Which section of a security policy is used to specify that only authorized individuals should have access to enterprise data? statement of scope statement of authority Internet access policy acceptable…
A flood of packets with invalid source IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of…
What kind of ICMP message can be used by threat actors to perform network reconnaissance and scanning attacks? ICMP redirects ICMP unreachable ICMP mask reply ICMP router discovery Answers Explanation…
Which network monitoring tool is in the category of network protocol analyzers? SNMP SPAN Wireshark SIEM Answers Explanation & Hints: Wireshark is a network protocol analyzer used to capture network…
What are two monitoring tools that capture network traffic and forward it to network monitoring devices? (Choose two.) SIEM Wireshark SNMP SPAN network tap Answers Explanation & Hints: A network…
Which two statements describe access attacks? (Choose two.) Port redirection attacks use a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN.…
Match the network security testing technique with how it is used to test network security. (Not all options are used.) Answers Explanation & Hints: Network scanning tools are used to…
In an attempt to prevent network attacks, cyber analysts share unique identifiable attributes of known attacks with colleagues. What three types of attributes or indicators of compromise are helpful to…
What are two shared characteristics of the IDS and the IPS? (Choose two.) Both are deployed as sensors. Both analyze copies of network traffic. Both use signatures to detect malicious…
Which statement describes a typical security policy for a DMZ firewall configuration? Traffic that originates from the outside interface is permitted to traverse the firewall to the inside interface with…
What is the purpose of CSMA/CA? to prevent collisions to prevent loops to filter traffic to isolate traffic Answers Explanation & Hints: CSMA/CA stands for carrier sense multiple access with…
A router has received a packet destined for a network that is in the routing table. What steps does the router perform to send this packet on its way? Match…
What are two differences between HTTP and HTTP/2? (Choose two.) HTTP/2 uses different status codes than HTTP does to improve performance. HTTP/2 uses a compressed header to reduce bandwidth requirements.…
Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to an external server at the IP address…
Refer to the exhibit. A cybersecurity analyst is viewing captured packets forwarded on switch S1. Which device has the MAC address d8:cb:8a:5c:d5:8a?router DG PC-A router ISP web server DNS server…
What is a characteristic of DNS? DNS relies on a hub-and-spoke topology with centralized servers. DNS servers can cache recent queries to reduce DNS query traffic. All DNS servers must…
Why is DHCP preferred for use on large networks? Large networks send more requests for domain to IP address resolution than do smaller networks. DHCP uses a reliable transport layer…
What kind of message is sent by a DHCPv4 client requesting an IP address? DHCPDISCOVER broadcast message DHCPDISCOVER unicast message DHCPOFFER unicast message DHCPACK unicast message Answers Explanation & Hints:…
What is the TCP mechanism used in congestion avoidance? three-way handshake socket pair two-way handshake sliding window Answers Explanation & Hints: TCP uses windows to attempt to manage the rate…
Which network monitoring tool saves captured network frames in PCAP files? Wireshark SNMP NetFlow SIEM Answers Explanation & Hints: Wireshark is a network protocol analyzer used to capture network traffic.…