CHAPTER 6_Telecommunication Cards and Network Security by Pavel Borovsky (2023)

q

A

It guarantees a specific data transfer rate at a guaranteed speed. Time sensitive traffic (voice and video) is assigned to this classification.

q

A

Point to Point Protocol (PPP)It is similar to HDLC in that it is a data link protocol that performs framing and encapsulation for point-to-point links. A peer-to-peer connection means that there is a connection between one device (peer) and another device (peer). If the systems on your LAN use the Ethernet protocol, what if a system needs to communicate with a server at your ISP to connect to the Internet? This is not an Ethernet connection. So how do systems know how to communicate with each other if they can't use Ethernet as their data link protocol? They use a data link protocol that they understand. Telecommunications devices generally use PPP as their data link protocol.

q

A

q

A

q

A

Gradual loss of intensity of any type of flow through a medium. When an electrical signal travels down a cable, the signal can degrade, distort, or damage the data being transmitted.

q

A

Wiring in which the copper wires are twisted together to suppress EMI from external sources. UTP cables are found in many Ethernet networks and telephone systems.

q

A

q

A

Small glass core and are used for high-speed data transmission over long distances. They are less prone to attenuation than multimode fibers.

q

A

q

A

q

A

q

A

q

A

IGRP is a distance vector routing protocol developed and owned by Cisco Systems. Whereas RIP uses one criteria to find the best route between source and destination, IGRP uses five criteria to make the "best route" decision. A network administrator can weight these various metrics to make the protocol work best in that specific environment.

q

A

Convert electrical signal to light signal

q

A

The DHCP acknowledgment message is sent from the DHCP server to the DHCP client and is the process by which the DHCP server assigns the IP address lease to the DHCP client.

q

A

IPv6, also calledNext Generation IP (IPng), it not only has a larger address space than IPv4 to support more IP addresses; It has some features that IPv4 doesn't, and it performs some of the same tasks differently. Full details of the new features within IPv6 are beyond the scope of this book, but we'll look at some of them because IPv6 is the way of the future. IPv6 allows for scoped addresses, which allows an administrator to restrict specific addresses to specific servers or file and printer shares, for example. IPv6 has Internet Protocol Security (IPSec) built into the protocol stack, providing secure end-to-end transmission and authentication. IPv6 offers more flexibility and routing capabilities, allowing the assignment of Quality of Service (QoS) priority values ​​for time-sensitive transmissions. The protocol offers self-configuration, which greatly simplifies administration and does not require Network Address Translation (NAT) to expand its address space.

q

A

q

A

A type of multiplexing in which two or more bit streams or signals are transmitted apparently simultaneously as sub-channels on a communication channel, but are physically alternated on the single channel.

q

11🇧🇷 Metro Ethernet is a MAN protocol that can work on network infrastructures consisting of access, aggregation, metro and core layers. Which of the following statements best describes these layers of network infrastructure?

A🇧🇷 The access layer connects customer equipment to a service provider's aggregation network. Aggregation takes place in a core network. The metro layer is the metropolitan area network. The core connects different metropolitan networks.

B🇧🇷 The access layer connects customer devices to a service provider's core network. Aggregation takes place in a distribution network at the core. The metro layer is the metropolitan area network.

C🇧🇷 The access layer connects customer equipment to a service provider's aggregation network. Aggregation takes place in a distribution network. The metro layer is the metropolitan area network. The core connects different access layers.

D🇧🇷 The access layer connects customer equipment to a service provider's aggregation network. Aggregation takes place in a distribution network. The metro layer is the metropolitan area network. The core connects different metropolitan networks.

A

q

A

q

A

q

The industry had to find other ways to allow millions of users flexible use of this finite resource (frequency range). Over time, mobile wireless technology has been supplemented by increasingly complex and powerful "multiple access" technologies, listed below:

A

• Frequency Division Multiple Access (FDMA)
• Time Division Multiple Access (TDMA)
• Multiple access by code division (CDMA)
• Orthogonal Frequency Division Multiple Access (OFDMA)

q

17🇧🇷 What happens at the session level?

A🇧🇷 Dialog control

B🇧🇷 Routing

C🇧🇷 Packet sequencing

D🇧🇷 Addressing

A

q

A

A firewall running in a virtualized environment that monitors and controls traffic as it travels through the virtual machines. The firewall can be a traditional firewall running on a virtual guest machine or a component of a hypervisor.

q

A

Firewall Dual-Homed Dual-Homedrefers to a device that has two interfaces: one to the external network and one to the internal network. If the firewall software is installed on a dual-based device, which is often the case, the underlying operating system should disable packet forwarding and routing for security reasons. If this option is enabled, the computer may not apply ACLs, rules, or other restrictions required by a firewall. When a packet arrives at the external NIC from a network that is not trusted by a dual-base firewall and the operating system has forwarding enabled, the operating system forwards the traffic instead of passing it to the firewall software for inspection.

q

14🇧🇷 Which of the following protocols operates at the following layers: application, data connection, network, and transport?

A. FTP, ARP, TCP y UDP

B. FTP, ICMP, IP y UDP

C. TFTP, ARP, IP y UDP

D. TFTP, RARP, IP e ICMP

A

q

A

q

A

q

A

• Change the default SSID. Each AP comes with a pre-configured default SSID value.
• Disable "Broadcast SSID" on the AP. For most APs this can be disabled.
• Implement another layer of authentication (RADIUS, Kerberos). Before the user can access the network, they must be authenticated.
• Physically place the AP in the center of the building. The AP has a specific coverage area that it can provide.
• Logically place the AP in a DMZ with a firewall between the DMZ and the internal network. Allow the firewall to inspect the traffic before it reaches the wired network.
• Implement VPN to use wireless devices. This adds another layer of protection for the transmitted data.
• Configure the AP to allow only known MAC addresses on the network. Only allow known devices to authenticate. Note, however, that these MAC addresses are sent unencrypted, so an attacker could capture them and impersonate an authenticated device.
• Perform penetration tests on the WLAN. Use the tools described in this section to identify access points and try to crack the encryption scheme currently in use.
• Change to a product that supports the 802.11i standard.

q

A

q

A

• An available wireless spectrum is used to transmit data.
• The available frequency band is divided into narrow frequency bands and used to have multiple parallel channels for data transmission.

q

Tom's company had a lot of problems with unauthorized trackers being installed on the network. One reason is that employees can connect their laptops, smartphones and other mobile devices to the network, which can become infected and run trackers unknown to the owners. VPN deployment doesn't work because all network devices should be configured for specific VPNs and some devices, like your switches, don't have that kind of functionality available. Another problem Tom's team is facing is how to protect internal wireless traffic. Although wireless access points can be configured with digital certificates for authentication, sending and managing certificates on each wireless user's device is prohibitively expensive and will place a heavy burden on network personnel. Tom's boss also told him that the company needed to move from a fixed-line solution for metropolitan areas to a wireless solution.

37🇧🇷 Which of the following is the best solution to meet the wireless broadband connectivity needs of the company?

A. WiMAX

B. IEEE 802.12

C. WPA2

D. IEEE 802.15

A

q

7.Which of the following statements correctly describes bluejacking?

A.Bluejacking is a harmful and malicious attack.

B.It's all about taking control of another handheld device via a Bluetooth-enabled device.

C.It is commonly used to send contact information.

D.The term was coined to use a Bluetooth device and take over from another device.

Extended questions:

A

RIGHTC.Bluetooth is vulnerable to an attack called bluejacking, in which an attacker sends an unsolicited message to a Bluetooth-enabled device. Bluejackers look for a receiving device, e.g. B. a mobile device or laptop and then send it a message. Often the bluejacker will try to send your business card so that it will be added to the victim's contact list in their address book. The countermeasure is to put the Bluetooth-enabled device in unrecognizable mode so that other people cannot identify this device at all. If you get any kind of message this way, just look around you. Bluetooth only works 10 meters away, so it's coming from someone nearby.

INCORRECTAis incorrect, as bluejacking is more of a harmless nuisance than a malicious attack. It is the act of sending unsolicited messages to Bluetooth-enabled devices. The first attack took place at a bank, where the attacker searched the network and found an active Nokia phone. He then sent the message "Buy Ericcson".

INCORRECTBis incorrect because no other device is controlled during bluejacking. It does not give the attacker any control over the target device. Instead, Bluejacker simply sends an unsolicited message to the Bluetooth-enabled device. These messages are usually just text, but you can also send images or sounds. Victims are often unfamiliar with bluejacking and may think that their phone is broken or has been attacked by a virus or hijacked by a Trojan horse.

INCORRECTDis incorrect because the term bluejacking has nothing to do with hijacking, which means taking control of something. The name Bluejacking was coined by a Malaysian IT consultant who sent the message "Buy Ericsson" to another Bluetooth-enabled device.

q

A

I don't like this package. Oh, but I like this package. I don't like this package. This other package is fine.

packet filteringis a firewall technology that makes access decisions based on protocol header values ​​at the network level. The device that performs the packet filtering processes is configured with ACLs that dictate the type of traffic allowed into and out of specific networks.

q

A

q

A

Why are there so many paths to choose from?

For a long time, many companies used dedicated links to communicate with other companies. Company A had a pipeline to Company B that provided a certain amount of bandwidth 24 hours a day and was not used by any other entity. This was great because only the two companies could use the line, so there was always some bandwidth available, but it was expensive and most companies didn't use all the bandwidth for every hour the connection was available. So companies were spending a lot of money on a service that they didn't use all the time. Businesses today use Frame Relay instead of leased lines.

q

A

In onestar topologyall nodes connect to a central device such as a switch. Each node has a dedicated connection to the central device. The central device must provide enough throughput so that it does not become an adverse bottleneck for the network as a whole. Because a central device is required, it presents a potential single point of failure, so redundancy may need to be implemented. The switches can be configured in flat or tiered deployments to allow larger organizations to use them.

q

A

A core protocol of the IP suite that is used to send status and error messages.

q

A

q

A

Arede local (LAN)It is a network that provides communication and shared resources in a relatively small area. What defines a LAN versus a WAN depends on the physical medium, the encapsulation protocols, and the technology for accessing the medium. For example, a LAN can use 10Base-T cabling, TCP/IP protocols, and Ethernet media access technology, allowing users located on the same construction site to communicate. A WAN, on the other hand, can use fiber optic cable, L2TP tunneling protocol, and ATM media access technology, and allow users in one building to communicate with users in another building in another state (or country). A WAN connects LANs geographically over long distances. Most of the differences between these technologies are found at the data link layer.

q

A

• Works in a client/server model
• Extend and secure PPP connections
• It works at the data link layer.
• Transmitted only over IP networks

q

A

A logical division of a network that improves network management and helps reduce network traffic congestion. The process of segmenting a network into smaller networks by using an addressing scheme made up of network and host parts.

q

A

This occurs when an attacker captures packets at one point in the network and encapsulates them at another point in the network for use by a second attacker against a target system.

q

A

Core protocol of the TCP/IP suite. It provides packet creation, addressing, and routing functionality.

q

A

Digital Subscriber Line (DSL)It is another type of high-speed connection technology used to connect a home or business to the service provider's central office. It can provide broadband speeds from 6 to 30 times faster than ISDN and analog technologies. It uses existing telephone lines and offers Internet connection 24 hours a day, 7 days a week. Actually, that sounds better than sliced ​​bread, but few people can take advantage of this service, since you have to be within 2.5 miles of the DSL service provider's equipment. DSL transmission rates decrease as the distance between home and business headquarters increases.

q

A

APonteIt is a LAN device for connecting LAN segments. It works at the data link layer and therefore works with MAC addresses. A repeater does not work with addresses; it simply forwards all received signals. When a frame arrives at a bridge, the bridge determines whether the MAC address is on the local network segment or not. If the MAC address is not in the local network segment, the bridge forwards the frame to the required network segment.

q

12🇧🇷 Which of the following statements is an incorrect definition of the specific component or protocol that makes up IPSec?

A🇧🇷 The Authentication Header Protocol provides data integrity, data origin authentication, and protection against replay attacks.

B🇧🇷 The Tunneling Security Payloads protocol provides confidentiality, data origin authentication, and data integrity.

C🇧🇷 The Internet Security Association and Key Management Protocol provide a framework for creating security associations and exchanging keys.

D🇺🇸 Internet Key Exchange provides authenticated key material for use with cryptographic algorithms.

A

q

A

Multiply available fiber optic capacity by using parallel channels, with each channel on a dedicated light wavelength. The bandwidth of an optical fiber can be divided into up to 160 channels.

q

John is the head of his company's security team. He discovered that the attackers had installed trackers on the network without the company's knowledge. Along with this issue, his team also discovered that two DNS servers had no record replication restrictions and the servers were caching suspicious name resolution data.

29🇧🇷 Which of the following is the best countermeasure to implement to mitigate the threat of network management traffic being viewed by intruders?

A. SNMP v3

B. L2TP

C🇧🇷 INDIVIDUAL

D🇧🇷 Firewall with dynamic packet filtering

A

q

A

High Speed ​​Serial Interface (HSSI)It is an interface used to connect multiplexers and routers with high-speed communication services such as ATM and Frame Relay. Supports speeds up to 52 Mbit/s, e.g. B. WAN T3 links, often built into routers and multiplexing devices to provide serial interfaces to the WAN. These interfaces define the electrical and physical interfaces to be used by DTE/DCE devices; therefore, HSSI operates at the physical layer.

q

A

A transmission is called a carrier, so when a computer transmits frames, it is performing carrier activity. When using the computerCarrier Aware Multiple Access with Collision Detection (CSMA/CD)Protocol, they monitor transmission activity or carrier activity on the line so they can determine when is the best time to transmit data. Each node continuously monitors the line and waits until the line is free before transmitting its data. As an analogy, consider several people gathered in a group, talking here and there about this and that. Typically, when a person wants to talk, they listen to the current conversation and wait for a pause before continuing. If you don't wait for the first person to stop speaking, he will speak at the same time as the other person and the people around you may not be able to fully understand what the other person is trying to say.

q

A

Link-state protocol that allows each router to independently build a database of a network's topology. Similar to the OSPF protocol, it calculates the best route for the traffic. It is a provider-independent, hierarchical, and classless routing protocol.

q

If proper countermeasures are not implemented, an attacker could gain access to a large amount of device-related data that can be used in their subsequent attacks. The following are just a few records contained in SNMP MIB objects that could be of interest to attackers:

A

• .servidor.svSvcTable.svSvcEntry.svSvcName
• .servidor.svShareTable.svShareEntry.svShareName
• .servidor.sv.ShareTable.svShareEntry.svSharePath
• .servidor.sv.ShareTable.svShareEntry.svShareComment
• .server.svUserTable.svUserEntry.svBenutzername
• .domain.domMainDomain

q

A

filtered subnetAfiltered subnetThe architecture adds another layer of security to the architecture of the crawled host. The external firewall filters traffic entering the DMZ network. However, instead of the firewall redirecting traffic to the internal network, an internal firewall also filters the traffic. Using these two physical firewalls creates a DMZ.

q

A

• Bandwidth greater than 2G
• "Always on" technology for emails and pages

q

A

Leased lines that can carry voice and data information over trunks. It is a general term for any of several digitally multiplexed telecommunication bearer systems.

q

A

The set of protocols, technologies, methodologies, and transmission techniques involved in the delivery of voice data and multimedia sessions over IP-based networks.

q

A

Now you will be transformed into something that everyone can understand.

oslide, layer 6, takes the information from the application layer protocol and puts it in a format that all computers in the OSI model can understand. This layer provides a common means of representing data in a structure that the end system can process correctly. So if a user creates a Word document and sends it to multiple people, it doesn't matter if the receiving computers have different word processors. Each of these computers can receive and understand this file and present it as a document to its user. This is possible thanks to the processing of the data representation in the presentation layer. For example, when a computer running Windows 7 receives a file from another computer system, the information in the file's header indicates what type of file it is. The Windows 7 operating system has a list of the file types it understands and a table describing which program to use to open and edit each file type. For example, the sender can create a Word file in Word 2010 while the recipient uses Open Office. The recipient can open this file because the presentation layer on the sender's system has converted the file to American Standard Code for Information Interchange (ASCII) and the recipient's computer can open these types of files with their Open Office word processor. .

q

A

• Most of the time, a distributed approach must be used to control all entry points to the network, which is not possible with a single firewall.
• Firewalls can represent a potential bottleneck to traffic flow and a single point of failure threat.
• Most firewalls do not offer protection against malware and can be fooled by the most sophisticated types of attacks.
• Firewalls do not protect against rogue wireless access points or trackers and offer little protection against insider attacks.

q

Physical – Network interface cards and drivers convert bits into electrical signals and control the physical aspects of data transmission, including optical, electrical, and mechanical requirements. The following are some of the standard interfaces at this level:

A

• EIA-422, EIA-423, RS-449, RS-485
• 10BASE-T, 10BASE-T, 10BASE-5, 100BASE-TX, 100BASE-FX, 100BASE-T, 1000BASE-T, 1000BASE-SX
• Integrated Digital Services Network (ISDN)
• Digital Subscriber Line (DSL)
• Synchronous Optical Network (SONET)

q

A

Frequency Division Multiple Access (FDMA)it was the first multiple access technology to be put into practice. The available frequency range is divided into sub-bands (channels) and each subscriber (mobile phone) is assigned a channel. The subscriber has exclusive use of this channel while the call is being made or until the call is terminated or transferred; No further calls or conversations can be made on this channel during this call. Using FDMA in this way allows multiple users to share the frequency band without risk of interference between simultaneous calls. FMDA was used in the first generation (1G) of cellular networks. Several 1G mobile implementations, such as the Advanced Mobile Phone System (AMPS), the All Access Communication System (TACS), and the Nordic Mobile Telephone (NMT), used FDMA.

q

A

Transmission sequencing technology that uses a clock pulse or timing scheme to synchronize data transmission.

q

A

q

A

• Hybrid of L2F and PPTP
• Extend and secure PPP connections
• It works at the data link layer.
• Streams over many types of networks, not just IP
• Combined with IPSec for security

q

A

IP version 6 is the successor to IP version 4 and offers 128-bit addressing, integrated IPSec security protocol, simplified header formats, and some automated configuration.

q

A

Compared to the best effort service, the traffic associated with this classification has more bandwidth, shorter delays, and fewer dropped frames.

q

A

q

A

The circuit-switched public telephone network, consisting of telephone lines, fiber optic cables, cellular networks, communications satellites, and undersea telephone cables, enables all telephone-to-telephone communications. It used to be an analog landline telephone system, but now it is almost entirely digital, encompassing both landline and mobile phones.

q

A

A firewall that communicates directly with a perimeter router and the internal network. The router performs filtering activities on the traffic before it reaches the firewall.

q

A

Alawyeris an intermediary. Intercepts and examines messages before forwarding them to the intended recipients. Suppose you have a box and a message to deliver to the President of the United States. You couldn't just go to the president and deliver these items. Instead, he would have to contact an intermediary, most likely the Secret Service, who would take the box and the message and examine the box thoroughly to make sure there was nothing dangerous inside. That's what a proxy firewall does: it accepts messages entering or leaving a network, examines them for malicious information, and if it decides the messages are correct, forwards the data to the destination computer.

q

A

Firewalls are great, but where do we put them?

Firewalls can be placed in different areas of a network to meet specific needs. They can protect an internal network from an external network and act as a bottleneck for all traffic. A firewall can be used to segment and partition sections of the network and apply access controls between two or more subnets. Firewalls can also be used to provide a DMZ architecture. And as discussed in the previous section, the right type of firewall has to be in the right place. Organizations have general firewall requirements; Therefore, they keep them in similar places in their networks. We will see more about this topic in the next sections.

q

Packet filtering was the first generation of firewalls and is the most rudimentary of all firewall technologies. Filters only have the ability to inspect protocol header information at the network and transport layers and perform ALLOW or DENY actions on individual packets. This means that filters can make access decisions based on the following basic criteria:

A

• Source and destination IP addresses
• Source and destination port numbers
• record types
• Direction of incoming and outgoing traffic

q

A

• analog services
• voice service only

q

A

q

A

Social engineering activities on the phone system, often using VoIP-enabled features to gain unauthorized access to sensitive data.

q

A

registered portsare 1024 to 49151, which can be registered with the Internet Corporation for Assigned Names and Numbers (ICANN) for a specific use. Vendors register specific ports to associate with their proprietary software.dynamic portsthey are 49152 to 65535 and can be used by any application "as needed".

q

A

A type of DDoS attack on a computer that floods the target system with a large amount of UDP echo traffic to broadcast IP addresses.

q

A

q

A

Turn right at the router and left at the access server. I live on 10/10/2/3.

Each node in a network must have a unique IP address. Today the most widely used version of IPIP-Version 4 (IPv4), but their addresses are in such high demand that their supply is slowly running out.IP-Version 6 (IPv6)was created to meet this need. (IPv6 also has many built-in security features that are not part of IPv4.) IPv6 is covered later in this chapter.

q

A

Stream sequencing technology that uses start and stop bits or similar encoding mechanisms. It is used in environments that periodically transfer a variable amount of data.

q

A

q

Network Devices: Various types of devices are used on LAN, MAN, and WAN to provide communication between computers and networks. We need physical devices throughout the network to actually use all the protocols and services we've covered so far. Different network devices vary in functionality, capacity, intelligence, and location on the network. We will see the following devices:

A

• Repeater
• bridges
• router
• Change

q

quince.Which of the following statements does not describe the security of IP telephony?

A.VoIP networks must be protected with the same security controls that are used in a data network.

B.Softphones are more secure than IP phones.

C.As terminals, IP phones can become the target of attacks.

D.The current Internet architecture over which voice is transmitted is less secure than physical phone lines.

Extended questions:

A

RIGHTB.IP softphones should be used with caution. A softphone is a software application that allows the user to make phone calls over the Internet using a computer. A softphone that replaces dedicated hardware behaves like a traditional phone. It can be used with a headset connected to a PC sound card or with a USB phone. Skype is an example of a softphone application. Compared to hardware-based IP phones, softphones make an IP network more vulnerable. However, softphones are no worse than any other interactive application on the Internet. Additionally, data-centric malware can more easily enter a network through softphones, since softphones do not separate voice traffic from data like IP phones do.

INCORRECTAis incorrect because the statement correctly describes the security of the IP telephony network. An IP telephony network uses the same technology as a traditional IP network, but can support voice applications. Therefore, the IP telephony network is vulnerable to the same vulnerabilities as a traditional IP network and must be protected accordingly. This means that the IP telephony network must be secure enough.

INCORRECTCis false because the statement is true. IP phones on an IP telephony network are equivalent to a workstation on a data network in terms of susceptibility to attacks. As such, IP phones must be protected with many of the same security controls implemented on a traditional workstation. For example, it is necessary to change the default administrator passwords. Unnecessary remote access features should be disabled. Logging must be enabled and the firmware update process must be protected.

INCORRECTDis false because the statement is true. For the most part, the current Internet architecture through which voice is transmitted is less secure than physical phone lines. Physical phone lines provide point-to-point connections that are more difficult to access than the software-based tunnels that make up most of the Internet. This is an important factor to consider when securing an IP telephony network as the network now contains two invaluable resources: data and voice. It is not uncommon for personal information, financial information, and other sensitive data to be shared over the phone. Intercepting this information over an IP telephone network is as simple as intercepting ordinary data. Voice traffic must now also be encrypted.

q

A

A connectionless channel that does not promise a specific data rate. Clients cannot and do not have to control their traffic rate.

q

A

Many bridges use thoseSpanning Tree Algorithm (STA), which adds more intelligence to bridges. STA ensures that frames do not circulate over networks forever, provides redundant paths in case a bridge fails, assigns unique identifiers to each bridge, assigns priority values ​​to those bridges, and calculates path costs. This creates much more efficient frame forwarding processes across each bridge. The STA also allows an administrator to specify whether traffic should take certain routes over others.

q

A

Fiber Distributed Data Interface (FDDI)Developed by the American National Standards Institute (ANSI), the technology is a high-speed media access and token transfer technology. FDDI has a data rate of up to 100 Mbit/s and is generally used as a backbone over fiber optic cables. FDDI also provides fault tolerance by providing a second counter-rotating fiber ring. The main ring has data that moves in a clockwise direction and is used for regular data transmission. The second ring carries data in a counterclockwise direction and is only called if the main ring fails. The sensors look for the main ring and when it goes down they call a ring break so that the data is moved to the second ring. Each node in the FDDI network has relays connected to both rings, so that if the ring breaks, the two rings can be merged.

q

6🇧🇷 What could happen if an attacker could inject tag values ​​into network and switch-based protocols to manipulate data link layer traffic?

A🇧🇷 Dealing with open relays

B. VLAN-Hopping-Angriff

C🇧🇷 Hypervisor-Denial-of-Service-Angriff

D. smurf attack

A

q

A

q

A

q

A

X.25is a legacy WAN protocol that defines how devices and networks establish and maintain connections. Like Frame Relay, X.25 is a switching technology that uses carrier switches to provide connectivity to many different networks. It also offers any-to-any connection, which means many users can use the same service at the same time. Subscribers are billed based on the bandwidth they use, unlike dedicated connections, which charge a flat fee.

q

A

• Configure the remote access server to call back the initial phone number to ensure that it is a valid and approved number.
• Modems must be configured to answer after a predetermined number of rings to fight dial wars.
• Disable or remove modems when not in use.
• All modems should be consolidated in one place and managed as centrally as possible.
• The use of two-factor authentication, VPNs, and personal firewalls should be implemented for remote access connections.

q

A

q

A

q

Sean is the new security administrator at a large financial institution. There are several issues that Sean will become aware of in his first week in his new role. First, the rogue packets appear to reach critical servers, even though every network has well-configured firewalls at every gateway location to control traffic to and from those servers. One of Sean's team complains that the current firewall logs are too large and contain useless data. He also tells Sean that the team needs to use rules that are less permissive than the current All rule type. Sean also discovered that some members of the team want to implement tarpits on some of the most commonly attacked systems.

32🇧🇷 Which of the following events is most likely to occur to allow unwanted packages to gain unauthorized access to critical servers?

A🇧🇷 A TCP stream hijacking is taking place.

B🇧🇷 Source routing is not restricted.

C🇧🇷 Shard attacks are in progress.

D🇧🇷 The attacker tunnels the communication via PPP.

A

q

5🇧🇷 Which of the following protocols is considered connection-oriented?

A. IP

B. ICMP

C. UDP

D. TCP

A

q

A

A data link technology used as a metropolitan area network to connect customer networks to larger service networks or the Internet. Businesses can also use Metro Ethernet to connect distributed locations to their intranet.

q

A

A framework for authentication and data security in Internet protocols. It separates the authentication mechanisms from the application protocols and allows the use of any SASL-compliant authentication mechanism in any application protocol that uses SASL.

q

A

Most NAT implementations are stateful, which means that they trace a communication between the internal host and an external host until the session ends. The NAT device needs to remember the internal IP address and port to send the response messages. This stateful feature is similar to stateful inspection firewalls, but NAT does not scan incoming packets for malicious properties. Instead, NAT is a service that typically runs on routers or gateway devices within an organization's protected subnet.

q

A

q

A

Hub connecting a SAS device to the main ring

q

A

q

A

clone phoneIt has been around for many years and this activity is not going to stop anytime soon. A normal cell phone can be stolen and reprogrammed with someone else's credentials. This is a common activity used by organized crime gangs and drug dealers who do not want their information readily available to law enforcement. Global System Mobile (GSM) phones use a SIM (Subscriber Identity Module) chip that contains authentication credentials, phone numbers, saved messages, and more. Before a GSM phone can access the cellular network, the SIM card must be present in the phone. Attackers clone these SIM chips to make fraudulent calls to the cell phone owner's account.

q

A

A system is considered as aWirt BastionIf it's a highly exposed device, it's more likely to be targeted by attackers. The closer a system is to an untrusted network like the Internet, the more likely it is to be seen as a potential target, since it has fewer layers of protection to protect it. If a system is on the public side of a DMZ or directly connected to an untrusted network, it is considered a bastion host; therefore, it must be extremely blocked.

q

A

voice in the packet What will they think next?

Multi-service access technologiescombining different types of communication categories (data, voice, and video) in one transmission line. This results in higher performance, lower operating costs, and more flexibility, integration, and control for administrators. The normal telephone system is based on a circuit-switched network centered on the voice calledpublic switched telephone network (PSTN)🇧🇷 PSTN uses circuit switching instead of packet switching. When a phone call is made, it is placed on the PSTN interface, which is the user's phone. This telephone is connected to the subscriber line of the telephone company through a copper cable. Once the signals from that phone call reach the phone company's central office (the end of the subscriber line), they are part of the phone company's circuit-switched world. A connection is established between the source and the destination, and data flows through the same switches while the call is in session.

q

A

It is commonly used to terminate telephone lines.

q

A

An IPv6 transition mechanism for forwarding IPv6 packets between dual-stack nodes in an IPv4 network.

q

A

• Used in fiber optic communications.
• Multiplexes multiple optical carrier signals onto a single optical fiber.

q

A

Aamplifieroffers the simplest type of connectivity, simply repeating electrical signals between cable segments, allowing you to expand a network. Repeaters operate at the physical layer and are add-on devices used to extend a network connection over a greater distance. The device amplifies the signals because the signals weaken over distance.

q

A

AStateful Firewallit is like a nosy neighbor who interferes in people's affairs and conversations. She tracks suspicious cars pulling into the neighborhood, who's out of town for the week, and the postman who stays a little late at the neighbor's house. This can be annoying until her house is burgled. Then you and the police will want to talk to the nosy neighbor because she knows everything that is going on in the neighborhood and she is more likely to know that something unusual has happened. A stateful inspection firewall is more inquisitive than a typical filtering device because it keeps track of what computers are saying to each other. This requires the firewall to maintain astate table, which is like a party report of who said what to whom.

q

A

Activity that involves changing the sender's address and other parts of the email header to make the email appear to come from a different source. Since SMTP doesn't provide authentication, it's easy to impersonate someone and spoof emails.

q

3🇧🇷 Which of the following features is not part of the IEEE 802.11a standard?

A🇧🇷 It works in the 5 GHz band.

B🇧🇷 It uses OFDM spread spectrum technology.

C🇧🇷 It offers a bandwidth of 52 Mbit/s.

D🇧🇷 Covers shorter distance than 802.11b.

A

q

A

OSPF uses link state algorithms to send routing table information. Using these algorithms allows for smaller and more frequent routing table updates. This provides a more stable network than RIP, but requires more memory and CPU resources to support this additional processing. OSPF enables a hierarchical routing network that has a trunk connecting all the subnets. OSPF has replaced RIP in many networks today. Authentication can be done with clear text passwords, encrypted passwords, or you can configure no authentication on routers that use this protocol.

q

A

Large glass cores can carry more data than single core fibers, although their higher attenuation makes them better for shorter distances.

q

A

A hosted EDI service offering that acts as an intermediary between trading partners who exchange standards-based or proprietary data through common business processes.

q

A

Connects to a single ring (the main one) through a hub

q

A

Bad fragments are created by the attacker and, once reassembled, can cause the victim's system to become unstable.

q

A

It is commonly used to terminate coaxial cables. It is used to connect various types of radio, television and other high-frequency electronic equipment. (Also known as the bayonet-Neill-Concelman connector.)

q

A

We already have cable to your house, so buy this additional internet connection service.

Cable television companies have been bringing television services to homes for years and then began providing data transmission services to users who have cable modems and want to connect to the Internet at high speeds.

q

A

q

A

A network protocol that ensures a loop-free topology for all bridged Ethernet LANs and allows redundant links to be available in the event that connecting links fail.

q

A

q

9🇧🇷 Which of the following shows the sequence of layers as layers 2, 5, 7, 4 and 3?

A🇧🇷 Data connection, session, application, transport and network

B🇧🇷 Data connection, transport, application, session and network

C🇧🇷 Network, session, application, network and transport

D🇧🇷 Network, transport, application, meeting and presentation

A

q

A

I need to talk to you, but I'm here!

Remote connectivity includes various technologies that allow home and remote users to connect to networks that give them access to network resources that help them perform their tasks. In most cases, these users must first access the Internet through an ISP, which connects to the destination network.

q

A

SIP consists of two main components: theUser-Agent-Client (UAC)miUser-Agent-Server (UAS)🇧🇷 UAC is the application that creates the SIP requests to start a communication session. UACs are typically messaging tools and softphone applications that are used to make VoIP calls. The UAS is the SIP server responsible for all routing and signaling of VoIP calls.

q

A

Transition mechanism for migration from IPv4 to IPv6. It allows systems to use IPv6 for communication when their traffic needs to traverse an IPv4 network.

q

A

q

30Which of the following statements best describes the difference between a virtual firewall that works in bridge mode and one built into a hypervisor?

A.Virtual bridging firewall allows the firewall to control individual traffic connections, and hypervisor integration allows the firewall to control all activities that take place on a host system.

B.Virtual Bridged Firewall allows the firewall to control individual network connections, and hypervisor integration allows the firewall to control all activities that take place on a guest system.

C.Virtual bridging firewall allows the firewall to control individual traffic connections, and hypervisor integration allows the firewall to control all activities that take place on a guest system.

D.Virtual bridging firewall allows the firewall to control individual guest systems, and hypervisor integration allows the firewall to control all activities that take place on a networked system.

Extended questions:

A

RIGHTA.Virtual firewalls can be bridging products that monitor individual traffic links between virtual machines, or they can be integrated into the hypervisor of a virtualized environment. The hypervisor is the software component that manages the virtual machine and monitors the execution of the guest system software. When the firewall is integrated into the hypervisor, it can "see" and monitor all activity taking place on the host system.

INCORRECTBis incorrect because the virtual firewall in bridge mode allows the firewall to handle individual traffic connections between hosts and not network connections. Hypervisor integration allows the firewall to control all activity that occurs on a host system, not a guest system.

INCORRECTCis incorrect because the virtual firewall in bridge mode allows the firewall to control individual traffic connections, and the hypervisor integration allows the firewall to control all activities that take place on a host system and not on a guest system. The hypervisor is the software component that manages the virtual machine and monitors the execution of the guest system software. When the firewall is integrated into the hypervisor, it can "see" and monitor all the activities that take place on the system.

INCORRECTDis incorrect because a virtual firewall in bridge mode allows the firewall to control individual traffic between guest systems, and hypervisor integration allows the firewall to control all activity that occurs on a host system and not on a network system.

q

A

A protocol within the IP suite that is used for network device management activities through the use of a framework that uses managers, agents, and management databases.

q

A

q

A

q

A

obluetooth inalambricothe technology is actually based in part on the 802.15 standard. It has a transmission speed of 1 to 3 Mbit/s and works in a range of around ten meters. If you have a Bluetooth-enabled cell phone and a PDA with a calendar function, you can update them without having to physically connect them. For example, if you have added some information to your phone's contact list and task list, simply place the phone next to your PDA. The PDA would detect that the other device was nearby and try to establish a network connection with it. Once connected, a synchronization would take place between the two devices and the PDA would add the new contact list and the to-do list data. Bluetooth works in the frequency band of other 802.11 (2.4 GHz) devices.

q

A

q

A

q

13🇧🇷 Systems based on the OSI framework are considered to be open systems. What does that mean?

A🇧🇷 You do not have any authentication mechanism configured by default.

B🇧🇷 You have interoperability problems.

C🇧🇷 They are built with internationally recognized protocols and standards, so they can easily communicate with other systems.

D🇧🇷 They are built with international protocols and standards, so they can choose what type of systems they communicate with.

A

q

A

Hillis a general term for software running on a device that connects two different environments, often acting as a translator for them or limiting their interactions. A gateway is usually needed when one environment speaks a different language, that is, it uses a specific protocol that the other environment does not understand. The gateway can convert Internetwork Packet Exchange (IPX) protocol packets to IP packets, accept email from one type of email server and format it so that another type of email server can accept and understand it, or Combine different data connection technologies and convert like FDDI to Ethernet.

q

A

This device has two interfaces and sits between an untrusted network and a trusted network to provide secure access. A multi-homed device simply means that it has multiple interfaces. Multi-interface firewalls allow segmentation of the network based on security zones with unique security settings.

q

A

• Copper lines carry purely analog signals.
• T1 lines carry up to 24 calls.
• T3 lines carry up to 28 T1 lines.
• Fiber optic and SONET network.
• ATM over SONET.

q

A

EIGRP is a Cisco proprietary extended distance vector routing protocol. It allows faster router table updates than its IGRP predecessor and minimizes routing jitter that can occur after topology changes. The routers exchange messages containing information about the bandwidth, delay, load, reliability, and maximum transmission unit (MTU) of the path to each destination, as known to the advertising router.

q

A

A media access control method that uses a carrier sniffing scheme. If a transmission system detects another signal during the transmission of a frame, it stops transmitting that frame, sends out an interference signal, and waits a random amount of time before attempting to resend the frame. This reduces collisions on a network.

q

A

Acircuit level proxyestablishes a connection (circle) between the two communication systems. It works at the session layer of the OSI model and monitors traffic from a network-based perspective. This type of proxy cannot "inspect" the content of a packet; Therefore, deep packet inspection is not performed. It can only make access decisions based on the protocol header and the session information available to it. While this means that it can't offer as much protection as an application-layer proxy because it doesn't need to understand application-layer protocols, it is considered application-agnostic. As such, it cannot provide the granular protection that a higher-level proxy can, but it allows for a broader range of protection where application-level proxies may not be appropriate or available.

q

A

q

A

q

A

International standardization of systems-based network communication through a seven-layer modular architecture.

q

A

• 10.0.0.0-10.255.255.255 Class A network
• 172.16.0.0-172.31.255.255 Class B Networks
• 192.168.0.0-192.168.255.255 Class C networks

q

A

A standard Internet protocol used by email clients to retrieve email from a remote server. Email clients using IMAP generally leave messages on the server until specifically deleted by the user.

q

A

Multiple access by code division (CDMA)It was developed after FDMA, and as the term "code" suggests, CDMA assigns each voice call or data transmission a unique code to distinguish it from all other transmissions sent over the cellular network. In a "spread spectrum" CDMA network, calls are distributed over the entire radio frequency band. CDMA allows all network users to use all network channels simultaneously. At the same time, a given cell can interact with several other cells at the same time. These characteristics make CDMA a very powerful technology. It is the key technology for the cellular networks that currently dominate the wireless space.

q

A

q

A

There is no guarantee of performance, delay or delivery. Traffic with priority ratings has priority over traffic that has received that rating. Most of the traffic on the Internet has this classification.

q

Grace is a security administrator for a medical facility and is responsible for several different teams. One team reported that three critical systems went offline when their primary FDDI link failed, even though the link was supposed to provide redundancy. Grace is also expected to advise her staff on the type of fiber to be deployed for building-to-building connectivity on campus. Because it is a medical school, many surgeries are videotaped and this data must be continuously transmitted from building to building. Another thing Grace has been told is that DoS attacks against specific servers within the internal network occur regularly. The attacker sends excessive ICMP ECHO REQUEST packets to all hosts on a given subnet, pointing to a given server.

28🇧🇷 Which of the following is the best and most profitable countermeasure for Grace's team?

A🇧🇷 Network Address Translation

B🇧🇷 Ban ​​unnecessary ICMP traffic from untrusted networks

C🇧🇷 Application-based proxy firewall

D🇧🇷 Filtered subnet with two firewalls from two different providers.

A

q

A

Time Division Multiple Access (TDMA)increases the speed and efficiency of the cellular network by taking channels from the radio frequency spectrum and dividing them into time slots. In different periods, multiple users can share the same channel; Systems within the cell change from user to user, effectively reusing available frequencies. TDMA has increased speeds and quality of service. A common example of TDMA in action is a conversation. One person speaks for a while, then pauses, and then another person speaks. In TDMA systems, time is divided into frames. Each box is divided into slots. TDMA requires that both the source and destination know the start and end time of each slot. Mobile communication systems such as the Global System for Mobile Communications (GSM), Digital AMPS (D-AMPS), and Personal Digital Cellular (PDC) use TDMA.

q

A

Unlike PVCSwitched Virtual Circuits (SVC)they require steps similar to a dial-up and connection process. The difference is that PVC frames set up a fixed path, while using SVC requires the construction of a circuit. It is similar to setting up a phone call over the public network. During the configuration process, the required bandwidth is requested, the destination computer is contacted and must accept the call, a route is determined, and forwarding information is programmed into each switch along the SVC path. SVCs are used for teleconferencing, establishing temporary connections to remote sites, data replication, and voice calls. Once the connection is no longer needed, the circuit is disabled and the switches forget it ever existed.

q

1.Layer 2 of the OSI model has two sublayers. What are these sublayers, and which two IEEE standards describe technologies at this layer?

A.LCL and MAC; IEEE 802.2 and 802.3

B.LCL and MAC; IEEE 802.1 and 802.3

C.Red y MAC; IEEE 802.1 y 802.3

D.LLC by MAC; IEEE E802.2 and 802.3

Extended questions:

A

RIGHTD.The data link layer or layer 2 of the OSI model is responsible for adding a header and a trailer to a packet to prepare the packet for the local area network or wide area network technology binary format for wired transmission. adequate. Layer 2 is divided into two functional sublayers. The upper sublayer is Logical Link Control (LLC) and is defined in the IEEE 802.2 specification. It communicates with the network layer, which sits just above the data link layer. Beneath LLC is the Media Access Control (MAC) sublayer, which specifies the interface to the physical layer protocol requirements. Therefore, the specification of this layer depends on the technology of the physical layer. The IEEE MAC specification for Ethernet is 802.3, Token Ring is 802.5, Wireless LAN is 802.11, etc. Anytime you see a reference to an IEEE standard like 802.11 or 802.16, it refers to the protocol that runs at the MAC sublayer of the data link layer of the protocol stack.

INCORRECTAis incorrect because the LCL is a distractor. The correct acronym for the upper sublayer of the data link layer is LLC. It stands for Logical Link Control. By providing multiplexing and flow control mechanisms, LLC allows network protocols to coexist within a multipoint network and transport them over the same network media.

INCORRECTBis incorrect because the LCL is a distractor. The sublayers of the data link layer are logical link control (LLC) and media access control (MAC). Also, LLC is defined in the IEEE 802.2 specification, not 802.1. The IEEE 802.1 specifications relate to the protocol layers above the MAC and LLC layers. It covers LAN/MAN architecture, network management, connection between LAN and WAN and connection security, etc.

INCORRECTCis incorrect because the network is not a sublayer of the data link layer. The sublayers of the data link layer are logical link control (LLC) and media access control (MAC). LLC sits between the network layer (the layer just above the data link layer) and the MAC sublayer. Also, LLC is defined in the IEEE 802.2 specification, not IEEE 802.1. As just explained, the 802.1 standards address areas of LAN/MAN architecture, network management, the connection between LAN and WAN, and connection security. The four active task groups in the IEEE 802.1 group are Networking, Security, Audio/Video Bridging, and Data Center Bridging.

q

A

DSL offers many types of services. With symmetric services, traffic flows up and down (to and from the Internet or destination) at the same rate. For asymmetric services, the download speed is much faster than the upload speed. In most situations, an asymmetric connection is suitable for home users, since home users tend to download things from the Internet much more often than they upload data.

q

26IPv6 has many new and different features and functionality compared to IPv4. Which of the following is a bad feature or function of IPv6?

i.IPv6 allows scopeless addresses, which allows an administrator, for example, to restrict specific addresses to specific servers or file and printer shares.

ii.IPv6 has integrated IPSec into the protocol stack that provides application-based secure transmission and authentication.

iii.IPv6 has more flexibility and routing capabilities compared to IPv4, and allows the assignment of Quality of Service (QoS) priority values ​​for time-sensitive transmissions.

4. The protocol offers automatic configuration, which greatly simplifies administration compared to IPv4, and does not require Network Address Translation (NAT) to expand its address space.

A.yo, iii

B.myself

C.ii, iii

D.ii, iv

Extended questions:

A

RIGHTB.IPv6 allows for scoped addresses, which allows an administrator to restrict specific addresses to specific servers or file and printer shares, for example. IPv6 has integrated IPSec into the protocol stack, providing end-to-end secure transmission and authentication.

INCORRECTAThat's wrong. IPv6 allows for scoped addresses, which allows an administrator to restrict specific addresses to specific servers or file and printer shares, for example. IPv6 offers more flexibility and routing capabilities, allowing the assignment of Quality of Service (QoS) priority values ​​for time-sensitive transmissions.

INCORRECTCThat's wrong. IPv6 offers more flexibility and routing capabilities, allowing the assignment of Quality of Service (QoS) priority values ​​for time-sensitive transmissions. IPv6 has integrated IPSec into the protocol stack, providing end-to-end secure transmission and authentication.

INCORRECTDis incorrect because IPv6 has IPSec built into the protocol stack that provides end-to-end secure transmission and authentication. The protocol offers self-configuration, which greatly simplifies administration and does not require Network Address Translation (NAT) to expand its address space.

q

A

you walk like this And you, go this way!

A jumper needs to know how to get a frame to its destination, i. h needs to know which port to send the frame to and where the destination host is. Years ago, network administrators had to enter routing paths into bridges so that the bridges would have static routes indicating where frames to different destinations should be forwarded. This was a tedious and error prone task. Today's bridges use transparent bridges.

q

A

The process of replicating databases containing DNS data to a set of DNS servers.

q

The IPv6 specification, as described in RFC 2460, defines the differences and advantages of IPv6 over IPv4. Some of the differences are as follows:

A

• IPv6 increases the size of the IP address from 32 bits to 128 bits to support more levels of the addressing hierarchy, a much larger number of addressable nodes, and easier address autoconfiguration.

q

sixteen.When an organization partitions name zones, its host names, which can only be accessed through an intranet, are hidden from the Internet. Which of the following statements best describes why this happens?

A.To prevent attackers from accessing servers

B.To avoid tampering with the hosts file

C.To prevent attackers from gaining valuable information that could be used to mount an attack

D.To prevent attackers from getting the information they need to cybersquat

Extended questions:

A

RIGHTC.Many companies have their own internal DNS servers to resolve their internal hostnames. These companies also often use your ISP's DNS servers to resolve host names on the Internet. An internal DNS server can be used to resolve host names on the network, but often more than one DNS server is used for load balancing and for redundancy and fault tolerance. With DNS servers, networks are divided into zones. One zone might contain all the host names for the marketing and accounting departments, and another zone might contain the host names for the administrative, research, and legal departments. It's a good idea to split DNS zones whenever possible so that hostnames only accessible from an intranet are not visible from the Internet. This information is valuable to an attacker planning an attack, as it can lead to other information such as network structure, organizational structure, or server operating systems.

INCORRECTAis wrong because it is not the best answer to this question. Namezones are partitioned in such a way that attackers cannot obtain information about internal systems, such as names, IP addresses, roles, etc. One of the secondary attacks after exploiting a DNS server may be unauthorized access to a server, but ensuring unauthorized access to servers only is not the main reason for DNS zone splitting.

INCORRECTBis incorrect as namezone splitting has to do with configuring DNS servers to resolve hostnames and not tamper with the hosts file. The hosts file can be tampered with for many good and bad reasons. The hosts file always maps the hostname's localhost to the IP address 127.0.0.1 (this is the loopback network interface defined in RFC 3330), as well as other hosts. Some viruses add invalid IP addresses of antivirus vendors to the hosts file to avoid detection. By adding frequently visited IP addresses to the hosts file, you can increase your Internet browsing speed. You can also block spyware and ad networks by adding spyware and ad network site lists to the hosts file and assigning them to the loopback network interface. In this way, these websites always point to the user's computer and the websites cannot be accessed.

INCORRECTDis incorrect because hackers do not need information on a DNS server to squat. Cybersquatting occurs when an attacker buys a well-known brand or company name, or a variation thereof, as a domain name in order to sell it to the rightful owner. Meanwhile, the company may be misrepresented to the public. The only way a business can prevent cyberattacks is by registering adjacent domains and domain variations, or through trademark litigation.

q

A

Some kind of redundancy must be created.

q

A

Continuously variable electromagnetic wave that represents and transmits data. The carrier signals vary in gain and frequency.

q

A

Last rule in the rule base that drops and logs traffic that does not match the previous rules.

q

Sean is the new security administrator at a large financial institution. There are several issues that Sean will become aware of in his first week in his new role. First, the rogue packets appear to reach critical servers, even though every network has well-configured firewalls at every gateway location to control traffic to and from those servers. One of Sean's team complains that the current firewall logs are too large and contain useless data. He also tells Sean that the team needs to use rules that are less permissive than the current All rule type. Sean also discovered that some members of the team want to implement tarpits on some of the most commonly attacked systems.

33🇧🇷 Which of the following statements best describes the firewall configuration issues described by Sean's team member?

A🇧🇷 Clean rule, progressive rule

B🇧🇷 Rule of stealth, silent rule

C🇧🇷 Silent rule, denial of the rule

D🇧🇷 Rule of stealth, silent rule

A

33.C🇧🇷 The different types of firewall rules are described below:

•silent reignDrop "noisy" traffic without logging it. This reduces the size of the log by not responding to packets that are considered unimportant.

•Secrecy-RegelDo not allow access to firewall software from unauthorized systems.

•housekeeping ruleThe last rule in the rulebase that drops and logs any traffic that does not match the previous rules.

•negation ruleIt is used in place of the broad and permissive "any rule". Deny rules provide stricter permission rights and determine which system can be accessed and how.

q

A

q

A

The client sends a DHCP Request message to the initial DHCP server that responded to its query.

q

A

q

A

• You cannot prevent attacks that use application-specific vulnerabilities or features.
• The logging capacity present in packet filtering firewalls is limited.
• Most packet filtering firewalls do not support advanced user authentication schemes.
• Many packet filtering firewalls cannot detect spoofed addresses.
• They may not be able to detect packet fragmentation attacks.

q

A

q

Despite all these problems and potential vulnerabilities, many companies allow their employees to use this technology because it allows for fast and effective communication. So if it is absolutely necessary to allow this technology in your environment, there are a few things you can do to reduce the threat level. The following are best practices for protecting an environment from these types of security breaches:

A

• Establish a security policy that imposes restrictions on the use of instant messaging.
• Deploy an integrated antivirus/firewall product to all computers.
• Configure firewalls to block unwanted instant messaging traffic.
• Patch instant messaging software to ensure that the most secure versions are running.
• Deploy corporate IM servers so that internal employees communicate only within the corporate network.
• Only allow instant messaging client software that provides encryption capabilities when protection of this type of traffic is required.

q

A

• A single computer with separate NICs attached to each network.
• It is used to separate a trusted internal network from an untrusted external network.
• You need to disable routing and forwarding on a computer for the two networks to be truly separate.

q

A

aextranetit extends beyond the boundaries of the corporate network to allow two or more companies to share common information and resources. Trading partners often set up extranets to allow communication between companies. An extranet allows trading partners to collaborate on projects; share marketing information; communicate and work together on problems; Postal twists; and share catalogs, pricing structures, and information about upcoming events. Trading partners often useElectronic Data Interchange (EDI), which provides structure and organization for electronic documents, purchase orders, invoices, purchase orders, and a data flow. EDI has evolved to web-based technologies to allow for easy access and simpler methods of communication.

q

A

q

A

Exploitation of fragmentation and reassembly errors within IP, leading to DoS.

q

A

Afirewall-proxy server kernelIt is considered a fifth generation firewall. It differs from all the firewall technologies discussed above in that it creates dynamic, custom network stacks when a packet needs to be evaluated.

q

A

A network protocol used to resolve network layer IP addresses to link layer MAC addresses.

q

A

The cable is encased in a flame retardant plastic jacket that will not release toxic chemicals if burned.

q

A

It is used to subvert packet filters that do not reassemble packet fragments prior to inspection. A malicious snippet overwrites a previously approved snippet and launches an attack on the victim's system.

q

A

When a special program is used to automatically scan a list of phone numbers to search for computers for exploitation and hacking purposes.

q

A

Virtualized environments also need protection.

Many of the network functions discussed so far can be performed in virtual environments. Most people understand that a host system can run virtual guests, allowing multiple operating systems to run simultaneously on the same hardware platform. But the industry has come a long way when it comes to virtualized technology. Routers and switches can be virtualized, which means that you don't actually buy hardware and connect it to your network, but rather implement software products that perform routing and switching functions.

q

A

Multi-service access technologiescombining different types of communication categories (data, voice, and video) in one transmission line. This results in higher performance, lower operating costs, and more flexibility, integration, and control for administrators. The normal telephone system is based on a circuit-switched network centered on the voice calledpublic switched telephone network (PSTN)🇧🇷 PSTN uses circuit switching instead of packet switching. When a phone call is made, it is placed on the PSTN interface, which is the user's phone. This telephone is connected to the subscriber line of the telephone company through a copper cable. Once the signals from that phone call reach the phone company's central office (the end of the subscriber line), they are part of the phone company's circuit-switched world. A connection is established between the source and the destination, and data flows through the same switches while the call is in session.

q

A

Ajars of honeyThe system is a computer that usually sits on the crawled subnet or DMZ and tries to lure attackers there instead of the actual production computers. To make a honeypot attractive to attackers, administrators can open popular ports and services for exploitation. Some honeypots have emulated services, which means that the actual service is not running, but software that acts as those services is available. Honeypot systems can attract the attention of an attacker by presenting themselves as an easily compromised target. They are configured to look like normal enterprise systems, so attackers are drawn to them like bears to honey.

q

A

How many channels can you fit on this single cable?

So analog transmission means data is transmitted as waves, and digital transmission means data is transmitted as discrete electrical pulses. Synchronous transmission means that two devices control their conversations using a clockwork mechanism, and asynchronous means that systems use start and stop bits to synchronize communications. Now let's see how many individual communication sessions can take place at the same time.

q

A

Newer VPN technology isSecure Sockets Layer (SSL), which operates at even higher layers in the OSI model than the VPN protocols discussed above. SSL works at the transport and session layers of the network stack and is primarily used to secure HTTP traffic. SSL capabilities are already built into most web browsers, so implementation and interoperability issues are minimal.

q

A

The network consists of a central device that serves as a channel for the transmission of messages. The central device to which all other nodes are connected provides a common connection point for all nodes.

q

Don is a security manager for a large medical facility. One of his groups develops proprietary software that provides distributed computing through a client/server model. He discovered that some of the systems running proprietary software suffered from semi-open denial of service attacks. Some of the software is outdated and still uses basic remote procedure calls, which made disguised attacks possible.

23🇧🇷 What type of client ports should Don ensure that the institution's software is used when client-server communication is needed?

A🇧🇷 Very well known

B🇬🇧 Registered

C🇧🇷 Dynamic

D. Buch

A

q

A

Direct Sequence Spread Spectrum Direct Sequence Spread Spectrum (DSSS)takes a different approach when applying subbits to a message. The subbits are used by the sending system to create a different format of the data before the data is transmitted. The receiving end uses these subbits to reassemble the signal into the original data format. The subbits are called chips, and the order in which the subbits are applied is called the chipping code.

q

A

• Connection-oriented virtual connections.
• Traffic moves predictably and steadily.
• Fixed delays.
• It usually carries language-oriented data.

q

A

Data travels downstream faster than upstream. Upload speeds range from 128 Kbps to 384 Kbps and download speeds can reach 768 Kbps. Generally used by home users.

q

A

q

quince🇧🇷 Which of the following allows you to pool resources, automate resource provisioning, and rapidly scale processing power up and down to meet the demands of dynamic computing workloads?

A🇧🇷 Software as a Service

B🇧🇷 Network convergence

C. IEEE802.1x

D🇺🇸 ATTACK

A

q

A

A connection-oriented channel that is best used for delay-insensitive applications because the flow of data transfer is not smooth. Customers specify the maximum and sustained data throughput rate required.

q

9.IP telephony networks require the same security measures as those implemented in an IP data network. Which of the following statements is unique to IP telephony?

A.Restrict IP sessions routed through media gateways

B.Identification of unauthorized devices

C.authentication implementation

D.Encryption of packets containing sensitive information

Extended questions:

A

RIGHTA.A media portal is the translation unit between different telecommunication networks. VoIP media gateways perform the conversion between voice Time Division Multiplexing (TDM) to Voice over Internet Protocol (VoIP). As a security measure, the number of calls through the media gateways should be limited. Otherwise, media gateways are vulnerable to denial-of-service attacks, hijacking, and other types of attacks.

INCORRECTBis incorrect because it is necessary to identify unauthorized devices in IP telephony and data networks. On IP telephony networks, you should specifically look for unauthorized IP phones and softphones. Rogue means that these devices are not authorized. As such, they are not managed or protected by IT and can present additional risks to the network. A common rogue device on data networks are wireless access points. A rogue access point can give unauthorized users access to the network.

INCORRECTCis incorrect because authentication is recommended for voice and data networks. In either case, authentication allows you to register users and devices on the network so that you can verify that they are who they say they are when they try to connect to the network. Authentication also allows you to deny access to unauthorized users and devices.

INCORRECTDis incorrect, as sensitive data can be transmitted over a voice or data network and must be encrypted in any case. Spying is a very real threat to VoIP networks. Consider any sales meeting, management meeting, financial meeting, etc. to be done over the phone. Every word spoken in these meetings is vulnerable to eavesdropping. Voice data encryption is one of the best ways to protect this sensitive data.

q

A

Give me your information. I'll take it from here.

oapplication layer, Layer 7, works closer to the user, enabling file transfers, messaging, terminal sessions, and more. This layer does not include the actual applications, but rather the protocols that the applications support. When an application needs to send data over the network, it passes instructions and data to supporting protocols at the application layer. This layer correctly processes and formats the data and passes it to the next layer within the OSI model. This happens until the data that the application layer created contains the essential information that each layer needs to transmit the data over the network. The data is then placed on the network cable and transmitted until it reaches the destination computer.

q

4.Two commonly used network protocols are TCP and UPD. Which of the following statements correctly describes the two?

A.TCP provides the best possible delivery and UDP establishes a virtual connection to the destination.

B.TCP offers more services and is more reliable in data transmission while UDP requires less resources and overhead for data transmission.

C.TCP offers more services and is more reliable, but UDP offers more security services.

D.TCP is reliable and UDP handles flow control and ACKs.

Extended questions:

A

RIGHTB.Two main protocols within the TCP/IP stack operate at the transport layer: TCP and UDP. TCP is a reliable and connection-oriented protocol, which means that it guarantees that packets are delivered to the destination computer. If a packet is lost in transit, TCP can detect this problem and resend the lost or damaged packet. TCP is referred to as a connection-oriented protocol because the handshake takes place between the two communication systems before the user data is actually sent. After a successful handshake, a virtual connection is established between the two systems. UDP is considered a connectionless protocol because it does not follow these steps. Instead, UDP sends messages without first communicating with the destination computer and without knowing whether the packets were correctly received or dropped. TCP provides a reliable full-duplex communication mechanism, and if packets are lost or corrupted, they are resent. However, TCP requires a lot of system overhead compared to UDP. If a developer knows that data loss in transit is not detrimental to the application, he may choose UDP as it is faster and uses fewer resources.

INCORRECTAis incorrect because the descriptions are reversed. UDP is a connectionless protocol that does not send or receive acknowledgments when a datagram is received. There is no guarantee that the data will reach its destination. Offers best effort delivery. TCP is a connection-oriented protocol; It performs the handshake and establishes a virtual connection with the destination computer. It ensures that the data reaches its destination.

INCORRECTCis incorrect because UDP does not provide security services. However, TCP is more reliable and offers more services than UDP. Unlike UDP, TCP guarantees packets reach their destination, returns ACK when a packet is received, and is a reliable protocol. It supports flow and congestion control, as well as error detection and correction.

INCORRECTDis incorrect since the description of UDP describes TCP. UDP does not return ACK and does not guarantee that a packet will reach its destination. It is an unreliable protocol. Also, the destination computer does not communicate with the source computer using flow control over UDP.

q

8🇧🇷 Which of the following technologies is a bridge mode technology that can monitor individual traffic links between virtual machines or be integrated into a hypervisor component?

A🇧🇷 Orthogonal Frequency Division

B🇧🇷 Unified Threat Management-Modem

C. virtual firewalls

D🇧🇷 Internet Security Association and Key Management Protocol

A

q

A

Communication is bi-directional, but only one application can send information at a time.

q

Tom's company had a lot of problems with unauthorized trackers being installed on the network. One reason is that employees can connect their laptops, smartphones and other mobile devices to the network, which can become infected and run trackers unknown to the owners. VPN deployment doesn't work because all network devices should be configured for specific VPNs and some devices, like your switches, don't have that kind of functionality available. Another problem Tom's team is facing is how to protect internal wireless traffic. Although wireless access points can be configured with digital certificates for authentication, sending and managing certificates on each wireless user's device is prohibitively expensive and will place a heavy burden on network personnel. Tom's boss also told him that the company needed to move from a fixed-line solution for metropolitan areas to a wireless solution.

36🇧🇷 Which of the following solutions is the best to meet the needs of the company to secure wireless traffic?

A. EAP-TLS

B. EAP-PEAP

C🇺🇸 JUMP

D. EAP-TTLS

A

q

A

It uses all the bandwidth for a single communication channel and has a low data transfer rate compared to broadband.

q

A

subnetsIt allows dividing large IP ranges into smaller, logical and tangible network segments. Imagine an organization with multiple departments such as IT, accounting, human resources, etc. By creating subnets for each partition, networks are divided into logical partitions that route traffic directly to recipients without distributing data across the network. This drastically reduces the traffic load on the network, reducing the possibility of network congestion and excessive broadcast packets on the network. Even on logically categorized subnets with a tight perimeter, network security policy enforcement is much more effective than on a large, confusing, and complex network.

q

19Today, satellites are used to provide wireless connections between different places. What two requirements are necessary for two different locations to be able to communicate through satellite links?

A.You must be connected to a phone line and have access to a modem.

B.It must be within the position line and the track of the satellite.

C.You must have broadband and a satellite in low earth orbit.

D.It must have a transponder and be within the satellite's footprint.

Extended questions:

A

RIGHTB.For two different locations to communicate via satellite links, they must be within the satellite's line of sight and footprint (the area covered by the satellite). The information transmitter modulates the data into a radio signal that is sent to the satellite. A transponder on the satellite receives this signal, amplifies it, and sends it to the receiver. The receiver must have a specific type of antenna, which is one of those round, bowl-shaped components found on top of buildings. The antenna contains one or more microwave receivers, depending on how many satellites it receives data from. The size of the footprint depends on the type of satellite used. It can be as big as a country or just a few hundred meters in circumference.

INCORRECTAit's wrong because a phone line and modem are not wireless. However, in most cases, satellite broadband is a hybrid system that uses a regular phone line and modem-like technologies to send data and requests from the user's computer, but uses a satellite connection to send data to the user.

INCORRECTCis incorrect as the satellite provides broadband transmission. It is widely used for TV channels and Internet access on PC. While having a satellite in orbit is certainly necessary, and low Earth orbit satellites are commonly used for two-way paging, international cellular communications, television broadcasting, and Internet use, this is not the best answer to this question.

INCORRECTDis incorrect as both locations do not require a transponder. The transponder is located on the satellite itself, the transponder receives a signal, amplifies it and sends it to the receiver. However, both locations must be within the satellite's footprint.

q

A

oapplication layer, Layer 7, works closer to the user, enabling file transfers, messaging, terminal sessions, and more. This layer does not include the actual applications, but rather the protocols that the applications support. When an application needs to send data over the network, it passes instructions and data to supporting protocols at the application layer. This layer correctly processes and formats the data and passes it to the next layer within the OSI model. This happens until the data that the application layer created contains the essential information that each layer needs to transmit the data over the network. The data is then placed on the network cable and transmitted until it reaches the destination computer.

q

A

• FHSS moves data by changing the frequency.
• DSSS takes a different approach, applying subbits to a message and using all available frequencies at the same time.

q

A

q

A

•Software as a Service (SaaS)The provider provides users with access to certain application software (CRM, email, games). The provider offers customers web-based access to a single copy of an application designed specifically for SaaS distribution and consumption.

q

A

q

12Which of the following statements incorrectly describes how routing works in general on the Internet?

A.EGP is used in the areas "between" each AS.

B.Regions of nodes that share properties and behaviors are called AS.

C.CAs are specific nodes responsible for routing to nodes outside of their region.

D.Each AS uses IGP to perform routing functionality.

Extended questions:

A

RIGHTC.A CA, or certificate authority, is a trusted third party that provides digital certificates for use in a public key infrastructure. Certificate authorities have nothing to do with routing. A PKI environment provides a hierarchical trust model but does not handle traffic routing.

INCORRECTAis false because the statement is true. The Exterior Gateway Protocol (EGP) works between each Autonomous System (AS). The Internet architecture that supports these various ASes is designed in such a way that no entity that needs to connect to a particular AS needs to know or understand the internal protocols that may be used. Instead, ASs only need to use the same external routing protocols in order to communicate.

INCORRECTBis false because the statement is true; Regions of nodes (networks) that share properties and behaviors are called Autonomous Systems (AS). These AS are independently controlled by various companies and organizations. An AS consists of computers and devices managed by a single entity that share a common Interior Gateway Protocol (IGP). The boundaries of these AS are bounded by border routers. These routers connect to the border routers of other ASs and perform internal and external routing protocols. Internal routers connect to other routers within the same AS and run internal routing protocols. So in reality the internet is just a network made up of AS and routing protocols.

INCORRECTDis incorrect because the Interior Gateway Protocol (IGP) handles routing tasks within each AS. There are two categories of IGPs: distance vector routing protocols and link state routing protocols. Distance vector routing protocols include Routing Information Protocol (RIP) and Interior Gateway Routing Protocol (IGRP). Routers using these protocols do not have information about the general topology of the network. By contrast, nodes using link-state routing protocols have information about the entire network topology. Examples of these protocols are Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS).

q

A

q

A

q

A

A routing protocol used in packet-switched networks in which each router creates a connectivity map within the network and calculates the best logical paths that make up its routing table.

q

A

An email validation system to prevent spam by detecting email spoofing, a common vulnerability, by checking sender IP addresses.

q

A

• Handle multiple VPN connections simultaneously
• Provides secure authentication and encryption.
• Only supports IP networks
• Focuses on LAN-to-LAN communication instead of user-to-user
• Works at the network layer and provides security over IP

q

A

Switched Multimegabit Data Service (SMDS)It is a high-speed packet switching technology that allows customers to extend their LANs between MANs and WANs. For example, if a company has an office in one state that needs to communicate with an office in another state, the two LANs can use this packet-switched protocol to communicate over the existing public network. This protocol is connectionless and can provide bandwidth on demand.

q

A

Most cable providers comply with thisData Over Cable Service Interface (DOCSIS) Specifications., an international telecommunications standard that allows high-speed data transmission to be added to an existing cable television (CATV) system. DOCSIS includes MAC layer security services in its Basic Security/Privacy Interface (BPI/SEC) specifications. This protects individual user traffic by encrypting data as it travels through the provider's infrastructure.

q

A

Common LAN media access technology standardized by IEEE 802.3. It uses 48-bit MAC addressing, works in contention-based networks, and has only been extended to LAN environments.

q

A

A person uses a single standard SSL connection to a website to securely access various network services. The website accessed is often called a portal because it is a single place that provides access to other resources. The remote user accesses the SSL VPN gateway through a web browser, is authenticated, and then receives a web page that acts as a portal to the other services.

q

A

q

19🇧🇷 Which of the following functions is not part of the Protected Extensible Authentication Protocol?

A🇧🇷 Authentication protocol used in wireless networks and peer-to-peer connections

B🇧🇷 Designed to provide authentication for 802.11 wireless networks

C🇧🇷 Designed to support 802.1X port access control and transport layer security

D🇧🇷 Designed to support password protected connections

A

q

A

Multiple access by code division (CDMA)It was developed after FDMA, and as the term "code" suggests, CDMA assigns each voice call or data transmission a unique code to distinguish it from all other transmissions sent over the cellular network. In a "spread spectrum" CDMA network, calls are distributed over the entire radio frequency band. CDMA allows all network users to use all network channels simultaneously. At the same time, a given cell can interact with several other cells at the same time. These characteristics make CDMA a very powerful technology. It is the key technology for the cellular networks that currently dominate the wireless space.

q

2🇧🇷 How does TKIP provide more protection for WiFi environments?

A🇧🇷 It uses the AES algorithm.

B🇧🇷 Decreases IV size and uses AES algorithm.

C🇧🇷 Add more key images.

D🇺🇸 Uses MAC and IP filtering.

A

q

A

q

A

q

A

• Voice and data integration
• Packet switching technology instead of line switching

q

A

AbasebandThe technology uses the entire communication channel for its transmission, whereas aband langesThe technology divides the communication channel into individual and independent sub-channels, allowing the simultaneous transmission of different types of data. Baseband only allows one signal to be transmitted at a time, while broadband transmits multiple signals on different sub-channels. For example, a coaxial cable television (CATV) system is a broadband technology that provides multiple television channels over the same cable. This system can also provide home users with Internet access, but this data is transmitted on a different frequency spectrum than TV channels.

q

A

This IP is not good for me! I need a MAC!

On a TCP/IP network, each computer and network device requires a unique IP address and a unique physical hardware address. Each NIC has a unique physical address that is programmed into the card's ROM chips by the manufacturer. The physical address is also mentioned.Media Access Control (MAC)Family. The network layer works and understands IP addresses, and the data link layer works and understands physical MAC addresses. So how do these two types of addresses work together, since they work on different levels?

q

Grace is a security administrator for a medical facility and is responsible for several different teams. One team reported that three critical systems went offline when their primary FDDI link failed, even though the link was supposed to provide redundancy. Grace is also expected to advise her staff on the type of fiber to be deployed for building-to-building connectivity on campus. Because it is a medical school, many surgeries are videotaped and this data must be continuously transmitted from building to building. Another thing Grace has been told is that DoS attacks against specific servers within the internal network occur regularly. The attacker sends excessive ICMP ECHO REQUEST packets to all hosts on a given subnet, pointing to a given server.

27🇧🇷 Which of the following types of fiber optics is best suited to this scenario?

A. single player mode

B. multimode

C🇺🇸 optical carrier

D. SONET

A

q

A

SMTP Authentication (SMTP-AUTH)It was designed to provide an access control mechanism. This extension includes an authentication feature that allows clients to authenticate with the mail server before sending an email. Servers that use the SMTP AUTH extension are configured to require their clients to use the extension to authenticate the sender.

q

4🇧🇷 Why are switched infrastructures more secure environments than routed networks?

A🇧🇷 It's harder to detect traffic because computers have virtual private connections.

B🇧🇷 They are as insecure as environments without a switch.

C🇧🇷 The encryption of the data connection does not allow espionage.

D🇧🇷 Switches are smarter than bridges and implement security mechanisms.

A

q

A

q

A

q

A

q

10Cross-site scripting (XSS) is an application security vulnerability commonly found in web applications. What type of XSS vulnerability occurs when a victim is tricked into opening a URL programmed with an unauthorized script to steal sensitive information?

A.Persistent XSS vulnerability

B.Non-persistent XSS vulnerability

C.second order vulnerability

D.DOM-based vulnerability

Extended questions:

A

RIGHTB.XSS attacks allow an attacker to inject their malicious code into vulnerable websites. When an unsuspecting user visits the infected site, malicious code is executed in the victim's browser and can steal cookies, hijack sessions, execute malware, bypass access control, or exploit browser vulnerabilities. There are three different XSS vulnerabilities: persistent, non-persistent, and DOM-based. A non-persistent vulnerability (also known as a reflected vulnerability) occurs when an attacker tricks a victim into opening a URL programmed with an unauthorized script in order to steal the victim's sensitive information, e.g. B. a cookie or session ID. The principle behind this attack is to exploit the lack of proper input or output validation on dynamic websites. An XSS attack like this can deal massive damage. Stolen cookies can lead to compromised webmail systems, flooded blogs, and leaked bank accounts. Most of the phishing attacks are caused by XSS vulnerabilities.

INCORRECTAis false as a persistent vulnerability targets websites that allow users to input data stored in a database or a similar location, such as a forum or message board. The code for this type of attack can be processed automatically without having to lure the user to a third-party website. The best way to overcome the XSS vulnerability is through safe programming practices. Web application developers must ensure that all user input is filtered. Only a limited set of known and safe characters should be allowed user input.

INCORRECTCis incorrect because a second-order vulnerability is another name for a persistent XSS vulnerability that targets websites that allow users to input data stored in a database.

INCORRECTDis false because in a DOM-based XSS vulnerability, the attacker uses the Document Object Model (DOM) environment to modify the original JavaScript on the client side. This causes the victim's browser to execute the resulting malicious JavaScript code. Therefore, cross-site attacks can be used to exploit vulnerabilities in the victim's web browser. Once the attacker has successfully compromised the system, the attacker can further penetrate other systems on the network or execute scripts that can spread throughout the internal network. On the client side, the most effective way to prevent XSS attacks is to disable scripting support in the browser. If this is not possible, proxy servers can be used for content filtering.

q

A

q

A

Set of technologies that provide Internet access by transmitting digital data over the cables of a local telephone network. DSL is used to digitize the "last mile" and to provide a fast connection to the Internet.

q

A

The provision of computer processing resources as a service rather than a product, where shared resources, software and information are made available to end users as a utility. Offerings are often grouped as infrastructure, platform, or software.

q

A

Adaptive rate function that adapts the transmission speed to the quality and length of the line.

q

A

A set of techniques used to protect an existing DHCP infrastructure by tracking physical locations to ensure that only authorized DHCP servers can be reached and that hosts only use the addresses assigned to them.

q

A

q

A

A switchboard serving a particular business makes connections between internal telephones and connects them to the public switched telephone network (PSTN) through trunks.

q

A

q

41🇧🇷 Wireless LAN technologies have gone through several iterations over the years to address some of the security issues inherent in the original IEEE 802.11 standard. Which of the following provides the correct features of Wi-Fi Protected Access 2 (WPA2)?

A. IEEE 802.1X, WEP, MAC

B. IEEE 802.1X, EAP, TKIP

C. IEEE 802.1X, EAP, WEP

D. IEEE 802.1X, EAP, CCMP

A

q

A

• packet filtering
• civic
• Attorney
• Dynamic packet filtering
• proxy does kernel

q

A

It divides the bandwidth of a communication channel into multiple channels, allowing different types of data to be transmitted simultaneously.

q

A

q

A

q

A

A version of the FDDI,Copper Distributed Data Interface (CDDI), it can work with UTP cabling. While FDDI would be used more like MAN, CDDI can be used in a LAN environment to connect network segments.

q

A

q

1🇧🇷 What does it mean when someone says they were the victim of a bluejacking attack?

A🇧🇷 A spam message was sent.

B🇧🇷 A cell phone has been cloned.

C🇧🇷 An instant messaging channel introduced a worm.

D🇧🇷 The traffic has been analyzed.

A

q

A

• Telnet-Puerto 23
• SMTP-Puerto 25
• Puerto HTTP 80
• SNMP ports 161 and 162
• FTP ports 21 and 20

q

A

q

A

A type of DoS attack on a computer that sends oversized or malformed ICMP packets to a target.

q

A

A circuit-switched telephone network system technology developed to enable digital transmission of voice and data over ordinary copper telephone lines.

q

A

q

A

The structured transfer of data between organizations. It is considered the strictly standardized format of electronic documents and is widely used in supply chains between customers, vendors, and suppliers.

q

A

q

A

Extensible Authentication Protocol (EAP)it is also supported by PPP. In fact, EAP is not a specific authentication protocol like PAP and CHAP. Rather, it provides a framework that allows the use of many types of authentication techniques when establishing network connections. As the name suggests, it extends the authentication capabilities of the standard (PAP and CHAP) to include other methods, such as one-time passwords, token cards, biometrics, Kerberos, digital certificates, and future mechanisms. So if a user connects to an authentication server and they both have EAP capabilities, they can negotiate between a longer list of possible authentication methods.

q

A

It has two ports, and each port provides a connection for the primary and secondary rings.

q

A

q

A

This guy gets hit first; it better be tough.

A system is considered as aWirt BastionIf it's a highly exposed device, it's more likely to be targeted by attackers. The closer a system is to an untrusted network like the Internet, the more likely it is to be seen as a potential target, since it has fewer layers of protection to protect it. If a system is on the public side of a DMZ or directly connected to an untrusted network, it is considered a bastion host; therefore, it must be extremely blocked.

q

A

It is used to transmit audio and video over IP-based networks. It is used in conjunction with RTCP. RTP carries the media data and RTCP is used to monitor streaming statistics and QoS and helps synchronize multiple data streams.

q

A

Device-based network communication standardization through a four-layer modular architecture. Specific to the IP packet created by a United States Department of Defense (DoD) agency in 1970.

q

Lance has been hired as the new security officer for a large medical device company. He was informed that many of the firewalls and IDS products were not configured to filter IPv6 traffic; Therefore, many attacks occurred without the knowledge of the security team. Although the network team has tried to implement an automatic tunneling feature to fix this issue, they are still encountering problems with the NAT device on the network. Lance also discovered that caching attacks against the company's public DNS server were successful. Lance also noted that while current LDAP requests require additional authentication, current technology only offers password-based authentication options.

39🇧🇷 Which of the following is the best countermeasure for the type of attack discussed in the scenario?

A. DNSSEC

B. IPSec

C🇧🇷 Split server setup

D🇧🇷 Disable zone transfers

A

q

A

• Higher data speeds
• Use of OFDMA technology

q

A

q

13Both de facto embedded and proprietary protocols are used today. Which of the following is a proprietary internal protocol that chooses the best path between source and destination?

A.IGRP

B.TEAR

C.BGP

D.OSPF

Extended questions:

A

RIGHTA.Interior Gateway Routing Protocol (IGRP) is a distance vector routing protocol developed and owned by Cisco Systems. While Routing Information Protocol (RIP) uses one criteria to find the best path between source and destination, IGRP uses five criteria to make the "best path" decision. A network administrator can weight these various metrics to make the protocol work best in that specific environment.

INCORRECTBis incorrect because the Routing Information Protocol (RIP) is non-proprietary. RIP is a standard that describes how routers exchange routing table information and is considered a distance vector protocol; h calculates the shortest distance between the source and the destination. It is considered a legacy protocol due to its slow performance and lack of functionality. It should only be used in small networks. RIP version 1 has no authentication and RIP version 2 sends passwords in clear text or encrypted with MD5.

INCORRECTCis incorrect because Border Gateway Protocol (BGP) is an Exterior Gateway Protocol (EGP). BGP allows routers in different ASs to share routing information to ensure effective and efficient routing between different networks. Internet service providers often use BGP to route data from one place on the Internet to another.

INCORRECTDis incorrect because Open Shortest Path First (OSPF) is non-proprietary. OSPF uses link state algorithms to send routing table information. Using these algorithms allows for smaller and more frequent routing table updates. This provides a more stable network than RIP, but requires more memory and CPU resources to support this additional processing. OSPF enables a hierarchical routing network that has a trunk connecting all the subnets. OSPF is the protocol of choice and has replaced RIP in many networks today. Authentication can be done with clear text passwords, encrypted passwords, or you can configure no authentication on routers that use this protocol.

q

A

q

A

• Segment a large network into smaller, more manageable units.
• It uses filtering based on MAC addresses.
• It unifies different types of network connections while maintaining the same transmission domain.
• Isolates collision domains within the same broadcast domain.
• Bridging functionality can occur locally within a LAN or remotely to connect two remote LANs.
• You can translate between protocol types.

q

A

Transition mechanism for migration from IPv4 to IPv6. It allows systems to use IPv6 for communication when their traffic needs to traverse an IPv4 network, but also performs its function behind NAT devices.

q

A

One popular type of gateway is an email gateway. Because different email providers have their own syntax, message format, and way of delivering messages, email gateways are required to convert messages between email server software. Suppose David, whose corporate network uses Sendmail, writes an email message to Dan, whose corporate network uses Microsoft Exchange. The email gateway converts the message to a standard that all email servers understand, usually X.400, and forwards it to Dan's email server.

q

A

• data = letter
• IP = envelope with address
• red = sistema postal

q

A

Sesource routingallowed, the packets contain the information needed to tell the bridge or router where to go. Packets retain routing information so they can find their way to their destination without bridges and routers having to dictate their routes. If the computer wants to dictate its routing information instead of relying on a bridge, how is it supposed to know the correct path to the destination computer? The source computer sends out scout packets that arrive at the destination computer. These packets contain the route information the packets had to take to reach their destination, including any bridges and/or routers they had to traverse. The destination computer then sends those packets back to the source computer, and the source computer takes the routing information, puts it into the packets, and sends it to the destination.

q

Don is a security manager for a large medical facility. One of his groups develops proprietary software that provides distributed computing through a client/server model. He discovered that some of the systems running proprietary software suffered from semi-open denial of service attacks. Some of the software is outdated and still uses basic remote procedure calls, which made disguised attacks possible.

25🇧🇷 What should Don's team do to stop the masked attacks that are taking place?

A🇧🇷 Dynamic Packet Filter Firewall

B🇧🇷 ARP-Spoofing-Schutz

C🇧🇷 Disable unnecessary ICMP traffic on border routers

D. SRPC

A

q

A

q

A

• Proxy is not required for each protocol.
• Do not provide the deep inspection capabilities of an application layer proxy.
• Provide security for a variety of protocols.

q

A

NAT software has a pool of IP addresses, but instead of statically mapping a public address to a specific private address, it works on a first-come, first-served basis. So, when Bob needs to communicate over the Internet, his system makes a request to the NAT server. The NAT server takes the first IP address in the list and assigns it to Bob's home address. The balancing act is estimating how many computers are likely to need to communicate outside of the internal network at the same time. This estimate is the number of public addresses the company buys versus buying one public address for each computer.

q

A

It is used in place of the broad and permissive "any rule". Deny rules provide stricter permission rights and determine which system can be accessed and how.

q

A

q

27Hanna is the new director of security for a computer consulting company. She noted that the company had a history of losing intellectual property because malicious employees installed unauthorized devices on the network that were used to intercept sensitive traffic. Hanna needs to implement a solution that ensures that only authorized devices have access to the corporate network. Which of the following IEEE standards was developed for this type of protection?

A.IEEE 802.1AR

B.IEEE802.1AE

C.IEEE 802.1AF

D.IEEE802.1XR

Extended questions:

A

RIGHTA.The IEEE 802.1AR standard specifies unique device identifiers (DevIDs) and the management and cryptographic binding of a device (router, switch, access point) to its identifiers. A unique and verifiable device identity allows you to build trust in the device; Thus, it facilitates the secure deployment of devices. A Secure Device Identifier (DevID) is cryptographically associated with a device and helps authenticate the identity of the device. Locally significant identities can be securely associated with a manufacturer-supplied initial DevID and can be used in provisioning and authentication protocols to allow a network administrator to establish trust of a device and select appropriate policies for sending and receiving data and protocols to control to and from the device. .

INCORRECTBis incorrect because 802.1AE is the IEEE MAC Security (MACSec) standard that defines a security infrastructure to provide data confidentiality, data integrity, and data origin authentication. Where a VPN connection provides protection at the higher network layers, MACSec provides hop-by-hop protection at Layer 2.

INCORRECTCis incorrect because 802.1AR provides a unique identification for a device. 802.1AE provides data encryption, integrity, and origin authentication capabilities. 802.1AF performs key agreement functions on the session keys used for data encryption. Each of these standards provides specific parameters for working within an 802.1X EAP-TLS framework.

INCORRECTDis incorrect because it is a distracting answer. This is not a valid pattern.

q

18What is not an advantage of VoIP?

A.Cost

B.convergence

C.flexibility

D.security

Extended questions:

A

RIGHTD.Voice over Internet Protocol (VoIP) refers to transmission technologies that provide voice communications over IP networks. IP telephony uses technologies similar to TCP/IP, so its vulnerabilities are similar. The voice system is vulnerable to application tampering (eg, fraud and call blocking), unauthorized administrative access, and incorrect implementation. With respect to networks and media, it is also vulnerable to denial of service attacks on the gateways and network resources. Snooping is also a problem, as traffic is sent in clear text unless encrypted.

INCORRECTAis incorrect because cost is an advantage of VoIP. Using VoIP means that a business only has to pay for and maintain one network, rather than one network for data transmission and another network for voice transmission. Telephony features such as conference calling, call forwarding, and automatic redialing are free in open source VoIP implementations, while traditional telcos charge more. And finally, VoIP costs are lower due to billing. VoIP calls are billed by the megabyte, while regular phone calls are billed by the minute. In general, it is cheaper to send data over the Internet for a certain amount of time than to use a normal phone for the same amount of time.

INCORRECTBis incorrect because convergence is an advantage of VoIP. Convergence refers to the merging of the traditional IP network with the traditional analog telephone network. This is an advantage because a business no longer has to pay for or maintain separate networks for data and voice. Although convergence saves money and administrative overhead, certain security issues must be understood and addressed.

INCORRECTCis wrong, because flexibility is an advantage of VoIP. The technology easily supports multiple phone calls over a single broadband Internet connection without the need to add additional lines. It also offers location independence. All you need to get a WAN or MAN dial-up connection from a VoIP provider is a proper internet connection. VoIP can also be integrated with other Internet services such as video chat, in-call file sharing, and audio conferencing.

q

A

IncompleteCables generally have a polyvinyl chloride (PVC) jacket, while plenum cables have fluoropolymer jackets. When setting up a network or expanding an existing network, it's important to know what types of cables are required in each situation.

q

A

An SMTP server configured to allow anyone on the Internet to send email, not just messages destined for or from known users.

q

A

Variable-length subnet mask used to divide a network into subnets of different sizes. The goal is to increase the efficiency of IP address usage, since classical addressing schemes often result in unused addresses.

q

2.Which of the following is not an effective countermeasure against spam?

A.open mail relay server

B.Correctly configured mail relay servers

C.Filtering on an email gateway

D.Filter non-customer

Extended questions:

A

RIGHTA.An open mail relay server is not an effective countermeasure against spam; In fact, they are often used by spammers to spread spam, as they allow an attacker to hide their identity. An open mail relay is an SMTP server configured to allow incoming SMTP connections from anyone to anyone on the Internet. This is how the internet was originally set up, but many repeaters are now configured correctly to prevent attackers from using them to spread spam or pornography.

INCORRECTBis incorrect because a properly configured mail relay server will only allow mail destined for and from known users. In this way, a closed mail relay server helps prevent the spread of spam. To be considered closed, an SMTP server must be configured to accept messages from local IP addresses to local mailboxes, from local IP addresses to non-local mailboxes, from known and trusted IP addresses to local mailboxes, and from authenticated and authorized clients that are accepted and forwarded. Servers left open are considered the result of system mismanagement.

INCORRECTCis incorrect because implementing spam filters in an email gateway is the most common anti-spam countermeasure. This helps protect network and server capacity, reduces the risk of losing legitimate email, and saves users time. There are several commercial spam filters available based on a variety of algorithms. Filtering software accepts email as input and forwards the message to the recipient without modifying it, redirects the message for delivery elsewhere, or discards the message.

INCORRECTDis false because client-side filtering is a countermeasure against spam. In fact, filtering can be done at the gateway, which is the most popular method, at the mail server, or at the client. There are also different filtering methods. Keyword-based filtering was once a popular method, but is now deprecated as it is prone to false positives and can be easily avoided by spammers. More sophisticated filters are now used. They are based on statistical analysis or analysis of email traffic patterns.

q

A

Systems to protect critical production systems. When two or more honeypots are used together, this is considered a honeynet.

q

A

LAN media access technology that controls network communication traffic through the use of token frames. This technology has been largely superseded by Ethernet.

q

A

•Platform as a Service (PaaS)Cloud providers provide a computing platform that can include an operating system, database, and web server as a holistic execution environment. Where IaaS is the "raw IT network", PaaS is the software environment that runs on the IT network.

q

A

q

A

A network configuration service for hosts on IP networks. It provides IP addressing, DNS servers, subnet mask, and other important network configuration data for each host through automation.

q

A

q

A

q

A

By using glass,fiberglassCables have higher transmission speeds that allow signals to travel longer distances. Fiber optic cables are not as affected by attenuation and EMI as copper cables. It does not radiate signals like UTP cable and is difficult to intercept; Therefore, fiber optic cabling is much more secure than UTP, STP, or coaxial.

q

A

WantIt is a type of attack similar to phishing that attempts to trick victims into revealing sensitive information through a social engineering attack. The victim may receive a pre-recorded message on their phone indicating that there has been suspicious activity on their credit card, bank account or other financial account. The victim is instructed to call a specific phone number, where they must enter identification data. The identifying information is typically the associated account number, PIN, and/or password value. The victim believes that this data is being sent to a trusted source such as her bank, but it is actually recorded by an attacker who uses it for fraudulent activities.

q

A

q

A

q

A

Drop "noisy" traffic without logging it. This reduces the size of the log by not responding to packets that are considered unimportant.

q

A

• Mostly voice, some slow data (circuit switched)
• phones were smaller
• Added email, paging, and caller ID features.

q

John is the head of his company's security team. He discovered that the attackers had installed trackers on the network without the company's knowledge. Along with this issue, his team also discovered that two DNS servers had no record replication restrictions and the servers were caching suspicious name resolution data.

31🇧🇷 Which of the following is the best action John's team should take to protect themselves from improper caching issues?

A. PKI

B🇧🇷 DHCP-Snooping

C🇧🇷 ARP Protection

D. DNSSEC

A

q

A

I want my switch to do everything, even muffins.

Layer 2 switches only have the intelligence to forward a frame based on its MAC address and do not have a better understanding of the network as a whole. A Layer 3 switch has the intelligence of a router. Not only can you forward packets based on their IP addresses, but you can also choose routes based on availability and performance. A Layer 3 switch is essentially a router on steroids, as it offloads route-finding functionality to the more efficient switching hardware layer.

q

A

q

A

A collection of associated IP routing prefixes under the control of one or more operators that provide a well-defined, common routing policy for the Internet. They are clearly identified on the Internet as individual networks.

q

A

The protocol that makes important routing decisions on the Internet. It maintains a table of IP networks or "prefixes" that indicate the accessibility of the network between Autonomous Systems (AS).

q

A

Attack method that allows an attacker to circumvent and control a communication session between two systems.

q

A

A media access control method that uses a carrier sniffing scheme. A system wishing to transmit data must first listen to the channel for a predetermined period of time to determine whether or not another system is transmitting on the channel. If the channel is recognized as "inactive", the system can start the transmission process. If the channel is detected as "busy", the system defers its transmission for a random period of time.

q

A

NOTICE Bandwidthrefers to the number of electrical pulses that can be transmitted over a connection in one second, and these electrical pulses carry individual bits of information. Bandwidth is the data transmission capacity of a connection and is commonly associated with the number of frequencies available and the speed of a connection.data transfer rateis the actual amount of data that can be transferred over this connection. Data transfer rate values ​​can be higher than bandwidth values ​​when compression mechanisms are implemented. However, when connections are heavily congested or experiencing interference issues, throughput values ​​may be lower. Both bandwidth and data transfer rate are measured in bits per second.

q

A

A type of DDoS attack on a computer that floods the target system with bogus ICMP broadcast packets.

q

A

q

A

modems offprovide high-speed Internet access up to 50 Mbps over existing coaxial and fiber optic lines. The cable modem provides up and down conversions.

q

A

A hierarchical distributed naming system for computers, services, or other resources connected to an IP-based network. It associates various data with the domain names assigned to each of the participating entities.

q

A

q

A

• It works at the transport layer and primarily protects web-based traffic.
• Granular access control and configuration is available
• Easy to implement as SSL is already built into web browsers
• It can only protect a small number of protocol types, so it is not an infrastructure-level VPN solution.

q

A

A routing protocol that calculates routes based on distance (or number of hops) and a vector (an address).

q

28There are common models of cloud computing services. _______________ often requires companies to implement their own operating systems, applications, and software in addition to the infrastructure provided. _________________ is the software environment that runs on the infrastructure. In the __________ model, the provider typically provides customers with web-based access to a single copy of an application.

A.Platform as a Service, Infrastructure as a Service, Software as a Service

B.Platform as a Service, Platform as Software, Application as a Service

C.Infrastructure as a Service, Application as a Service, Software as a Service

D.Infrastructure as a Service, Platform as Software, Software as a Service

Extended questions:

A

RIGHTD.The most common cloud service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

INCORRECTAis incorrect because these elements are not in the correct order. With infrastructure as a service (IaaS), cloud providers offer the infrastructure environment of a traditional data center in an on-demand delivery method. Companies implement their own operating systems, applications, and software on top of this provided infrastructure and are responsible for its maintenance.

INCORRECTBis incorrect as the most common cloud service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). There are no Platform as Software or Application as a Service models. Those are distractors. Platform as a Service (PaaS) is when cloud providers provide a computing platform that can include an operating system, database, and web server as a holistic execution environment. Where IaaS is the "raw IT network", PaaS is the software environment that runs on the IT network.

INCORRECTCis incorrect as the most common cloud service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). There is no model called Platform as Software. With Software as a Service (SaaS), the provider gives users access to certain application software (CRM, email, games). The provider offers customers web-based access to a single copy of an application designed specifically for SaaS distribution and consumption.

q

A

A sublayer of the data communications protocol of the data link layer specified in the OSI model. It provides hardware addressing and channel access control mechanisms that allow multiple nodes to communicate over a multi-access network containing a shared medium.

q

A

A standard that addresses call signaling and control, multimedia transport and control, and bandwidth control for point-to-point and multipoint conferencing.

q

A

• Each protocol to monitor must have a unique proxy.
• Offers more protection than line-level proxy firewalls.
• They require more processing per packet and are therefore slower than a line-level proxy firewall.

q

A

aWLAN ad-hocdoes not have access points; Wireless devices communicate with each other through their wireless network cards rather than through a centralized device. To build an ad hoc network, wireless client software is installed on the contributing hosts and configured for peer-to-peer mode of operation. Then, on a Windows platform, the user clicks on My Network Places and the software searches for other hosts that operate in this similar mode and displays them to the user.

q

A

RIP is a standard that describes how routers exchange routing table information and is considered a distance vector protocol; h calculates the shortest distance between the source and the destination. It is considered a legacy protocol due to its slow performance and lack of functionality. It should only be used in small networks. RIP version 1 has no authentication and RIP version 2 sends passwords in clear text or with MD5 hashes.

q

A

The NAT software has a set of public IP addresses configured. Each private address is statically mapped to a specific public address. Therefore, computer A always gets the public address x, computer B always gets the public address y, and so on. This is typically used for servers that must always maintain the same public address.

q

A

How are we supposed to connect all these devices together?

The physical arrangement of computers and devices is known asnetwork topology🇧🇷 Topology refers to the way a network is physically connected and shows the layout of resources and systems. There is a difference between the physical network topology and the logical topology. A network can be configured as a physical star but logically function as a ring, as in token ring technology.

q

A

q

A