CCNA Security Chapter 1 Quiz & Exam

data plane

management plane

control plane

forwarding plane

An access attack has occurred.

A virus has infected the computers.

A DoS attack has been launched against the network.

The computers are subject to a reconnaissance attack.

worm

virus

Trojan horse

botnet

to prevent other users from accessing the system

to gather information about the network

to scan for accessible networks

to retrieve data

All network and internetwork data communications should be encrypted.

Accounts should be disabled after a specific number of unsuccessful logins.

Devices in networks should not access and use one another unnecessarily and unconditionally.

Encrypted and one-time passwords should be used at all times.

Network access should be controlled by multifactor authentication.

by executing code that corrupts or deletes system files

by continuously sending packets of unexpected size or unexpected data

by using a dictionary of passwords to attempt to access the system

by intercepting and analyzing or manipulating data as it is sent across the network

a gate

exit sensors

security traps

biometrics access

continuous video surveillance

taking over a virtual machine hypervisor as part of a data center attack

overclocking the mesh network which connects the data center servers

adding outdated security software to a virtual machine to gain access to a data center server

using processors from multiple computers to increase data processing power

IPS

Snort IDS

Security Intelligence Operations

zone-based policy firewall

A virus is triggered by an event on the host system.

Once installed on a host system, a virus will automatically propagate itself to other systems.

A virus can execute independently of the host system.

Virus malware is only distributed over the Internet.

antivirus software

encryption

antisniffer software

blocking ICMP echo and echo-replies

A hacker uses password-cracking programs to gain access to a computer via a dialup account.

A hacker gains unauthorized access to networks via wireless access points.

A hacker mimics a tone using a whistle to make free long-distance calls on an analog telephone network.

A hacker uses a program that automatically scans telephone numbers within a local area, dialing each one in search of computers, bulletin board systems, and fax machines.

using encrypted or hashed authentication protocols

installing antivirus software on hosts

deploying antisniffer software on all network devices

blocking ICMP echo and echo-replies at the network edge

Internal threats can cause even greater damage than external threats

Threats have become less sophisticated while the technical knowledge needed by an attacker has grown

Early Internet users often engaged in activities that would harm other users

Internet architects planned for network security from the beginning.

launching a security countermeasure to mitigate a Trojan horse

sending repeated connections such as Telnet to a particular device, thus denying other data sources.

downloading and installing too many software updates at one time

attempting to write more data to a memory location than that location can hold

sending too much information to two or more interfaces of the same device, thereby causing dropped packets

status among peers

fame seeking

financial gain

political reasons

trust exploitation

buffer overflow

man in the middle

port redirection

data plane

control plane

management plane

forwarding plane

using encrypted or hashed authentication protocols

installing antivirus software on all hosts

blocking ICMP echo and echo-replies at the network edge

deploying intrusion prevention systems throughout the network

to gain financial prosperity

to sell operation system vulnerabilities to other hackers

to gain attention

to right a perceived wrong

identifying and stopping malicious traffic

authenticating users

enforcing policy

identifying applications

Treatment

containment

inoculation

quarantine

by sending a large number of packets to overflow the allocated buffer memory of the target device

by sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network

by sending a large number of TCP SYN packets to a target device from a spoofed source address

by sending an echo request in an IP packet larger than the maximum packet size of 65,535 bytes

Malware is contained in a seemingly legitimate executable program

Extreme quantities of data are sent to a particular network device interface.

An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.

Too much information is destined for a particular memory block causing additional memory areas to be affected.

Create a security policy.

Conduct a risk assessment.

Inventory and classify IT assets.

Create a security governance model.

A worm can execute independently

A worm must be triggered by an event on the host system.

Worm malware disguises itself as legitimate software

Once installed on a host system, a worm does not replicate itself.

when the primary firewall in the data center crashes

when an attacker hijacks a VM hypervisor and then launches attacks against other devices in the data center

when the primary IPS appliance is malfunctioning

when a VM that may have outdated security policies is brought online after a long period of inactivity

trust exploitation

denial of service

reconnaissance

port redirection

a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services.

a software application that enables the capture of all network packets that are sent across a LAN

a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain

a network scanning technique that indicates the live hosts in a range of IP addresses

prevention

nonprevention