40100682
Description
Question 1
Question
Which statement describes the ping and tracert commands?
Answer
-
Tracert shows each hop, while ping shows a destination reply only.
-
Tracert uses IP addresses; ping does not.
-
Both ping and tracert can show results in a graphical display.
-
Ping shows whether the transmission is successful; tracert does not.
Question 2
Question
Which IPv6 address is most compressed for the full FE80:0:0:0:2AA:FF:FE9A:4CA3 address?
Answer
-
FE80:::0:2AA:FF:FE9A:4CA3
-
FE8::2AA:FF:FE9A:4CA3
-
FE80::0:2AA:FF:FE9A:4CA3
-
FE80::2AA:FF:FE9A:4CA3
Question 3
Question
Which command can be used on Linux and MAC hosts to get IP addressing information?
Answer
-
networksetup -getinfo
-
ipconfig
-
ip address
-
ifconfig
Question 4
Question
What type of IPv6 address is FE80::1?
Answer
-
global unicast
-
loopback
-
link-local
-
multicast
Question 5
Question
Which two statements are true about NTP servers in an enterprise network? (Choose two.)
Answer
-
There can only be one NTP server on an enterprise network.
-
NTP servers control the mean time between failures (MTBF) for key network devices.
-
NTP servers at stratum 1 are directly connected to an authoritative time source.
-
All NTP servers synchronize directly to a stratum 1 time source.
-
NTP servers ensure an accurate time stamp on logging and debugging information.
Question 6
Question
A small-sized company has 30 workstations and 2 servers. The company has been assigned a group of IPv4 addresses 209.165.200.224/29 from its ISP. The two servers must be assigned public IP addresses so they are reachable from the outside world. What technology should the company implement in order to allow all workstations to access services over the Internet simultaneously?
Answer
-
static NAT
-
dynamic NAT
-
DHCP
-
port address translation
Question 7
Question
Which statement describes a stateful firewall?
Answer
-
It can determine if the connection is in the initiation, data transfer, or termination phase.
-
It can expand the number of IP addresses available and can hide network addressing design.
-
It can filter packets based on information at Layers 3, 4, 5 and 7 of the OSI reference model.
-
It can only filter packets based on limited Layer 3 and 4 information.
Question 8
Question
Which impact does adding a Layer 2 switch have on a network?
Answer
-
an increase in the number of dropped frames
-
an increase in the size of the broadcast domain
-
an increase in the size of the collision domain
-
an increase in the number of network collisions
Question 9
Question
Data is being sent from a source PC to a destination server. Which three statements correctly describe the function of TCP or UDP in this situation? (Choose three.)
Answer
-
The source port field identifies the running application or service that will handle data returning to the PC.
-
The UDP destination port number identifies the application or service on the server which will handle the data.
-
UDP segments are encapsulated within IP packets for transport across the network.
-
TCP is the preferred protocol when a function requires lower network overhead.
-
The TCP source port number identifies the sending host on the network.
-
The TCP process running on the PC randomly selects the destination port when establishing a session with the server.
Question 10
Question
What is the function of the MIB element as part of a network management system?
Answer
-
to send and retrieve network management information
-
to change configurations on SNMP agents
-
to store data about a device
-
to collect data from SNMP agents
Question 11
Question
Which two devices allow hosts on different VLANs to communicate with each other? (Choose two.)
Answer
-
Layer 3 switch
-
hub
-
Layer 2 switch
-
repeater
-
router
Question 12
Question
Explanation: Members of different VLANs are on separate networks. For devices on separate networks to be able to communicate, a Layer 3 device, such as a router or Layer 3 switch, is necessary.
Answer
-
192.168.32.0
-
192.168.64.0
-
192.168.0.0
-
192.168.16.0
Question 13
Question
Which technique is used to help mitigate SQL injection attacks?
Answer
-
using the same owner or admin account in the web applications to connect to the database
-
limiting the read access to specific fields of a table or joins of tables
-
using stored procedures with the “db_owner” default role
-
assigning DBA or admin access rights to the application account
Question 14
Question
Which security device is used to make responses to client requests look like they all come from the same server?
Answer
-
stateful firewall
-
forward proxy
-
reverse proxy
-
jump box
Question 15
Question
What is a characteristic of a virtual machine running on a PC?
Answer
-
A virtual machine needs a physical network adapter to connect to the Internet.
-
A virtual machine runs its own operating system.
-
The number of virtual machines that can be made available depends on the software resources of the host machine.
-
A virtual machine is not susceptible to threats and malicious attacks.
Question 16
Question
Make sure na may maaalala kayo tangina nyo susungalngalin ko kayo -Reign
Answer
- True
- False
Question 17
Question
What is a characteristic of the blue-green upgrade deployment strategy?
Answer
-
A new environment is created with the new code in it, while the old environment is held in reserve in case users experience problems.
-
The code changes are periodically rolled out in such a way that they do not impact current users.
-
The new code is deployed all at once to the old environment. If users experience no issues, it is then moved to the new environment.
-
The new code version is first rolled out to a subset of users. Changes can then be rolled back if the users experience any problems.
Question 18
Question
These are clouds that locate computing as close as possible to the user.
Answer
-
public
-
private
-
hybrid
-
edge
Question 19
Question
These clouds are made up to two or more clouds. However, each part remains a distinctive and separate object. Both of these are connected using a single architecture.
Answer
-
public
-
private
-
hybrid
-
edge
Question 20
Question
These are clouds that are intended for a specific organization or entity, such as the government. They can be set up using the private network of an organization.
Answer
-
public
-
private
-
hybrid
-
edge
Question 21
Question
Which mitigation method is effective against cross-site scripting?
Answer
-
requiring multifactor authentication
-
consistent hardening of systems and applications
-
sanitizing untrusted content
-
using only necessary features and secure packages downloaded from official sources and verified with a signature
Question 22
Question
contains code that has been tested multiple times and is error free
Answer
-
development
-
testing
-
staging
-
production
Question 23
Question
includes automated tools such as Jenkins, CircleCl, or Travis Cl, and is often integrated with a version control system
Answer
-
development
-
testing
-
staging
-
production
Question 24
Question
where coding takes place
Answer
-
development
-
testing
-
staging
-
production
Question 25
Question
structurally as close to the actual production environment as possible
Answer
-
development
-
testing
-
staging
-
production
Question 26
Question
Which attack involves the insertion of malicious code into SQL statements?
Answer
-
SQL injection
-
cross-site scripting
-
brute force
-
local file inclusion
Question 27
Question
In software development, what is the purpose of a jump box?
Answer
-
to act as a single trusted machine used to launch connections to sensitive systems
-
to make all requests originating from within a network look like they come from the same source IP address
-
to filter packets based on Layer 3 and Layer 4 addressing
-
to receive incoming requests and forward them to multiple servers
Question 28
Question
Which characters are used to separate batched SQL statements?
Answer
-
semicolons ;
-
colons :
-
parentheses ()
-
pound signs #
Question 29
Question
What is a philosophy for software deployment used in the field of DevOps?
Answer
-
OWASP
-
DevNet
-
SOAP
-
CI/CD
Question 30
Question
Which statement is a characteristic of the broken access control threat to web applications?
Answer
-
It allows attackers to access, and potentially change, serialized versions of data and objects.
-
It allows an attacker to use the dynamic functions of a site to inject malicious content into the page.
-
It allows users to circumvent existing authentication requirements.
-
It allows attackers to steal sensitive information such as passwords or personal information.
Question 31
Question
Which technology is used to containerize applications and allows them to run in a variety of environments?
Answer
-
Docker
-
GitHub
-
VirtualBox
-
Cisco DNA
Question 32
Question
explains ways to mitigate command security issues in web application
Answer
-
Cheat Sheet Series
-
Dependency Check
-
DefectDojo
-
ModSecurity Core Rule Set
Question 33
Question
looks for known vulnerabilities in code
Answer
-
Cheat Sheet Series
-
Dependency Check
-
DefectDojo
-
ModSecurity Core Rule Set
Question 34
Question
streamlines the code testing process
Answer
-
Cheat Sheet Series
-
Dependency Check
-
DefectDojo
-
ModSecurity Core Rule Set
Question 35
Question
generic attack detection rules used with web application firewalls
Answer
-
Cheat Sheet Series
-
Dependency Check
-
DefectDojo
-
ModSecurity Core Rule Set
Question 36
Question
What is used to isolate the different parts of a running container?
Answer
-
wrappers
-
namespaces
-
control groups
-
union file systems
0 comments
Want to create your own Quizzes for free with GoConqr? Learn more.