Which security protocol is used in VPNs and is a combination of Microsoft’s Point-to-Point Tunneling Protocol and Cisco’s Layer 2 Forwarding? Show A) IPSec Which authentication protocol uses a locally stored shared secret that is encrypted? A)
PAP D) A network consisting of enterprise networks for the exchange of products, services, and business information (B2B) Which of the following statements best describes an extranet VPN? A) A network that services a single company A) A network that services a single company Which of the following statements best
describes an intranet? A) A network that services a single company C) Deny any public addresses Which of the following is NOT a recommended configuration for an Access Control List (ACL) used to protect a private network from the Internet? A) Deny any address from your local network When discussing tunneling protocols, which of the
following is considered a payload protocol? A) L2TP Which of the following VPN types is used to provide secure access to resources for partners and vendors? A) Extranet Which security protocol is used only to protect a session between a web browser
and a web server? A) L2TP Which of the following protocols creates two sessions and uses GRE to secure the session? A) L2TP At what layer of the OSI model does IPSec operate? A) Session At what layer of the OSI model does IPSec operate? A) Session B) A secure space between a LAN and the Internet Which statement best describes a DMZ? A) A way to filter out line noise E) All workstations, servers, and firewalls Which network devices
should you install antivirus software on if you want to maximize protection from virus attacks? A) All workstations only A) one in which the intent is to access data on a server Which of the following accurately describes a DoS attack? A) one in which the intent is to access data on a server Which of the following attacks employ the ICMP protocol exclusively? A Tribe Flood Network attack is a type of ________ attack. A) DoS Which of the following types of viruses will result in an “operating system not found“ message at startup? A) boot-sector virus Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure? Which of the following devices is MOST likely being used when processing the following? 1 PERMIT IP ANY ANY EQ 80 2 DENY IP ANY ANY The security administrator at ABC company received the following log information from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal 10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force 10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack? Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic? Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model? The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements? Which of the following network design elements allows for many internal devices to share one public IP address? Which of the following is a best practice when securing a switch from physical access? Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website? Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this? Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task? Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network? HIPS on each virtual machine Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network? An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here? In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization? When performing the daily review of the system vulnerability scans of the network Joe, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Joe researches the assigned vulnerability identification number from the vendor website. Joe proceeds with applying the recommended solution for identified vulnerability. Which of the following is the type of vulnerability described? The network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed? Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario? Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue? Which the following flags are used to establish a TCP connection? (Select TWO). Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites? Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal? The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure? The default block page on the URL filter Layer 7 devices used to prevent specific types of html tags are called: Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete’s access to this site? A review of the company’s network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose? Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model? Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE). Proxies, Firewall, URL filtering A security engineer is reviewing log data and sees the output below: POST: /payload.php HTTP/1.1 HOST: localhost Accept: */* Referrer: http://localhost/ ******* HTTP/1.1 403 Forbidden Connection: close Log: Access denied with 403. Pattern matches form bypass Which of the following technologies was MOST likely being used to generate this log? An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start? Implement an intrusion prevention system A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability? Use the following answer for this simulation task. Source IP Destination IP Port number TCP/UDP Allow/Deny 10.4.255.10/24 10.4.255.101 443 TCP Allow 10.4.255.10/23 10.4.255.2 22 TCP Allow 10.4.255.10/25 10.4.255.101 Any Any Allow 10.4.255.10/25 10.4.255.102 Any Any Allow Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network. Three possible actions can be taken based on the rule’s criteria: Block the connection Allow the connection Allow the connection only if it is secured TCP is responsible for providing a reliable, one-to-one, connection-oriented session. TCP establishes a connection and ensures that the other end receives any packets sent. Two hosts communicate packet results with each other. TCP also ensures that packets are decoded and sequenced properly. This connection is persistent during the session. When the session ends, the connection is torn down. UDP provides an unreliable connectionless communication method between hosts. UDP is considered a best-effort protocol, but it’s considerably faster than TCP. The sessions don’t establish a synchronized session like the kind used in TCP, and UDP doesn’t guarantee error-free communications. The primary purpose of UDP is to send small packets of information. The application is responsible for acknowledging the correct reception of the data. Port 22 is used by both SSH and SCP with UDP. Port 443 is used for secure web connections – HTTPS and is a TCP port. Thus to make sure only the Accounting computer has HTTPS access to the Administrative server you should use TCP port 443 and set the rule to allow communication between 10.4.255.10/24 (Accounting) and 10.4.255.101 (Administrative server1) Thus to make sure that only the HR computer has access to Server2 over SCP you need use of TCP port 22 and set the rule to allow communication between 10.4.255.10/23 (HR) and 10.4.255.2 (server2) Thus to make sure that the IT computer can access both the Administrative servers you need to use a port and accompanying port number and set the rule to allow communication between: 10.4.255.10.25 (IT computer) and 10.4.255.101 (Administrative server1) 10.4.255.10.25 (IT computer) and 10.4.255.102 (Administrative server2) References: Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 77, 83, 96, 157 HOTSPOT HOTSPOT The security administrator has installed a new firewall which implements an implicit DENY policy by default. Click on the firewall and configure it to allow ONLY the following communication. 1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks. 2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port 3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port. Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit. Once you have met the simulation requirements, click save and then Done to submit. Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443. Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port 22 Rule #3 & Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers Which of the following firewall rules only denies DNS zone transfers? A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic. Which of the following would accomplish this task? Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor? Write a firewall rule to allow the vendor to have access to the remote site. A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another? Virtual switches with VLANs A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is MOST likely the reason for the sub-interfaces? The switch has several VLANs configured on it. Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend? Create a VLAN for the SCADA The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented? Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO). A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application’s task. Which of the following is the security administrator practicing in this example? An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network? Implement port security on the switches At an organization, unauthorized users have been accessing network resources via unused network wall jacks. Which of the following would be used to stop unauthorized access? On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure, and that there are no outages. Which of the following is the MOST likely cause for this issue? The Remote Authentication Dial-In User Service server certificate has expired. A company determines a need for additional protection from rogue devices plugging into physical ports around the building. Which of the following provides the highest degree of protection from unauthorized wired network access? While configuring a new access layer switch, the administrator, Joe, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens? A network administrator wants to block both DNS requests and zone transfers coming from outside IP addresses. The company uses a firewall which implements an implicit allow and is currently configured with the following ACL applied to its external interface. PERMIT TCP ANY ANY 80 PERMIT TCP ANY ANY 443 Which of the following rules would accomplish this task? (Select TWO). Change the firewall default settings so that it implements an implicit deny, Add the following ACL at the bottom of the current ACLDENY IP ANY ANY 53 Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL? PERMIT TCP ANY HOST 192.168.0.10 EQ 80 PERMIT TCP ANY HOST 192.168.0.10 EQ 443 It implements an implicit deny. The Human Resources department has a parent shared folder setup on the server. There are two groups that have access, one called managers and one called staff. There are many sub folders under the parent shared folder, one is called payroll. The parent folder access control list propagates all subfolders and all subfolders inherit the parent permission. Which of the following is the quickest way to prevent the staff group from gaining access to the payroll folder? Implicit deny on the payroll folder for the staff group A company has several conference rooms with wired network jacks that are used by both employees and guests. Employees need access to internal resources and guests only need access to the Internet. Which of the following combinations is BEST to meet the requirements? Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished? A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement? Joe, a security administrator, believes that a network breach has occurred in the datacenter as a result of a misconfigured router access list, allowing outside access to an SSH server. Which of the following should Joe search for in the log files? An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to combine the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal? Unified Threat Management An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to integrate the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal? Unified Threat Management A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network? Which of the following devices would MOST likely have a DMZ interface? A security analyst needs to ensure all external traffic is able to access the company’s front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended? Which of the following network architecture concepts is used to securely isolate at the boundary between networks? When designing a new network infrastructure, a security administrator requests that the intranet web server be placed in an isolated area of the network for security purposes. Which of the following design elements would be implemented to comply with the security administrator’s request? Which of the following BEST describes a demilitarized zone? A buffer zone between protected and unprotected networks. Which of the following would allow the organization to divide a Class C IP address range into several ranges? Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO). Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains? Server 1: 192.168.100.6 Server 2: 192.168.100.9 Server 3: 192.169.100.20 Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks? A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO). Create a server VLAN, Create an ACL to access the server A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices. Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees’ devices are connected? Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL? Create three VLANs on the switch connected to a router An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used? Pete, a security administrator, is informed that people from the HR department should not have access to the accounting department’s server, and the accounting department should not have access to the HR department’s server. The network is separated by switches. Which of the following is designed to keep the HR department users from accessing the accounting department’s server and vice-versa? According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this? Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10. DIAGRAM PC1 PC2 [192.168.1.30]--------[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]---------[10.2.2.10] LOGS 10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN 10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK 10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK Given the above information, which of the following can be inferred about the above environment? The router implements NAT. An administrator wishes to hide the network addresses of an internal network when connecting to the Internet. The MOST effective way to mask the network address of the users would be by passing the traffic through a: A security analyst is reviewing firewall logs while investigating a compromised web server. The following ports appear in the log: 22, 25, 445, 1433, 3128, 3389, 6667 Which of the following protocols was used to access the server remotely? Which of the following is a programming interface that allows a remote computer to run programs on a local machine? Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers? Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic? An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue? A computer is put into a restricted VLAN until the computer’s virus definitions are up-to-date. Which of the following BEST describes this system type? Which of the following is required to allow multiple servers to exist on one physical server? A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff? The server administrator has noted that most servers have a lot of free disk space and low memory utilization. Which of the following statements will be correct if the server administrator migrates to a virtual server environment? The administrator may spend more on licensing but less on hardware and equipment. Due to limited resources, a company must reduce their hardware budget while still maintaining availability. Which of the following would MOST likely help them achieve their objectives? Pete, a security engineer, is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally, the MAC addresses of all five servers appear on the same switch port. Which of the following is MOST likely the cause? The system is virtualized. Which of the following offers the LEAST amount of protection against data theft by USB drives? A company’s business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services. Which of the following network elements would be used to support the new business model? The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements? An IT director is looking to reduce the footprint of their company’s server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement? Infrastructure as a Service Which of the following offerings typically allows the customer to apply operating system patches? Infrastructure as a service Which of the following technologies can store multi-tenant data with different security requirements? Multi-tenancy is a concept found in which of the following? Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks? Concurrent use of a firewall, content filtering, antivirus software and an IDS system would be considered components of: A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure? Configuring the mode, encryption methods, and security associations are part of which of the following? A company’s legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Select TWO). A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports? Matt, a security administrator, wants to configure all the switches and routers in the network in order to securely monitor their status. Which of the following protocols would he need to configure on each device? A recent vulnerability scan found that Telnet is enabled on all network devices. Which of the following protocols should be used instead of Telnet? Which of the following is BEST used as a secure replacement for TELNET? A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access? A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO). A network technician is on the phone with the system administration team. Power to the server room was lost and servers need to be restarted. The DNS services must be the first to be restarted. Several machines are powered off. Assuming each server only provides one service, which of the following should be powered on FIRST to establish DNS services? When reviewing security logs, an administrator sees requests for the AAAA record of www.comptia.com. Which of the following BEST describes this type of record? Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network? A security engineer, Joe, has been asked to create a secure connection between his mail server and the mail server of a business partner. Which of the following protocol would be MOST appropriate? Which of the following protocols is used to authenticate the client and server’s digital certificate? An administrator configures all wireless access points to make use of a new network certificate authority. Which of the following is being used? An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols? Which of the following is the MOST secure protocol to transfer files? FTP/S uses which of the following TCP ports by default? Which of the following protocols allows for secure transfer of files? (Select TWO). After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely. Which of the following is the MOST likely reason the PC technician is unable to ping those devices? A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario? A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68. Which of the following replies has the administrator received? Which of the following protocols is used by IPv6 for MAC address resolution? Which of the following protocols allows for the LARGEST address space? Pete, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host? TCP port 80 and TCP port 443 Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections? A network administrator is asked to send a large file containing PII to a business associate. Which of the following protocols is the BEST choice to use? Which of the following is a difference between TFTP and FTP? TFTP utilizes UDP and FTP uses TCP. Which of the following is the default port for TFTP? A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal? Block port 23 on the network firewall A security analyst noticed a colleague typing the following command: `Telnet some-host 443’ Which of the following was the colleague performing? A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall. A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this? DRAG DROP DRAG DROP Drag and drop the correct protocol to its default port. Drag and drop the correct protocol to its default port. FTP uses TCP port 21. Telnet uses port 23. SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25. Port 69 is used by TFTP. SNMP makes use of UDP ports 161 and 162. References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 45, 51 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default? A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed? Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened on the firewall in order for this VPN to function properly? (Select TWO). After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall? A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? Which of the following ports is used for SSH, by default? By default, which of the following uses TCP port 22? (Select THREE). Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall? Which of the following uses port 22 by default? (Select THREE). Which of the following ports should be used by a system administrator to securely manage a remote server? Which of the following ports is used to securely transfer files between remote UNIX systems? Which of the following secure file transfer methods uses port 22 by default? During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic? A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO). A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue? Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites? A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO). Ann, a technician, is attempting to establish a remote terminal session to an end user’s computer using Kerberos authentication, but she cannot connect to the destination machine. Which of the following default ports should Ann ensure is open? Which of the following protocols operates at the HIGHEST level of the OSI model? Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation? A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place? Which of the following is a step in deploying a WPA2-Enterprise wireless network? Install a digital certificate on the authentication server Which of the following best describes a demilitarized zone DMZ?Which of the following BEST describes this new network? Explanation: A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet.
How do I access my DMZ server from the Internet?To set up a default DMZ server:. Launch a web browser from a computer or mobile device that is connected to your router's network.. Enter the router user name and password. The user name is admin. ... . Select ADVANCED > Setup > WAN Setup. ... . Select the Default DMZ Server check box.. Type the IP address.. Click the Apply button.. What is the minimum number of interfaces in a typical DMZ configuration?DMZ Designs
Single firewall: A modest approach to network architecture involves using a single firewall, with a minimum of 3 network interfaces.
Which of the following network services are commonly placed in DMZ?Any service provided to users on the public internet should be placed in the DMZ network. External-facing servers, resources and services are usually located there. Some of the most common of these services include web, email, domain name system, File Transfer Protocol and proxy servers.
|
Which of the following BEST describes who can access the DMZ in the enterprise network
zusammenhängende Posts
Urheberrechte © © 2024 de.apacode Inc.
