Which of the following means of wireless authentication is easily vulnerable to spoofing?

Which of the following implementation steps would be appropriate for a public wireless hot- spot?

Which of the following controls would allow a company to reduce the exposure of sensitive systems from
unmanaged devices on internal networks?

A network administrator has been tasked with securing the WLAN. Which of the following cryptographic
products would be used to provide the MOST secure environment for the WLAN?

A security administrator is segregating all web-facing server traffic from the internal network and restricting it to
a single interface on a firewall. Which of the following BEST describes this new network?

Which of the following network design elements allows for many internal devices to share one public IP
address?

A company determines a need for additional protection from rogue devices plugging into physical ports around
the building. Which of the following provides the highest degree of protection from unauthorized wired network
access?

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4
protocol. Which of the following is a wireless encryption solution that the technician should implement while
ensuring the STRONGEST level of security?

An administrator has a network subnet dedicated to a group of users. Due to concerns regarding data and
network security, the administrator desires to provide network access for this group only. Which of the following
would BEST address this desire?

An organization does not have adequate resources to administer its large infrastructure. A security
administrator wishes to combine the security controls of some of the network devices in the organization. Which
of the following methods would BEST accomplish this goal?

Which of the following would allow the organization to divide a Class C IP address range into several ranges?

A security administrator wishes to increase the security of the wireless network. Which of the following BEST
addresses this concern?

Sally, a sales manager, successfully connected her company-issued smartphone to the wireless network in her
office without supplying a username/password combination. Upon disconnecting from the wireless network, she
attempted to connect her personal tablet computer to the same wireless network and could not connect.
Which of the following is MOST likely the reason?

A network technician is on the phone with the system administration team. Power to the server room was lost
and servers need to be restarted. The DNS services must be the first to be restarted. Several machines are
powered off. Assuming each server only provides one service, which of the following should be powered on
FIRST to establish DNS services?

A security technician at a small business is worried about the Layer 2 switches in the network suffering from a
DoS style attack caused by staff incorrectly cabling network connections between switches.
Which of the following will BEST mitigate the risk if implemented on the switches?

An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation
pattern to connect two buildings separated by a very long distance. Which of the following antennas would be
BEST for this situation?

A security analyst is reviewing firewall logs while investigating a compromised web server. The following ports
appear in the log:
22, 25, 445, 1433, 3128, 3389, 6667
Which of the following protocols was used to access the server remotely?

An organization does not want the wireless network name to be easily discovered. Which of the following
software features should be configured on the access points?

A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that
they can connect their laptops and mobile devices.
Which of the following technologies should be employed to separate the administrative network from the
network in which all of the employees' devices are connected?

When performing the daily review of the system vulnerability scans of the network Bob, the administrator,
noticed several security related vulnerabilities with an assigned vulnerability identification number. Bob
researches the assigned vulnerability identification number from the vendor website. Bob proceeds with
applying the recommended solution for identified vulnerability.
Which of the following is the type of vulnerability described?

While configuring a new access layer switch, the administrator, Bob, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens?

Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed
using the same password. The company's network device security policy mandates that at least one virtual
terminal have a different password than the other virtual terminals. Which of the following sets of commands
would meet this requirement?

After entering the following information into a SOHO wireless router, a mobile device's user reports being
unable to connect to the network:
PERMIT 0A: D1: FA. B1: 03: 37
DENY 01: 33: 7F: AB: 10: AB
Which of the following is preventing the device from connecting?

Which of the following MOST interferes with network-based detection techniques?

Thomas, a network administrator, is capturing packets on the network and notices that a large amount of the
traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from
the other traffic?

Which of the following is BEST used as a secure replacement for TELNET?

Which of the following is a difference between TFTP and FTP?

Suspicious traffic without a specific signature was detected. Under further investigation, it was determined that
these were false indicators. Which of the following security devices needs to be configured to disable future
false alarms?

Alice, a security administrator, has observed repeated attempts to break into a server. Which of the following is
designed to stop an intrusion on a specific server?

Which of the following allows Thomas, a security technician, to provide the MOST secure wireless
implementation?

Thomas, the compliance manager, wants to meet regulations. Thomas would like certain ports blocked only on
all computers that do credit card transactions. Which of the following should Thomas implement to BEST
achieve this goal?

Thomas, the system administrator, wishes to monitor and limit users' access to external websites.
Which of the following would BEST address this?

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the
internal interface of the firewall to be translated to one public IP address on the external interface of the same
firewall. Which of the following should Sara configure?

Thomas needs to open ports on the firewall to allow for secure transmission of files. Which of the following
ports should be opened on the firewall?

Which statement is TRUE about the operation of a packet sniffer?

Which of the following firewall rules only denies DNS zone transfers?

Which of the following technologies can store multi-tenant data with different security requirements?

Which of the following devices would MOST likely have a DMZ interface?

Which default port number is secure?

Which should you do so that your wireless signal does not reach all the way out to the parking lot?

Admin Bob took a new WAP out of the box, plugged it in, and walked away. An attacker was able to access the
WAP using an administrator account. Which would have prevented the attack?

You enter the wireless network information into your computer correctly and connect to the network. You
remain connected, but you can't access any resources on the network. Which is the most likely reason?

Which would allow home users to access internal company resources?

You have two routers connected together, which then connect to two switches, which are also connected
together via fiber. How would you prevent unauthorized devices from connecting to the network?

Your wireless network is dropping packets and degrading service only during certain times of day. What should
be your first troubleshooting step?

You look at your router Access Control List and you see that it allows web, email, and SSH traffic. For some
reason though, some users are unable to access network printing services. Which could be blocking this?

Your company allows business partners to connect to several of your application servers located at the main
office. What can the main office implement to protect the rest of the company from those business partners?

Which protocol provides secure access to log on to a remote server's console to do some maintenance?

Which provides a more secure connection than WPA TKIP?

Which solution would scan web traffic for malware and block it if malware is found, and could also block certain
websites that are inappropriate?

How do you prevent unauthorized devices from connecting to the network via your network drops?

Which subnet mask would put these 4 PC's on different broadcast domains?
PC1 = 10.10.10.4
PC2 = 10.10.10.10
PC3 = 10.10.10.17
PC4 = 10.10.10.26

Choose the port numbers in the proper order to match the order of these protocols: FTP, TFTP, Telnet, HTTP.

Choose the port numbers in the proper order to match the order of these protocols: HTTPS, SMTP, SNMP,
SCP.

Which of the following should be considered to mitigate data theft when using CAT5 wiring?