Here you will find answers to Security Fundamentals
Which classes does the U.S. government place classified data into? (Choose three)
Answer: B C D
Data should be classified so that administrators can do their best to secure that data. Below is a common way to classify data that many governments, including the military, use:
- Unclassified: Data that has little or no confidentiality, integrity, or availability requirements and therefore little effort is made to secure it.
- Sensitive But Unclassified (SBU): Data that could prove embarrassing if revealed, but no great security breach will occur.
- Confidential: Data that must comply with confidentiality requirements. This is the lowest level of classified data in this scheme.
- Secret: Data for which you take significant effort to keep secure. The number of individuals who have access to this data is usually considerably fewer than the number of people who are authorized to access confidential data.
- Top secret: Data for which you make great effort and sometimes incur considerable cost to guarantee its secrecy. Usually a small number of individuals have access to top-secret data, on condition that there is a need to know.
But in the U.S, the government only classifies data into three levels: Confidential, Secret and Top Secret.
Which method is of gaining access to a system that bypasses normal security measures?
A. Creating a back door
B. Starting a Smurf attack
C. Conducting social engineering
D. Launching a DoS attack
A back door is a method of bypassing normal authentication to secure remote access to a computer while attempting to remain undetected. The most common backdoor point is a listening port that provides remote access to the system for users (hackers) who do not have, or do not want to use, access or administrative privileges.
Which statement is true about a Smurf attack?
A. It sends ping requests to a subnet, requesting that devices on that subnet send ping replies to a target system.
B. It intercepts the third step in a TCP three-way handshake to hijack a session.
C. It uses Trojan horse applications to create a distributed collection of “zombie” computers, which can be used to launch a coordinated DDoS attack.
D. It sends ping requests in segments of an invalid size.
Smurf attacks use ICMP echo request packets directed at IP broadcast addresses from a remote site. The intent is to cause DoS. The smurf program builds a network packet that appears to originate from another address (this is known as spoofing an IP address). The packet contains an ICMP ping message that is addressed to an IP broadcast address, meaning all IP addresses in a given network. The echo responses to the ping message are sent back to the “victim” address. Enough pings and resultant echoes can flood the network making it unusable for real traffic.
With the increasing development of network, various network attacks appear. Which statement best describes the relationships between the attack method and the result?
|1||Identify operating systems|
|2||Determine live hosts|
|3||Determine potential vulnerabilities|
|5||Identify active services|
Ping Sweep – 1 and 3
Port Scan – 2, 4 and 5
Ping Sweep – 2 and 4
Port Scan – 1, 3 and 5
Ping Sweep – 1 and 5
Port Scan – 2, 3 and 4
Ping Sweep – 2 and 3
Port Scan – 1, 4 and 5
Ping sweep: ping a series of IP addresses. Ping replies might indicate to an attacker that network resources can be reached at those IP addresses.
Port scan: Searching a network host for open ports. A port scan seeks to identify all listening ports on an identiﬁed host. Port scans often help attackers identify the operating system running on the target system. An attacker might perform a port scan to determine what services are available at speciﬁc IP addresses. For example, the Telnet application communicates on TCP port 23, and Simple Mail Transfer Protocol (SMTP) communicates on TCP port 25…
Which one is the most important based on the following common elements of a network design?
A. Business needs
B. Best practices
C. Risk analysis
D. Security policy
Business goals and risk analysis drive the need for network security. Regardless of the security implications, business needs must come first. The security system design must accommodate the goals of the business, not hinder them.
Business needs mean “what does your organization want to do with the network?”
How does CLI view differ from a privilege level?
A. A CLI view supports only commands configured for that specific view, whereas a privilege level supports commands available to that level and all the lower levels.
B. A CLJ view supports only monitoring commands, whereas a privilege level allows a user to make changes to an IOS configuration.
C. A CLI view and a privilege level perform the same function. However, a CU view is used on a Catalyst switch, whereas a privilege level is used on an IOS router.
D. A CLI view can function without a AAA configuration, whereas a privilege level requires AAA to be configured.
What are four methods used by hackers? (Choose four)
A. social engineering attack
B. Trojan horse attack
C. front door attacks
D. buffer Unicode attack
E. privilege escalation attack
F. footprint analysis attack
Answer: A B E F
Social engineering: Using social skills to manipulate people inside the network to provide the information needed to
access the network. For example, an outside attacker calls a receptionist and pretends to be a member of the company’s IT department, and he convinces the receptionist to tell him her username and password. The attacker then can use those credentials to log into the network.
Trojan horse: a piece of software that appears to be a legitimate application but that also performs some unseen malicious functions.
Privilege escalation: An attacker compromises another subsystem and then, through this compromised subsystem, attacks the application.
Footprinting is the process of gathering all available information about a target. A simple example is to use google or yahoo search engine to locate information about employees or the organization itself.
Which protocol will use a LUN as a way to differentiate the individual disk drives that comprise a target device
In computer storage, a logical unit number (LUN) is an address for an individual disk drive and, by extension, the disk device itself. The term is used in the SCSI protocol as a way to differentiate individual disk drives within a common SCSI target device, such as a disk array.
Which VoIP components can permit or deny a call attempt on the basis of a network’s available bandwidth?
C. Application server
Which option ensures that data is not modified in transit