? 

    • (A) ifconfig

    • (B) ipconfig

    • (C) netstat

    • (D) tracert

    Correct Answer
    A. (A) ifconfig
    Explanation
    Ned would use the "ifconfig" command to view the network configuration of his Linux-based computer. This command is used to display the current network configuration, including IP addresses, network interfaces, and other network-related information.

    Rate this question:

  • 24. 

    Of the following choices, what can you use to divert malicious attacks on your network away from valuable data to worthless, fabricated data? 

    • (A) IPS

    • (B) Proxy server

    • (C) Web application firewall

    • (D) Honeypot

    Correct Answer
    A. (D) Honeypot
    Explanation
    A honeypot is a security mechanism that is used to divert and distract malicious attacks on a network. It is designed to appear as a valuable target to attackers, attracting their attention and luring them away from actual valuable data. By directing attackers towards the honeypot, organizations can monitor their behavior, gather information about their tactics, and protect their real data from being compromised.

    Rate this question:

  • 25. 

    Management within your company wants to prevent users from copying documents to USB flash drives. Which of the following can be used to meet this goal? 

    • (A) DLP

    • (B) HSM

    • (C) COPE

    • (D) SED

    Correct Answer
    A. (A) DLP
    Explanation
    DLP stands for Data Loss Prevention, which is a security solution that helps organizations monitor and control sensitive data to prevent its unauthorized disclosure. In this scenario, DLP can be used to prevent users from copying documents to USB flash drives by implementing policies and rules that detect and block any attempts to copy data to removable storage devices. DLP can also provide alerts and notifications to the management team when such activities occur, allowing them to take appropriate action to mitigate the risk of data loss.

    Rate this question:

  • 26. 

    A HIDS reported a vulnerability on a system based on a known attack. After researching the alert from the HIDS, you identify the recommended solution and begin applying it. What type of HIDS is in use?

    • (A) Network-based 

    • (B) Signature-based

    • (C) Heuristic-based

    • (D) Anomaly-based

    Correct Answer
    A. (B) Signature-based
    Explanation
    The correct answer is (B) Signature-based. A signature-based HIDS works by comparing the patterns or signatures of known attacks against the system being monitored. In this scenario, the HIDS reported a vulnerability based on a known attack, indicating that it detected a matching signature or pattern. The recommended solution is then applied to mitigate the vulnerability.

    Rate this question:

  • 27. 

    After recently adding additional network devices, administrators noticed an increased workload related to their IDS. Which of the following can cause an increased workload from incorrect reporting?

    • (A) False negatives

    • (B) False positives

    • (C) Signature-based

    • (D) Behavioral-based IDS

    Correct Answer
    A. (B) False positives
    Explanation
    False positives can cause an increased workload from incorrect reporting. False positives occur when the IDS incorrectly identifies legitimate network traffic or behavior as malicious. This can result in administrators having to spend time investigating and responding to these false alarms, which increases their workload.

    Rate this question:

  • 28. 

    Your organization hosts an e-commerce business that has become quite successful recently. It includes a web farm and a database server within the DMZ. IT management is concerned that there isn't enough staff working around the clock to protect these servers. Which of the following would provide the BEST automated protection for these servers?

    • (A) NIDS and HIDS

    • (B) NIPS and HIPS

    • (C) SIEM and NIPS

    • (D) SIEM and NIDS

    Correct Answer
    A. (B) NIPS and HIPS
    Explanation
    NIPS (Network Intrusion Prevention System) and HIPS (Host Intrusion Prevention System) would provide the best automated protection for the web farm and database server within the DMZ. NIPS monitors network traffic for any suspicious activity and can actively block or prevent intrusions in real-time. HIPS, on the other hand, is installed on individual hosts and monitors their activity, preventing any unauthorized changes or malicious behavior. Together, NIPS and HIPS provide comprehensive protection for both the network and the individual servers, ensuring the security of the e-commerce business.

    Rate this question:

  • 29. 

    Attackers have recently launched several attacks against servers in your organization's DMZ. You are tasked with identifying a solution that will have the best chance at preventing these attacks in the future. Which of the following is the BEST choice? 

    • (A) An out-of-band IPS

    • (B) An in-band IPS

    • (C) A passive IDS

    • (D) An out-of-band IDS

    Correct Answer
    A. (B) An in-band IPS
    Explanation
    An in-band IPS (Intrusion Prevention System) is the best choice for preventing future attacks against servers in the organization's DMZ. Unlike an out-of-band IPS, which only monitors network traffic, an in-band IPS actively inspects and filters the traffic in real-time. This allows it to detect and block any malicious activity before it reaches the servers, providing a proactive defense against attacks. A passive IDS (Intrusion Detection System) only monitors traffic and does not actively prevent attacks, while an out-of-band IDS lacks the real-time capabilities of an in-band IPS.

    Rate this question:

  • 30. 

    A penetration tester is tasked with gaining information on one of your internal servers and he enters the following command: echo " " | nc -vv -n -w1 72.52.206.134 80 What is the purpose of this command?

    • (A) Identify if a server is running a service using port 80 and is reachable.

    • (B) Launch an attack on a server sending 80 separate packets in a short period of time.

    • (C) Use Netcat to remotely administer the server

    • (D) Use Netcate to start an RDP session on the server.

    Correct Answer
    A. (A) Identify if a server is running a service using port 80 and is reachable.
    Explanation
    The purpose of the given command is to identify if a server is running a service using port 80 and is reachable. The command uses Netcat (nc) to establish a connection with the server's IP address on port 80. The "-vv" option enables verbose output, "-n" disables DNS resolution, and "-w1" sets a timeout of 1 second. The "echo" command is used to send an empty string as input to the server. If the connection is successful and the server is running a service on port 80, it will respond, indicating that the server is reachable.

    Rate this question:

  • 31. 

    Flancrest Enterprises recently set up a web site utilizing several web servers in a web farm. The web farm spreads the load among the different web servers by sending the first request to one server, the next request to the second server, and so on. Which of the following BEST describes this configuration? 

    • (A) Affinity

    • (B) Round-robin

    • (C) Airgap

    • (D) Mantrap

    Correct Answer
    A. (B) Round-robin
    Explanation
    This configuration is described as "round-robin." In a round-robin configuration, the load is distributed evenly among the web servers in the web farm by sending each request to the next server in a sequential order. This ensures that each server receives an equal share of the workload, preventing any single server from being overwhelmed.

    Rate this question:

  • 32. 

    Lenny noticed a significant number of logon failures for administrator accounts on the organization's public web site. After investigating it further, he notices that most of these attempts are from IP addresses assigned to foreign countries. He wants to implement a solution that will detect and prevent similar attacks. Which of the following is the BEST choice?

    • (A) Add a flood guard to the network.

    • (B) Block all traffic from foreign countries.

    • (C) Implement an IPS.

    • (D) Disable the administrator accounts

    Correct Answer
    A. (C) Implement an IPS.
    Explanation
    Implementing an IPS (Intrusion Prevention System) would be the best choice in this scenario. An IPS can detect and prevent attacks by analyzing network traffic and identifying any suspicious or malicious activity. By implementing an IPS, Lenny can effectively detect and block any further login attempts from foreign IP addresses, thereby preventing similar attacks on the organization's public web site. Adding a flood guard to the network may help mitigate against DDoS attacks but will not specifically address the issue of logon failures. Blocking all traffic from foreign countries may not be feasible or practical, as it could potentially block legitimate users from accessing the web site. Disabling the administrator accounts would not address the root cause of the problem and may hinder the organization's operations.

    Rate this question:

  • 33. 

    You need to configure a UTM security appliance to restrict traffic going to social media sites. Which of the following are you MOST likely to configure?

    • (A) Content inspection

    • (B) Malware inspection

    • (C) URL filter

    • (D) DDos mitigator

    Correct Answer
    A. (C) URL filter
    Explanation
    To restrict traffic going to social media sites, the most likely configuration would be a URL filter. A URL filter allows you to block or allow access to specific websites based on their URLs. By configuring a URL filter, you can specify a list of social media site URLs that you want to block, effectively restricting access to those sites. This can be useful in a corporate or educational environment where the use of social media may be deemed inappropriate or distracting.

    Rate this question:

  • 34. 

    You need to modify the network infrastructure to increase availability of web-based applications for Internet clients. Which of the following choices provides the BEST solution?

    • (A) Load balancing

    • (B) Proxy server

    • (C) UTM

    • (D) Content inspection

    Correct Answer
    A. (A) Load balancing
    Explanation
    Load balancing is the best solution for increasing the availability of web-based applications for Internet clients. Load balancing distributes incoming network traffic across multiple servers, ensuring that no single server is overwhelmed with requests. This helps to prevent downtime and improves the overall performance and reliability of the applications. By evenly distributing the workload, load balancing also allows for scalability and flexibility in handling increased traffic.

    Rate this question:

  • 35. 

    Your network uses an authentication service base on X.500 specification. When encrypted, it uses TLS. Which authentication service is your network using?

    • (A) SAML

    • (B) Diameter

    • (C) Kerberos

    • (D) LDAP

    Correct Answer
    A. (D) LDAP
    Explanation
    The network is using LDAP (Lightweight Directory Access Protocol) as the authentication service based on the X.500 specification. LDAP is commonly used in network environments to access and manage directory information, such as user accounts and authentication credentials. The mention of TLS (Transport Layer Security) indicates that the communication between the network and the authentication service is encrypted, ensuring secure transmission of sensitive data.

    Rate this question:

  • 36. 

    You are tasked with configuring a switch so that it separates VoIP and data traffic. Which of the following provides the BEST solution?

    • (A) NAC

    • (B) DMZ

    • (C) SRTP

    • (D) VLAN

    Correct Answer
    A. (D) VLAN
    Explanation
    VLAN (Virtual Local Area Network) provides the best solution for separating VoIP and data traffic on a switch. VLAN allows the network administrator to create separate virtual networks within a physical network infrastructure. By assigning VoIP devices and data devices to different VLANs, the traffic can be isolated and kept separate from each other. This ensures that the VoIP traffic remains secure and prioritized, while also preventing any interference or congestion from the data traffic. NAC (Network Access Control) is a security solution, DMZ (Demilitarized Zone) is a network architecture, and SRTP (Secure Real-time Transport Protocol) is a security protocol, but none of them specifically address the requirement of separating VoIP and data traffic like VLAN does.

    Rate this question:

  • 37. 

    You need to send several large files containing proprietary data to a business partner. Which of the following is the BEST choice for this task?

    • (A) FTP

    • (B) SNMPv3

    • (C) SFTP

    • (D) SRTP

    Correct Answer
    A. (C) SFTP
    Explanation
    SFTP (Secure File Transfer Protocol) is the best choice for sending several large files containing proprietary data to a business partner. SFTP provides a secure and encrypted method of transferring files over a network. It ensures the confidentiality and integrity of the data being transferred, protecting it from unauthorized access or tampering. FTP (File Transfer Protocol) is not secure as it transmits data in plain text, SNMPv3 (Simple Network Management Protocol) is not designed for file transfer, and SRTP (Secure Real-time Transport Protocol) is used for securing real-time communication, not file transfer.

    Rate this question:

  • 38. 

    You suspect someone has been trying a brute force password attack on a Linux system. Which of the following logs should you check to view failed authentication attempts by users?

    • (A) /var/log/btmp

    • (B) /var/log/fail

    • (C) var/log/httpd

    • (D) /var/log/kern

    Correct Answer
    A. (A) /var/log/btmp
    Explanation
    To view failed authentication attempts by users, you should check the /var/log/btmp log on the Linux system. This log file records all failed login attempts, including those made by brute force password attacks. The other options (/var/log/fail, var/log/httpd, /var/log/kern) are incorrect as they do not specifically log failed authentication attempts.

    Rate this question:

  • 39. 

    Your email server is getting overloaded with spam and much of it is malicious. You need to implement a solution that can help reduce the amount of spam reaching the email server. Which of the following is the BEST choice?

    • (A) Reverse proxy

    • (B) Media gateway

    • (C) Web application firewall

    • (D) Mail gateway

    Correct Answer
    A. (D) Mail gateway
    Explanation
    A mail gateway is the best choice for reducing the amount of spam reaching the email server. A mail gateway acts as a filter, scanning incoming emails and blocking or flagging spam messages before they reach the email server. This helps to reduce the server's workload and prevents malicious content from entering the system. A reverse proxy, media gateway, and web application firewall are not specifically designed for spam filtering in email servers.

    Rate this question:

  • 40. 

    Marge, a security administrator, is tasked with ensuring that all devices have updated virus definition files before they can access network resources. Which of the following technologies would help her accomplish this goal? 

    • (A) NIDS

    • (B) NAC

    • (C) DLP

    • (D) DMZ

    Correct Answer
    A. (B) NAC
    Explanation
    NAC stands for Network Access Control. It is a technology that allows security administrators to ensure that all devices connecting to the network meet certain security requirements before being granted access to network resources. In this scenario, Marge can use NAC to enforce the requirement of having updated virus definition files on all devices before they can access network resources. NAC can verify the presence and currency of virus definition files on devices, ensuring that they are protected against malware threats before allowing them onto the network.

    Rate this question:

  • 41. 

    Management asks you if you can modify the wireless network to prevent users from easily discovering it. Which of the following would you modify to meet this goal? 

    • (A) CCMP

    • (B) WPA2 Enterprise

    • (C) SSID broadcast

    • (D) MAC address filter

    Correct Answer
    A. (C) SSID broadcast
    Explanation
    To prevent users from easily discovering the wireless network, you would modify the SSID broadcast. The SSID (Service Set Identifier) is the name of the wireless network that is broadcasted to allow devices to connect to it. By disabling the SSID broadcast, the network will not be visible to users scanning for available networks, making it more difficult for unauthorized users to find and connect to the network.

    Rate this question:

  • 42. 

    You have configured a firewall in your network to block ICMP traffic. You want to verify that it is blocking this traffic. Which of the following commands would you use? 

    • (A) arp

    • (B) ipconfig

    • (C) netstat

    • (D) ping

    Correct Answer
    A. (D) ping
    Explanation
    To verify that the firewall is blocking ICMP traffic, you would use the "ping" command. The ping command is used to send ICMP echo request packets to a specific network device or IP address and wait for a response. If the firewall is blocking ICMP traffic, the ping command will not receive a response from the target device, indicating that the traffic is being blocked. Therefore, using the ping command will help you confirm whether the firewall configuration is correctly blocking ICMP traffic.

    Rate this question:

  • 43. 

    Management within your company wants to restrict access to the Bizz app from mobile devices. If users are within the company's property, they should be granted access. If they are not within the company's property, their access should be blocked. Which of the following answers provides the BEST solution to meet this goal? 

    • (A) Geofencing

    • (B) Geolocation

    • (C) GPS tagging

    • (D) Containerization

    Correct Answer
    A. (A) Geofencing
    Explanation
    Geofencing is the best solution to restrict access to the Bizz app from mobile devices based on the user's location. Geofencing uses GPS or RFID technology to create a virtual boundary around a specific geographic area. By implementing geofencing, the company can define their property as the designated area where users are granted access to the app. When users are outside this boundary, their access will be automatically blocked, ensuring that only users within the company's property can use the app. Geofencing provides an effective and efficient way to control access based on location.

    Rate this question:

  • 44. 

    An organization has a large network with dozens of servers. Administrators are finding it difficult to review and analyze the logs from all the network devices. They are looking for a solution to aggregate and correlate the logs. Which of the following choices BEST meets this need? 

    • (A) Nmap

    • (B) Netcat

    • (C) Wireshark

    • (D) SIEM

    Correct Answer
    A. (D) SIEM
    Explanation
    SIEM stands for Security Information and Event Management. It is a solution that helps organizations aggregate and correlate logs from various network devices. SIEM systems collect and analyze logs in real-time, providing administrators with a centralized platform to review and analyze the data. This helps identify security incidents, detect anomalies, and respond to threats more effectively. Nmap, Netcat, and Wireshark are not designed for log aggregation and correlation, making SIEM the best choice for this need.

    Rate this question:

  • 45. 

    Management is concerned about malicious activity and wants to implement a security control that will detect unusual traffic on the network. Which of the following is the BEST choice to meet this goal?

    • (A) Network-based firewall

    • (B) Signature-based IDS

    • (C) Anomaly-base IDS

    • (D) Honeynet

    Correct Answer
    A. (C) Anomaly-base IDS
    Explanation
    An anomaly-based IDS is the best choice to detect unusual traffic on the network. Unlike a signature-based IDS, which relies on known patterns and signatures of attacks, an anomaly-based IDS can detect new and unknown threats by analyzing network traffic for deviations from normal behavior. This makes it more effective in detecting malicious activity that may not have a known signature. A network-based firewall, although it can provide some level of security, may not be as effective in detecting unusual traffic patterns as an anomaly-based IDS. A honeynet is a network decoy used to attract attackers, but it does not directly detect or prevent malicious activity.

    Rate this question:

  • 46. 

    Your organization recently implemented a BYOD policy. However, management wants to ensure that mobile devices meet minimum standards for security before they can access any network resources. Which of the following agents would the NAC MOST likely have?

    • (A) Permanent

    • (B) Health

    • (C) RADIUS

    • (D) Dissolvable

    Correct Answer
    A. (D) Dissolvable
    Explanation
    The NAC (Network Access Control) would most likely have dissolvable agents in this scenario. Dissolvable agents are temporary software components that are installed on mobile devices to check and enforce security policies before granting access to network resources. They are typically used in situations where devices need to meet minimum security standards before being allowed on the network. Unlike permanent agents, which remain on the device even after accessing the network, dissolvable agents are removed once the security checks are completed.

    Rate this question:

  • 47. 

    You need to implement anti-spoofing on a border router. Which one of the following choices will BEST meet this goal?

    • (A) Create rules to block all outgoing traffic from a private IP address.

    • (B) Implement a flood guard on switches.

    • (C) Add a web application firewall.

    • (D) Create rules to block all incoming traffic from a private IP address.

    Correct Answer
    A. (D) Create rules to block all incoming traffic from a private IP address.
    Explanation
    Creating rules to block all incoming traffic from a private IP address would be the best choice to implement anti-spoofing on a border router. Spoofing involves an attacker disguising their IP address to appear as a trusted private IP address. By blocking all incoming traffic from private IP addresses, the router can prevent spoofed traffic from entering the network, thereby enhancing security and mitigating potential spoofing attacks.

    Rate this question:

  • 48. 

    You are considering rebooting a database server and want to identify if it has any active network connections. Which of the following commands will list active network connections? 

    • (A) Arp

    • (B) Ipconfig

    • (C) Ping

    • (D) Netstat

    Correct Answer
    A. (D) Netstat
    Explanation
    The command "Netstat" is used to display active network connections on a computer. It provides information about the active connections, listening ports, and routing tables. By using this command, you can identify if the database server has any active network connections before rebooting it. The other options, such as "Arp," "Ipconfig," and "Ping," do not provide the same functionality as "Netstat" in listing active network connections.

    Rate this question:

  • 49. 

    An organization is hosting a VPN. Management wants to ensure that all VPN clients are using up-to-date operating systems and antivirus software. Which of the following would BEST meet this need? 

    • (A) NAT

    • (B) NAC

    • (C) VLAN

    • (D) DMZ

    Correct Answer
    A. (B) NAC
    Explanation
    NAC stands for Network Access Control. It is a security solution that ensures that only authorized and compliant devices can access a network. In this scenario, using NAC would be the best option to meet the organization's requirement of ensuring that all VPN clients are using up-to-date operating systems and antivirus software. NAC can enforce policies that require devices to have the latest updates and antivirus software before granting them access to the VPN. This helps to maintain the security and integrity of the network by preventing vulnerable or compromised devices from connecting.

    Rate this question:

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 13, 2021
    Quiz Created by
    Alfredhook3
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.