TỔNG HỢP Q&A MÔN AN NINH MẠNG Chapter 1: MODERN NETWORK SECURITY THREATS 1/ Which method is of gaining access to a system that by passes normal security measures? A. Creating a back door B. Starting a Smurf attack C. Conducting social engineering D. Launching a DoS attack Answer: A 2/ Which statement is true about a Smurf attack? A. It sends ping request to a subnet, requesting that devices on the subnet send ping replies to a target system. B. It intercepts the third step in a TCP three-way handshake to hijack a session. C. It uses Trojan horse applications to create a distributed collection of “zombie” computers, which can be used to launch a coordinated DdoS attack. D. It sends ping requests in segments of an invalid size. Answer: A 3/ What are four methods used by hackers? (Choose four) A. Social engineering attack. B. Trojan horse attack. C. Front door attack. D. Buffer Unicode attack. E. Privilege escalation attack. F. Footprint analysis attack. Answers: A B E F 4/ Which option ensures that data is not modified in transit? A. Authentication B. Integrity C. Authorization D. Confidentiality Answer: B 5/ When did the first hacking (Phone Freaks) begin? A. 1955 B. 1971 C. 1960 D. 1988 Answer: C 6/ What is the name of first email virus? Answer: Mellisa 7/ Which of following is an external threat? A. An unpatched system B. Port Scanning C. Default Configurations D. Insecure Programming practices Answer: B 8/ Which of the following is a group of computers that have been compromised and are controlled by a third party? A. Hotnet B. Botnet C. LANnet D. DoSnet Answer: B 9/ A Smurf attack is an attack on which tenet of the network security objectives? A. Confidentiality B. Reliability C. Availability D. Integrity Answer: C 10/ Which of the following are form of Access Attack? (Multi choose) A. Sniffer B. SQL Slammer C. Ping Sweep D. Port Redirection E. Buffer Overflow Answers: A D E Chapter 2: SECURING NETWORK DEVICES 1/ As a network engineer, you are responsible for the network. Which one will be necessarily taken into consideration when implementing Syslogging in your network? A. Log all messages to the system buffer so that they can be displayed when accessing the router. B. Use SSH to access your Syslog information. C. Enable the highest level of Syslogging avaible to ensure you log all posssible event messages. D. Syncronize clocks on the network with a protocol such as Network Time Protocol. Answer: D 2/ As a candidate for CCNA examination, when you are familiar with the basic commands, if you input the command “enable secret level 5 password” in the global mode, what does it indicate? A. Set the enable secret command to privilege level 5. B. The enable secret password is hashed using SHA. C. The enable secret password is hashed using MD5. D. The enable secret password is encrypted using Cisco proprietary level 5 encryption. E. The enable secret password is for accessing exec privilege level 5. Answer: E 3/ Which three items are Cisco best-practice recommendations for securing a network? (Choose three) A. Deploy HIPS solfware on all end-user workstations. B. Routinely apply patches to operating systems and applications. C. Disable unneeded services and ports on hosts. D. Require strong passwords, and enable password expiration. Answers: B C D 4/ Given the exhibit below. You are a network manager of your company. You are reading your Syslog server reports. On the basis of the Syslog message shown, which two descriptions are correct? (Choose two) Feb 1 10 : 12 : 08 PST: %SYS-5-CONFIG_1: Configured from console by vty0 (10.2.2.6) A. This messages is a level 5 notification message. B. This messages is unimportant and can be ignored. C. This is a normal system-generated information message and does not require further investigation. D. Service timestamps have been globally enabled. Answers: A D 5/ For the following items, which management topology keeps management traffic isolated from production traffic? A. OOB B. SAFE C. MARS D. OTP Answer: A 6/ If a switch is working in the fail-open mode, what will happen when the switch’s CAM table fills to capacity and a new frame arrives? A. The switch sends a NACK segment to the frame’s source MAC address. B. A copy of the frame is forwarded out all switch ports other than the port the frame was received on. C. The frame is dropped. D. The frame is transmitted on the native VLAN. Answer: B 7/ What is the purpose of the secure boot-config global configuration? A. Back up the Cisco IOS image from flash to a TFTP server. B. Enables Cisco IOS image resilience. C. Takes a snapshot of the router running configuration and securely archives it in persistent storage. D. Stores a secured copy of the Cisco IOS image in its persistent storage. Answer: C 8/ When configuring role-based CLI on a Cisco router, which action will be taken first? A. Create a passer view called “root view”. B. Log in to the router as the root user. C. Enable role-based CLI globally on the router using the privileged EXEC mode Cisco IOS command. D. Enable the root view on the router. Answer: D 9/ Which command can turn on logging of unsuccessful login attempts? (Choose two) A. Auto secure B. Logging failure C. Logging on failure log D. Logging login failure E. Auto log Answers: A C 10/ What is the name of secure files used in conjunction with the Cisco IOS Resilient Configuration? (Multi choice) A. Configset B. Bootset C. Startup-config-secure D. Running-config-secure E. Config-set Answers: B C 11/ Which of the following is the graphical user enviroment that is used to configure many router settings and provides several winzards to automate certain tasks? A. ACS B. ASDM C. STP D. SDM E. CDP Answer: D 12/ Which command confers the traceroute command privileges to level 4? A. Privilege exec level 4 traceroute B. Privilege level 4 traceroute C. Privilege 4 traceroute D. Authorization 4 traceroute Answer: A 13/ Which command configure a minimum password length of 8 for any password configured on router? A. Security password length 8 B. Security password min-length 8 C. Password length 8 D. Password security length 8 Answer: B 14/ Which of the following is the global configuration mode command to encrypt any plaintext passwords in a Cisco configuration? A. Sevice-password encryption B. Sevice password-encryption C. Sevice encryption-password D. Sevice encryption E. Sevice level encryption Answer: B 15/ In generating RSA key, what does Cisco recommend for the key modulus size? A. 512 B. 2048 C. 1024 D. 4096 E. 256 Answer: C 16/ What type of encryption is used with a type 5 encryption password in a Cisco router configuration? A. SHA B. MD5 C. SSL D. RC4 Answer: B Chapter 3: AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING [...]... IMPLEMENTING Ans: C Ans: B FIREWALL TECHNOLOGIES Ans: B Ans: D Ans: A B C Ans: D Ans: A Ans: D Ans: D Ans: A C D Ans: C Ans: B Ans: B Ans: C Chapter 5: IMPLEMENTING INSTRUSION PREVENTION Ans: C Ans: A Ans: B Ans: B Ans: B Ans: A Ans: D Ans: B C Ans: C Ans: B C Chapter 6: SECURE Ans: B D Ans: B LOCAL AREA NETWORK Ans: C Ans: B C Ans: C Ans: B Ans: C Ans: E Ans: D Ans: A Ans: B Ans: A C Ans: A C Chapter... SECURE Ans: B D Ans: B LOCAL AREA NETWORK Ans: C Ans: B C Ans: C Ans: B Ans: C Ans: E Ans: D Ans: A Ans: B Ans: A C Ans: A C Chapter 7: CRYPTOGRAPHIC Ans: B Ans: A SYSTEMS Ans: D Ans: C Ans: D Ans: D Ans: B Ans: A Ans: B C Ans: A B Ans: B D Ans: A Ans: C Ans: B . TECHNOLOGIES Ans: C Ans: B Ans: B Ans: D Ans: A B C Ans: D Ans: A Ans: D Ans: D Ans: A C D Ans: C Ans: B Ans: B Ans: C Chapter 5: IMPLEMENTING INSTRUSION PREVENTION Ans: C Ans: A Ans: B Ans: B Ans: B Ans: A . RC4 Answer: B Chapter 3: AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING