Protocol that uses SYN/ACK: TCP UDP IP HTTP.
Protocol that provides connectionless sessions (without a three- way handshake). TCP UDP ICMP HTTP.
Protocol used for testing basic connectivity and includes tools such as ping, pathping, and tracert. ICMP UDP IP DIG.
Resolves IPv4 addresses to media access control (MAC) addresses. ARP ICMP TCP NDP.
This performs several functions on IPv6. For example, it performs functions similar to IPv4’s ARP. It also performs autoconfiguration of device IPv6 addresses and discovers other IPv6 devices on the network such as the address of the default gateway. NDP ICMP RTP NSLOOKUP.
This delivers audio and video over IP networks. This includes Voice over Internet Protocol (VoIP) communications, streaming media, video teleconferencing RTP NDP FTP SNMP.
File Transfer Protocols FTP SSH SCP SSL/TLS IPSec SFTP FTPS.
POOLE attacks are associated with: SSL3.0 with cipher-block chaining (CBC) SSL2.0 with cipher-block chaining (CBC) TLS3.0 with cipher-block chaining (CBC) TLS2.0 with cipher-block chaining (CBC).
Port for SSH: 22 23 80 110.
Port for SMTP: 25 22 443 110.
POP3 uses port: 110 443 161 389.
IMAP4 and Secure IMAP use port: 143 110 25 443.
HTTP uses port:.
HTTPS uses port:.
Kerberos uses port:.
LDAP uses port: 389 636 88 110.
LDAPS uses port: 636 389 443 161.
Many Linux administrators use ____ when connecting to remote systems for administration, and secure the transmissions with SSH. Netcat RDP Shell Ifconfig.
Which port would administrators and clients often use to connect to other systems from remote locations using RDP? 3389 110 23 443.
What port does DNS use?.
What protocol resolves host names to IP addresses?.
DNS Records A AAAA MX CNAME.
An example of an _____ attack: Imagine an attacker wants to send users to a malicious web site each time they want to go to msn.com. Instead of sending users to the IP address used by msn.com, it will send users to the IP address of the malicious web site. DNS poisoning Drive-by attack ARP poisoning MITM.
Technicians use the ______ command (short for name server lookup) to troubleshoot problems related to DNS. For example, you can use this to verify that a DNS server can resolve specific host names or fully qualified domain names (FQDNs) to IP addresses. The _____ command-line tool has replaced the this tool on Linux systems.
Ports 49,152–65,535 are available for use by any application. Applications commonly use these ports to temporarily map an application to a port. These temporary port mappings are often called _____ ports, indicating that they are short lived.
______ often simply check to see if a well-known port is open because if it is not used, it should be closed to prevent against attacks. Port scanners Protocol analyzers VPN concentrators PING.
Which of the following reduces risk of an attacker capturing data with a protocol analyzer? hub switch router vpn.
Which of the following would protect against network loops? STP RTP DNSSEC IPSec.
A ______attempts to overload a switch with different MAC addresses associated with each physical port. flood attack DDoS ARP poisoning attack tunnel hijack.
Firewalls and Routers have ACLs that operated under the ______ rule. This means if you do not have a rule defined to allow specific traffic, it is automatically disallowed. It is the last rule listed in the ACL. Explicit deny Implicit deny Indeterminate deny Determinate deny.
Implicit deny is the ____ rule in an ACL. last first.
Which type of firewall blocks traffic based on an ACL? Stateless Stateful.
Which of the following directs traffic based on IP address? Router Switch Bridge Hub.
A ____ is the area between the two firewalls (FW1 and FW2) and hosts several Internet-facing servers. The two firewalls creating a
buffer zone between the Internet and the internal network.
An _____ is part of a network that can be accessed by authorized entities from outside of the network. For example, it’s common for organizations to provide access to authorized business partners, customers, vendors, or others. intranet extranet DMZ NAT.
Translates public IP addresses to private IP addresses and private addresses back to public; often runs on home wireless routers. What is this?.
NAT and IPSec are often used together. True False.
Which of the following would you associate with the use of airgaps? SCADA IPSec VLANS IoT.
It’s possible to segment traffic between logical groups of users or computers with a: VLAN airgap Wireless network Router.
Which of the following is required to create a VLAN? Layer 3 switch Hub Layer 2 switch Firewall.
A router is a layer ____ device. 2 4 7 3.
ARP attacks are based on ____. MAC IP Address Subnet mask ACL rules.
Is a VLAN susceptible to a ARP attack? Yes No.
A ________ forwards requests for services from a client. It provides ______ to improve performance and reduce internet bandwidth usage.
Which of the following would receive requests from the internet to a web server and can act as a load balancer? Reverse proxy server Proxy server Web Application Firewall NIPS.
A_____ is a single solution appliacance that combines multiple security controls. The overall goal of this device is to provide better security, while also simplifying management requirements. UTM TPM DLP ACL.
Provide increased segmentation of user computers by using ______. Flood guard VLAN Port scanner DMZ.
_____ monitors and manages network devices, such as routers or switches. This includes ability to modify the configuration of the devices or have network devices report status back to a central network management system. SNMPv3 LDAPS RTP NDS.
Which of the following would you associate a flood guard with? Router Switch.
Port for SNMPv3 389 161 53 686.