Get IT Security: Defense Against The Digital Dark Arts Graded Quiz Answers
Table of Contents
Q1. Which tenant of security are flood guards designed to help ensure?
Answer: Availability
Explanation: Flood guards help prevent Denial-of-Service (DoS) attacks, which aim to disrupt network availability by flooding systems with excessive traffic.
Q2. Which enterprise switch features protect against layer 2 man-in-the-middle attacks? Select all that apply.
Answer:
Dynamic ARP Inspection (DAI)DHCP SnoopingIP Source Guard
Explanation:
These features prevent various Layer 2 attacks. DAI verifies ARP packets, DHCP Snooping protects against rogue DHCP servers, and IP Source Guard filters traffic based on assigned IPs and MAC addresses.
Q3. A host-based firewall protects against malicious attacks in which of the following scenarios? Select all that apply.
Answer:
A device on a company’s internal network needs protection when another device connected to the network has been corrupted.An employee connects to the unsecured internet at their local coffee shop with their company computer.
Explanation:
A host-based firewall provides endpoint protection against threats originating within a local network or over insecure external networks. Layer 2 attacks and rogue DHCP servers require network-level defenses.
Q4. Which of the following is WEP’s greatest weakness?
Answer: The initialization vectors, and therefore the encryption keys, were weak and reused too often.
Explanation: WEP’s encryption relies on a 24-bit initialization vector, which is small and often reused, making it vulnerable to key recovery attacks.
Q5. What makes the WPS method of PIN entry authentication with a hard-coded pin vulnerable to online brute force attacks?
Answer: It uses an 8-digit PIN, which is made of 7 digits and one checksum value, and sends it in two parts. This means it takes a maximum of 11,000 tries to guess the PIN.
Explanation: The design flaw in WPS PIN authentication allows brute force attacks to succeed by breaking the 8-digit PIN into two parts, reducing the possible combinations significantly.
Q6. How can you increase the security of a wireless network that uses WPA2 with AES/CCMP mode?
Answer: Use a long, complex passphrase that wouldn’t be found in the dictionary.
Explanation: A strong, complex passphrase resists dictionary and brute force attacks, enhancing the security of WPA2 networks.
Q7. What feature of enterprise-managed switches allows you to take all packets from a specified port, port range, or entire VLAN and mirror the packets to a specified switch port?
Answer: Port mirroring
Explanation: Port mirroring enables the monitoring of network traffic by duplicating packets from a specific source to a designated monitoring port.
Q8. You’re an IT support specialist tasked with setting up a NIDS system to monitor your company’s network traffic for suspicious behavior. Which of the following options would you implement? Select all that apply.
Answer:
Enable promiscuous mode on the NIDS analysis port.Use port mirroring to mirror all network traffic to the NIDS host.Set up the NIDS host with two network interfaces; one for analysis and one for management.
Explanation:
Promiscuous mode and port mirroring allow the NIDS to analyze all traffic. Using separate interfaces for analysis and management enhances performance and security.
Q9. You want to use tcpdump to retrieve packets with 113.8.81.2 as the source or destination IP address and port 8080 as the source or destination port. Which command should you use?
Answer: sudo tcpdump -i eth0 -vn host 113.8.81.2 and port 8080 &
Explanation: This command specifies the correct interface, source/destination IP, and port, and runs the process in the background with the & operator.
Q10. When you run the command sudo tcpdump -i eth0 -vn, what output does tcpdump provide about each packet? Select all that apply.
Answer:
TCP details.The layer 3 protocol, source, and destination addresses and ports.
Explanation:
The command provides verbose network details, including protocol, source and destination IPs, ports, and transport-layer details. Service names require additional options to be displayed.
Get IT Security: Defense Against The Digital Dark Arts Practice Quiz Answers >>
Module 01 Challenge: Understanding Security Threats Quiz Answers
Module 02 Challenge: Pelcgbybtl (Cryptology) Graded Quiz Answers
Module 03 Challenge Authentication Authorization & Accounting Quiz Answers
Module 04 Challenge: Securing Your Networks Quiz Answers
Module 05 Challenge: Defense in Depth Quiz Answers
Module 06 Challenge: Creating a Company Culture for Security Quiz Answers