Computer Network Security is very complex. New threats from inside and outside networks appear constantly. In response, the security community is constantly developing new products and procedures to defend against threats of the past and unknown threats of the future.
As companies merge, people lose their jobs, new equipment comes online, and business tasks change, people do not always do what you expect. Network security configurations that worked well yesterday might not work quite as well
- The Ultimate Network Security Checklist – 2023 Complete Guide
- A Comprehensive Guide to Crafting Strong Passwords
- Top 28 Essential Tips To Safeguard Your Computer
- 26 Tips for Secure Browsing and Online Shopping
- Essential Guiding Principles for Secure Computer Usage
- Protect Your PC: A Guide to Securing Your Browser for Maximum Safety
- Crafting a Strong Password – Tips and Tricks
- Top 10 Key Challenges in Securing IoT Networks
- Top 10 Challenges of Computer Security
- How SSL (Secure Sockets Layer) Works – A Brief Guide
Network security is the control of unwanted intrusion into, use of, or damage to communications on a computer network. This includes monitoring for abuses, looking for protocol errors, blocking nonapproved transmissions, and responding to problems promptly and accurately.
Network security is also about supporting essential communication necessary to the organization’s mission and goals, avoiding the unapproved use of resources, and ensuring the integrity of the information traversing the network.
1. Which of the following best describes the principle of least privilege?
A. Allow the user to have access to only the items on their payment plan
B. Allow the user to access items only during their normal scheduled work hours
C. Develop a patch only after the exploit has been discovered and publicized
D. Allow the user access to only what is essential for their job responsibilities
2. Which of the following best describes the concept of risk?
A. The unsecured content on a network that may be used to gain access to the network
B. The surface that is exposed when a network is live that hackers can use for access
C. The solution that incorporates the best solution for a particular network
D. The likelihood that a threat will take advantage of vulnerability on the network
3. What is the most important characteristic of an effective security goal?
A. It is inexpensive.
B. It is possible with currently deployed technologies.
C. It is written down.
D. It is approved by all personnel.
4. Which of the following is true of network security?
A. Use of a framework ensures success in securing a network.
B. Network security includes elements preventing unwanted access and action.
C. It is easy to apply the latest fixes to any network setup.
D. Network security can often be ensured with no monetary outlay.
5. What is the primary security concern with wireless connections?
B. Signal range
C. Support for IPv6
D. Connection speed
6. What does Van Eck phreaking allow?
A. Attackers to encrypt the hard drive of a device until a ransom is paid
B. Submission of enough packets that a denial of service attack persists
C. Attackers to eavesdrop on electronic devices from a device
D. Limitation of access to any physical device on the network
7. Which of the following best describes the concept of hardening?
A. The removal of items from the cloud to physical storage locations
B. The allowance of users to access networks through their own devices
C. The process of securing or locking down a host against threats and attacks
D. The removal of unnecessary software from workgroup computers and devices
8. Which of the following best describes network availability?
A. Protection against unauthorized changes while allowing authorized changes
B. Protection against unnecessary costs while allowing reasonable expenditures
C Protection against downtime while supporting authorized access to resources
D. Protection against unauthorized access while providing authorized access
9. For what type of threat are there no current defenses?
B. Malicious code
C. Unauthorized software
D. Hardware failure
10. Which of the following best describes no repudiation?
A. It prevents a user from being able to deny having performed an action.
B. It controls what users are allowed to do and not allowed to do.
C. It is proof of a user’s identity prior to granting access to a secured area.
D. It ensures that malicious code is not rampant on a corporate network.
11. Which type of hacker represents the greatest threat because they likely already have physical access to a target?
12. Most exploits are based on the existence of which of the following?
A. Bandwidth speed
B. Human beings
C. Filtering protocols
D. System anomalies
13. What is the first stage or step in the hacking process?
14. Which form of attack captures authentication packets to retransmit them later?
15. Which form of attack submits excessive amounts of data to a target to cause arbitrary code execution?
A. Buffer overflow
16. Which attack is based on the impersonation of a legitimate host?
17. Which method of communication is unseen, unfiltered, and based on timed manipulations?
A. Buffer overflow
B. Covert channel
C. IDS insertion
18. Which attack uses nontechnical means to achieve results?
A. Buffer overflow
B. Covert channel
C. Social engineering
D. SQL injection
19. What does a hacker exploit in a target system?
A. A botnet
B. A vulnerability
C. Multifactor authentication
D. Traffic filtering
20. Which of the following might a hacker launch if the other attempts are not successful?
A. Buffer overflow
B. Fallback attack
C. Covert channels
D. Zombie attack
21. A protocol converter is another name for what device?
22. Which of the following is a downside of using a workgroupfor business network activities?
A. Workgroups do not have a central authority that controls or restricts network activity.
B. Workgroups offer each member the ability to secure their resources from the rest of the devices.
C. Workgroups allow the security defined for one member to apply to that member only.
D. Workgroups are often more cost effective for small companies and SOHO installations.
23. Which of the following is a type of passive hub?
A. Punch panel
24. Which of the following is a type of smart hub?
25. Which device works at Layer 2 (Data Link Layer) and uses MAC addresses to differentiate traffic?
D. Punch panel
26. What is the term for the unique address identifying hardware assigned by the manufacturer under the guidance of the FCC?
A. MAC address
B. IPv4 address
C. Loopback address
D. IPv6 address
27. Which of the following is true about a star topology?
A. It requires less wiring than a traditional bus network.
B. It is more secure than a mesh network.
C. It requires less wiring than a wireless network.
D. It is more fault-tolerant than a bus network.
28. Which of the following is not true of a logical network?
A. It is possible for a network to have the same logical and physical topologies.
B. It is possible for computers physically located side by side to be on different subnets in the logical network.
C. It is possible for the physical network to be a star and the logical network to be a ring.
D. It is possible for the physical network to employ a gateway.
29. Which of the following networks provides the most redundancy?
30. Which of the following network topologies requires the use of terminators?
31. Which of the following should be done as part of router configuration?
A. Copy and paste the configuration to all routers and firewalls
B. Enable a warning banner for all attempted connections
C. Require SNMP v 2 or earlier for consistency
D. Drop all encrypted packets within the network perimeter
32. Which of the following is not a type of attack against password use?
33. Which of the following is part of a defense-in-depth strategy?
A. Avoid single points of failure
B. Avoid having multiple redundancies
C. Avoid removing the default account
D. Avoid using devices from different manufacturers
34. Which addressing class is 192.168.32.16?
A. Class A
B. Class B
C. Class C
D. Class D
35. Which of the following is an example of redundancy?
A. A firewall at each physical perimeter
B. Using multifactor authentication
C. Encrypting communication outside the network
D. An uninterruptable power supply
36. Which of the following best defines security through obscurity?
A. Changing the names taped to all physical devices
B. Changing the logical names of all devices
C. Hiding the network in order to secure it
D. Expanding the network to hide individual devices
37. When considering multifactor authentication, which of the following is something you have?
A. An iris scan
B. An ID card
C. A spoken phrase
D. A password
38. Which of the following is commonly referred to as access control?
39. Which of the following is true of IPv4 versus IPv6?
A. IPv4 is more expensive to implement that IPv6.
B. IPv4 is more time-consuming when building packets.
C. IPv4 is used less and therefore less is known about it.
D. IPv4 is plaintext transmission by default.
40. Which of the following best describes a dynamic password token?
A. A device that shows a random password
B. Radio-frequency identification (RFID) chip
C. Identification (ID) badge
D. Smart card
41. Which of the following is true of firewall rules?
A. Rules follow the allow by default/deny by exception philosophy.
B. No rules on a firewall are exceptions.
C. All rules on a firewall are exceptions.
D. The final rule is that anything that did not match one of the exceptions is allowed by default.
42. Which of the following attacks is not stopped by a border firewall?
A. Port scans
B. Protocol abuses
C. Inside client to internal host attack
D. Flooding attacks
43. Which of the following is not true of firewalls?
A. A firewall is a type of authentication system.
B. A firewall can filter traffic.
C. A firewall can provide routing functions.
D. A firewall is a traffic control device.
44. Which of the following best defines ingress filtering?
A. Blocking traffic leaving a network
B. Limiting host activities to that host
C. Monitoring traffic on its way into the network
D. Denying all traffic to specific ports
45. What is another name for dynamic packet filtering?
A. Stateful inspection
B. Static packet filtering
C. Structured packet filtering
D. Sequential inspection
46. Which of the following is a method of filtering that automatically keeps track of sessions on a limited timeout basis to allow the responses to queries to reach internal systems?
A. Application filtering
B. Deep packet inspection
C. Dynamic packet filtering
D. Static packet filtering
47. Which of the following is a form of filtering that allows communication, regardless of whether a session was previously established?
A. Circuit proxy
B. Dynamic packet filtering
C. Deep packet inspection
D. Stateless filtering
48. Which activity differentiates a triple-homed firewall from a dual-homed firewall?
A. Physical isolation of subnets
B. Deployment of the device as an appliance
C. Deployment of traffic from the Internet to a DMZ
D. Filtering of content including attachment deletion
49. When deploying software firewalls, what is the maximum number that should be operational on a single system at one time?
50. Which of the following is not a content-filtering method?
A. Domain name
B. Source IP address
C. Keywords in the packet
51. Which of the following are the two distinct areas that mustbe protected with firewalls?
A. Access and controls
B. File sharing and printing capabilities
C. Network and transaction security
D. WAN traffic and cellular signals
52. Which agency was created to alert the public to emerging privacy issues related to the National Information Infrastructure?
53. Which of the following is not one of the overlapping types of risk in network and transaction security?
A. Transaction data can be intercepted
B. The server hardware can fail
C. Information about the server can be accessed
D. Unauthorized individuals can breach the server’s document tree
54. Which of the following is the best way to treat private messages as confidential?
A. Send messages from personal email accounts
B. Send the message to everyone so it is no longer private
C. Encrypt the message so it stays private
D. Do not send private business messages
55. Which of the following best describes nonrepudiation?
A. An action is copied onto several systems so it is redundant
B. An action is logged so it can be recovered if deleted
C. An action is repeated so it is redundant
D. An action cannot be denied as occurring
56. Which of the following tools is not a troubleshooting tool for firewalls?
57. Which of the following is not a type of emerging issue the EPIC would alert the public about?
A. Alexa personal helper
B. The Clipper chip
C. Medical record privacy
D. Sale of consumer data
58. Which of the following is not a function of a firewall?
A. Block unauthorized traffic from the Internet
B. Block unauthorized connections from outside attackers
C. Block one device from using too much bandwidth
D. Block sensitive information sent to the Internet
59. Which of the following is not an installation method for pfSense?
A. Streamed across the network
B. Optical drive
C. USB drive
60. When selecting a firewall solution, which of the following are security concerns to consider?
A. Audit capabilities
B. Privilege control
C. Refresh rate
61. When is a reverse proxy useful?
A. To grant outside users access to internal email servers
B. To support internal users accessing the public Internet
C. To allow internal users to access external web servers
D. To offer external entities access to an internal web server
62. Which of the following is an event found in a firewall log file that is a symptom of a rogue host operating within the private network?
A. Packets from an unassigned internal address
B. Packets to an unknown port on an internal host
C. Packets in a serial grouping, attempting to access a series of ports
D. Packets that are all exactly the same, directed toward asingle target
63. Which security strategy is based on locking the environment down so users can perform their assigned tasks, but little else?
A. Creating chokepoints
B. Diversity of defense
C. Principle of least privilege
D. Separation of duties
64. Which of the following statements is true regarding a reverse proxy?
A. The reverse proxy server can act as the endpoint for a TLS tunnel.
B. A reverse proxy cannot be used in conjunction with secured websites.
C. A reverse proxy can be used with tunnel mode IPSecVPNs.
D. A reverse proxy cannot support simultaneous SSL tunnels.
65. Which of the following is the most important feature of a bastion host OS?
A. Leveraging existing OS administrative knowledge
B. Inherent ease of use
C. Resistance to attacks and compromise attempts
D. Unlimited remote administration
66. When considering deployment of an IDS or IPS, what is the biggest problem?
A. Failing anomaly detection
B. False positives
C. False negatives
D. Failing to operate at wire speed
67. Which of the following is a highly recommended method or technique for keeping firewall logs secure and uncorrupted?
A. Storing the logs in binary form
B. Using high-capacity hard drives
C. Using timestamps
D. Using WORM drives
68. Which standard allows a firewall to hand off authentication to a dedicated service hosted on a different system?
A. IEEE 802.1x
B. IIEE 802.3
C. IEEE 802.11
D. IEEE x801
69. Which security stance focuses on the use of firewalls as its primary means of controlling communications?
B. Universal participation
D. Weakest link
70. Which term describes the deployment of multiple subnets in a series to separate private resources from public?
71. Which of the following firewall rule guidelines is most important?
A. Include every possible address and port in a rule within the set to ensure that an explicit callout exists for every type of communication.
B. Place explicit Deny rules for individual systems before explicit Allow rules for ranges that include those individual systems.
C. Place universal Allow rules for individual systems before universal Deny rules for systems in that range.
D. Include all specific denials for known malicious remote control tools after explicit Allow rules.
72. What form of encryption allows a firewall to filter based on the original source and destination address? (Assume that the firewall is located along the path between session endpoints.)
A. Tunnel mode
B. Transport mode
C. Traffic mode
D. Transaction mode
73. Which of the following is a default-deny rule?
A. TCP ANY 192.168.42.0/24 ANY ANY Deny
B. TCP ANY ANY 192.168.42.0/24 ANY Deny
C. TCP ANY ANY ANY ANY Deny
D. DENY TCP ANY ANY ANY ANY
74. Which of the following is a potential weakness of a firewall that cannot be fixed with the application of a patch?
B. Programming bug
C. Buffer overflow vulnerability
D. DoS from external sources
75. Which type of communication session can be improved using caching on a firewall?
B. Instant messaging
C. Remote access
76. What is always the most important element within a firewall rule set?
A. Using specific addresses instead of ANY
B. Listing Deny exceptions after Allow exceptions
C. Listing inbound exceptions before outbound exceptions
D. Listing the final rule of default deny
77. Which of the following is the primary factor when composing firewall rules?
B. Business tasks
C. Traffic levels
D. User preferences
78. Which of the following is not satisfied with a firewall policy?
A. Assisting in troubleshooting
B. Detecting changes in deployed settings
C. Ensuring consistent filtering across the infrastructure
D. Network load balancing
79. Which of the following is a firewall rule that prevents internal users from accessing public FTP sites?
A. TCP 192.168.42.0/24 ANY ANY 21 Deny
B. TCP ANY ANY ANY FTP Deny
C. TCP 21 192.168.42.0/24 ANY ANY Deny
D. TCP ANY ANY 192.168.42.0/24 21 Deny
80. When constructing a rule set, where should you place the default-deny rule?
A. First, before any other rule
B. After any explicit Allow rules
C. After any explicit Deny rules
D. Last, after all other rules
81. Which feature in tunnel-mode encryption is not supported in transport-mode encryption?
A. A footer is added to contain the hash value.
B. The payload is encrypted.
C. The source address is encrypted, but not the destination address.
D. The header is encrypted.
82. What are the two most important characteristics of VPN authentication?
A. Single factor and replayable
B. Scalable and interoperable
C. Transparent and efficient
D. Replayable and scalable
83. What form of cryptography encrypts the bulk of data transmitted between VPN endpoints?
C. Public key
84. Of the following VPNs, which prevents filtering of VPN traffic?
A. Edge router
B. Extranet VPN
C. Corporate firewall
D. Host-to-site VPN
85. When designing the authorization for VPNs and VPN users, what should you use as the primary security guideline?
A. Distributed trust
C. Principle of least privilege
D. Grant by default, deny by exception
86. Which of the following should be completed prior to building a VPN policy?
A. Risk assessment
B. Patch management
C. Financial audit
D. Awareness training
87. Which VPN access control issue can be enforced through VPN authentication?
A. Controlling access to printers
B. Restricting access to the Internet
C. Limiting access to files
D. Blocking unauthorized VPN users
88. Which form of VPN deployment requires additional authentication for accessing resources across the VPN?
A. Corporate firewall
B. Site-to-site VPN
C. Host-to-site VPN
D. Edge router
89. Which of the following is the primary difference between a VPN and a LAN connection?
A. Authentication factors
B. Resource access
90. Which of the following is a limitation of deploying a VPN?
A. Intermediary networks are insecure.
B. VPNs cannot run on native operating systems.
C. It is not possible to have a trusted VPN.
D. Vulnerabilities exist at endpoints.
91. Which of the following is not one of the three most common VPN deployment architectures?
C. Internally connected
92. Which of the following is not a threat common to software and hardware VPNs?
A. Backdoor attack
B. Denial of service
C. Missing patches
D. Split tunneling
93. Which of the following is one of the most common and easily exploited vulnerabilities on any hardware network device?
A. Weak default password
B. Accessible power switch
C. Default tunneling
D. No multifactor authentication
94. Which of the following is not a threat common to software and hardware VPNs?
A. Weak authentication
B. Weak client security
C. Weak encryption key
D. Weak user name
95. Which of the following is a benefit of a commercial VPN solution over open-source solutions?
A. Less cost
B. Product support
C. More flexibility
D. Access to the code
96. Which of the following is not a component of a VPN policy?
97. Which of the following is not a VPN best practice?
A. Back up the configuration
B. Permit split tunneling
C. Employ vulnerability management
D. Select based on best reviews
98. Which of the following is the term for malicious code entering the network and making a sharp turn into the secure network?
99. What is the term for a VPN deployment in which traffic between the VPN and the internal network is not firewalled?
A. Alternative deployment
B. Bypass deployment
C. Differential deployment
D. Internally connected deployment
100. Which of the following is not part of multifactor authentication?
A. Something you are
B. Something you have
C. Something you know
D. Something you wear
101. What are the two modes supported by IPSec? (Multiple answers are correct.)
102. Pick two benefits of SSL/TLS over the use of IPSec VPNs. (Multiple answers are correct.)
A. Many more deployments in corporate settings
B. Fewer firewall rules required
C. Granular access control
D. Support typically available immediately following the release of a new OS
103. Which of the following is an IPSec protocol that negotiates, creates, and manages security associations?
A. Authentication Header
B. Encapsulating Security Payload
C. Internet Key Exchange
D. Transportation Authentication
104. Which of the following is not a part of IPv6 IPSec cryptography?
B. Data origin authentication
C. Data integrity
D. Translation services
105. Which of the following is not a benefit of virtualized SSL VPN environments?
A. Added security for multigroup environments
B. Delegation of management
C. Greater flexibility
D. Redundant hardware installation
106. Which of the following is a true statement regarding IPSec?
A. It supports Windows and Linux environments, but not Apple Mac OSs.
B. It provides secure node-on-network connectivity.
C. It is set to 56-bit encryption for speed.
D. It has replaced the need for SSL-based VPNs.
107. Which of the following is not a major component of the SSH protocol?
A. Connection Protocol
B. Datagram Protection Protocol
C. Transport Layer Protocol
D. User Authentication Protocol
108. Which of the following is used by IPSec and provides integrity protection for packet headers and data, as well as user authentication?
A. Authentication Header (AH)
B. Encapsulating Security Payload (ESP)
C. Internet Key exchange (IKE)
D. Secure Shell (SSH)
109. Which of the following are the two main types of NAT?
A. Dynamic and static
B. Inbound and outbound
C. Encrypted and filtered
D. Hidden and shielded
110. Which of the following is not a benefit of SSL/TLS over the use of IPSec VPNs?
A. Client flexibility
B. Guaranteed uptime
C. Less expense
D. Platform independence
111. What is another term for a VPN?
A. Bastion host
B. Dedicated server
C. Data-encrypted tunnel
112. Which of the following is Microsoft’s free remote software for Windows Server and Windows 10?
A. Remote Data Services
B. Remote Desktop Services
C. Remote Desktop System
D. Remote Dial-up System
113. Which of the following is one of the primary methods for deploying remote access VPNs?
114. Which of the following is true of Remote Desktop Services?
A. It can host multiple, simultaneous sessions.
B. It can support dynamic addressing.
C. It can synch multiple proxy servers.
D. It can replace suspicious packets with benign packets.
115. Which of the following protocols does not support VPN use?
116. Which of the following is not a remote VPN option discussed in this chapter?
117. Which of the following products features the ability to awaken when sent a “magic packet”?
118. Which organization originally managed the Onion Routing Project?
A. Central Intelligence Agency
B. National Institute for Standards and Technology
C. National Security Agency
D. U.S. Naval Research Lab
119. Which command do you use to verify that an OpenVPN VPN is running?
B. open VPN
C. VPN on
D. VPN verify
120. Which of the following tools is a method for encapsulating IPSec ESP packets into UDP packets for passing through routers or firewalls employing NAT?
C. Protocol 50 ESP
121. How can you know if a firewall is functioning properly?
A. Review the documentation
B. Review the configuration
C. Review the log files
D. Review the test results
122. Which of the following is not a task completed with tunneling?
A. Providing access for external users to the internal network
B. Bypassing filtering restrictions for packets
C. Ensuring encryption of traffic
D. Using open ports for standard communications
123. Which of the following VPN tools provides anonymous, unencrypted tunneling systems?
C. PacketIX VPN
124. Which of the following is the best option for resolving firewall compromises?
A. Add additional rules
B. Reinstall the configuration
C. Apply outstanding patches
D. Use anti-malware scanning
125. Part of troubleshooting is identifying open ports. Which of the following tools aids in scanning if ports are open or closed?
126. Which of the following tools is primarily used for network vulnerability assessments?
127. Which of the following is not a firewall management best practice?
A. Develop a checklist
B. Build a written policy
C. Secure physical access
D. Use vendor default configuration
128. Which of the following is a firewall management best practice?
A. Install the first generation or first release of a firewall product.
B. Upon firewall installation, install available updates from the vendor.
C. Install pre-release patches on production firewalls as soon as they are available.
D. Because firewall vendors test code for quality assurance, an administrator does not need to duplicate testing efforts before installing code on a firewall.
129. Which of the following is the best, first tool to use when troubleshooting firewalls?
A. Crimping tools
B. Fuzzing tools
D. Source code
130. When a firewall breach is detected, what is the first step that should be taken?
A. Enable firewall alerts
B. Document the incident
C. Disable the firewall
D. Install a new firewall
131. Which of the following is not a network security management best practice?
A. Avoid remote access
B. Rely upon single or individual defenses
C. Separation of duties
D. Principle of least privilege
132. What is the purpose of physical security in an organization?
A. To prevent external attacks through the VPN
B. To prevent external attacks through the firewall
C. To prevent unauthorized access to facilities and equipment
D. To prevent the addition of new user accounts
133. What is the primary purpose of a post-mortem assessment review?
A. To identify necessary devices and budgets
B. To learn from mistakes
C. To reduce costs
D. To understand compliance
134. Which of the following techniques is not considered part of a network security assessment?
A. Incident response
B. Configuration scan
C. Penetration testing
D. Vulnerability assessment
135. Which of the following is not a common mistake that should be included in user training?
A. Bricking corporate computers
B. Leaving a computer while still logged in
C. Installation of unapproved software on company computers
D. Opening unexpected attachments from email
136. Which of the following is the only insurance against data loss?
137. Which of the following is not a step or phase in an incident response plan?
138. Which of the following is most important to the effectiveness of an antivirus scanner?
A. Available bandwidth on the network
B. Commercial products versus open source
C. Platform of the scanning engine
D. Timeliness of the definitions database
139. Which of the following is not part of a complete and comprehensive security approach?
A. Secure assets
B. Train users
C. Monitor for violation attempts
D. Implement single-factor authentication
140. Which of the following is not a network security management tool or technique?
A. Change documentation
B. Equipment inventory
C. Logical organization map
D. Products that won awards
141. Which of the following is not a benefit of virtualization’s hypervisor?
A. Improved performance
B. Visibility to security issues
C. Ease of use
D. Deep-content inspection
142. Which of the following is not one of the best ways to consider security from a business perspective?
143. Which regulation was created to protect investors by requiring publicly traded companies to validate controls securing financial data?
B. Health Insurance Portability and Accountability Act (HIPAA)
C. HITECH Act
D. General Data Protection Regulation (GDRP)
144. Which of the following is not a type of specialized firewall?
B. Data protection
145. Which of the following does not contribute to the erosion of the network perimeter?
B. Cloud computing
146. Which of the following specialized firewall types is designed to provide data leakage prevention?
B. Data protection
147. Which of the following is not a biometric characteristic?
C. Iris pattern
D. Voice pattern
148. Which of the following is not a core security principle?
149. CIOs can be held accountable for security breaches in governmental compliance. When CIOs complain about security, which of the following is their top complaint?
A. Lack of measures
B. The cost
C. Lack of flexibility
150. Which of the following is an example of a biometric characteristic?
D. Smart card
Correct Answers –
- B, C
- B, C