A network technician has been tasked to configure a new network monitoring tool that will examine interface settings throughout various network devices. Which of the following would need to be configured on each network device to provide that information in a secure manner?
Correct Answer: D
The network monitoring need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.
A technician wants to securely manage several remote network devices. Which of the following should be implemented to securely manage the devices?
Correct Answer: C
To manage the remote network devices we need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.
A technician needs to secure web traffic for a new e-commerce website. Which of the following will secure traffic between a web browser and a website?
Correct Answer: A
Secure Sockets Layer (SSL) provides cryptography and reliability for upper layers (Layers 5?) of the OSI model. SSL (and TLS) provide secure web browsing (web traffic) via Hypertext Transfer Protocol Secure (HTTPS).
A company has seen an increase in ransomware across the enterprise. Which of the following should be implemented to reduce the occurrences?
A. ARP inspection
B. Intrusion detection system
C. Web content filtering
Correct Answer: C
Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed.
The best way to avoid ransomware include proactive measures like the following:
Don’t click on any URL or open an attachment you are not expecting Implement an email content filtering service
Install a web content filtering service
Invest in leading end point security software solutions
A company wants to make sure that users are required to authenticate prior to being allowed on the network. Which of the following is the BEST way to accomplish this?
C. Single sign-on
Correct Answer: A
For security purposes, some switches require users to authenticate themselves (that is, provide credentials, such as a username and password, to prove who they are) before gaining access to the rest of the network. A standards-based method of enforcing user authentication is IEEE 802.1X.
A wireless network technician for a local retail store is installing encrypted access points within the store for real-time inventory verification, as well as remote price checking capabilities, while employees are away from the registers. The store is in a fully occupied strip mall that has multiple neighbors allowing guest access to the wireless networks. There are a finite known number of approved handheld devices needing to access the store’s wireless network. Which of the following is the BEST security method to implement on the access points?
A. Port forwarding
B. MAC filtering
D. IP ACL
Correct Answer: B
MAC filtering allows traffic to be permitted or denied based on a device’s MAC address. We make a MAC filtering which contains the MAC addresses of all approved devices that need to access the wireless network. This ensures that only approved devices are given access to the network.
A network technician has set up an FTP server for the company to distribute software updates for their products. Each vendor is provided with a unique username and password for security. Several vendors have discovered a virus in one of the security updates. The company tested all files before uploading them but retested the file and found the virus. Which of the following could the technician do for vendors to validate the proper security patch?
A. Use TFTP for tested and secure downloads
B. Require biometric authentication for patch updates
C. Provide an MD5 hash for each file
D. Implement a RADIUS authentication
Correct Answer: C
If we put an MD5 has for each file we can see if the file has been changed or not.
MD5 is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a fingerprint is to the specific individual.
During a check of the security control measures of the company network assets, a network administrator is explaining the difference between the security controls at the company. Which of the following would be identified as physical security controls? (Select THREE).
C. Man traps
E. Cipher locks
Correct Answer: CDE
Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.
C: A mantrap is a mechanical physical security devices for catching poachers and trespassers.
They have taken many forms, the most usual being like a large foothold trap, the steel springs being armed with teeth which met in the victim’s leg.
D: Biometric authentication is a type of system that r
elies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. Biometric authentication is a physical security device.
E: Cipher locks are used to control access to areas such as airport control towers, computer rooms, corporate offices, embassies, areas within financial institutions, research and development laboratories, and storage areas holding weapons, controlled substances, etc.
Cipher locks are physical security devices.
Which of the following physical security controls prevents an attacker from gaining access to a network closet?
B. Proximity readers
C. Motion sensors
D. IP cameras
Correct Answer: B
A proximity card is a physical card which used to get access to a physical area such as a network closet.
It is a “contactless” smart card which can be read without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards and “contact” type smart cards. The proximity cards are part of the Contactless card technologies. Held near an electronic reader for a moment they enable the identification of an encoded number.
Note: Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.
A technician needs to install software onto company laptops to protect local running services, from external threats. Which of the following should the technician install and configure on the laptops if the threat is network based?
A. A cloud-based antivirus system with a heuristic and signature based engine
B. A network based firewall which blocks all inbound communication
C. A host-based firewall which allows all outbound communication
D. A HIDS to inspect both inbound and outbound network communication Correct Answer: C
A host-based firewall is a computer running firewall software that can protect the computer itself.
For example, it can prevent incoming connections to the computer and allow outbound communication only.