Network & Security Foundations Exam Test Question

A router's primary purpose in a network is:

To route data packets between multiple networks

Highlight a principal advantage of Software as a Service (SaaS).

No need for individual installations or updates

Which command is employed for DNS resolution of a domain name to its IP address?

nslookup

In which network topology do packets navigate device-to-device until reaching their destination?

Ring

Within a client/server architecture, the role of client devices is to:

Request and utilize server-provided services

To verify a computer's network connection and responsiveness, which command is suitable for a network technician?

ping

In Peer-to-Peer (P2P) architecture, configuration is:

Decentralized, with each device requiring individual configuration

At which OSI model layer does the MAC (Media Access Control) Address operate?

data link layer

To obtain the IP Address of a Windows machine, which command is necessary?

ipconfig

Identify the network type connecting computer networks and LANs across broad geographical expanses.

wide Area Network (WAN).

Which cloud service model fits best for software development entities aiming to build and test applications without handling the underlying Infrastructure?

Platform as a Service (PaaS)

Which situation are STP cables preferred over UTP cables?

In environments with significant electromagnetic interference

To follow the journey of packets from origin to destination on Windows, which command is applied?

tracert

The Presentation layer's role in the OSI model includes:

Formatting, encrypting, and decrypting data

What does Infrastructure as a Service (IaaS) offer consumers?

Compared to Twisted Pair cables, fiber optic cables offer:

Enhanced data transmission speed and extended cabling distance

A network topology where all nodes are connected to a central device is known as:

star

What function does a firewall serve in a network?

Traffic filtration in accordance with rule sets

Put the OSI layers in the correct order starting with Layer 7 and going down.

Application, Presentation, Session, Transport, Network, Data Link, Physical.

To inspect active TCP connections on a Windows PC, which command is appropriate for a network admin?

netstat

For gigabit network compatibility, the minimum Ethernet cable category required is:

Category 5e

In cloud computing, what defines the hybrid cloud model in terms of where IT assets are located?

Mix of on-premises and cloud-based services for IT assets

To obtain a Linux machine's IP Address, which command must a network admin execute?

ifconfig

In the TCP/IP model, which OSI layers are merged into the Application layer?

Session, Presentation, and Application layers

Comparing device roles in P2P and client/server networks regarding resource sharing:

In P2P, devices serve dual roles; in client/server, roles are more strictly defined

To display the mapping of IP Addresses to MAC Addresses on a Windows system, which command should be used?

arp

How is a community cloud defined?

Shared among multiple organizations with similar objectives

Which network type is commonly employed for device interconnection within a single building?

A local area network (LAN)

Which network type is used for short-distance device communication, such as connecting wireless earbuds to a smartphone?

Personal Area Network (PAN)

An IP Address functions at which OSI model layer?

Network layer

To link multiple buildings, which network type is utilized?

campus area network (CAN)

Define a Type 1 hypervisor.

Direct hardware-level virtualization management software

Identify a type of UTP cable

Cat6 cable

At which OSI model layer does connection management (connection establishment, maintenance, and teardown) with remote devices occur?

Presentation layer

How do OSI and TCP/IP model layer counts compare?

The OSI model has seven layers, while the TCP/IP model has four or five layers

In a client/server architecture, the configuration is:

Centralized, with configuration performed on a central server and disseminated to all devices

What distinguishes a public cloud model?

Accessible over the public internet to anyone interested in subscribing

Which cloud deployment often utilizes exclusive (non-shared) hardware?

Private cloud

For wireless LAN connectivity, which device is typically used?

WAP

Which network topology enables multiple data paths between any two devices to safeguard against link failure?

Mesh

Which type of DoS attack involves sending oversized or malformed ping packets to crash the target system?

Ping of Death

Which exploit includes using breaching the network cable and using a packet sniffer to listen and record the traffic on the network?

Wiretapping

Checksums and cryptographic hashes are primarily used to ensure:

integrity

During a penetration test, the tester uses a well-known software tool to gain unauthorized access to the network. This tool is considered:

an exploit

How does Zero Trust handle internal and external threats?

Treats all network traffic with the same level of suspicion

What best describes RBAC (Role-Based Access Control)?

A system where access controls are based on the job function of users within an organization

In a secure email exchange, if Alice wants to ensure only Bob can read her message, she should encrypt it using which key?

Bob’s public key

A user must enter a security question answer to retrieve a forgotten password. This form of authentication relies on:

Something you know

Tom is trying to access a sensitive report from his company's server. Which part of the AAA framework is responsible for verifying Tom's credentials before granting access?

Authentication

A network administrator sets up a firewall to block all incoming connections that do not originate from within the network. Which type of firewall can check whether a packet is part of an established connection?

Stateful inspection firewall

Which of the following is NOT typically considered a part of device hardening?

Increasing the number of open ports

For data that is at rest, what is the best method to protect the confidentiality of data?

Encryption

Place the wireless encryptions in order from the weakest to the strongest

wep,wpa,wpa2,wpa3

A university's IT department suspects a rogue access point may be operating on campus. What should they implement?

A Wireless Intrusion Prevention System (WIPS)

In the context of IT security, separation of duties is essential because it:

Helps prevent any one individual from having too much control over a critical process

A mobile banking app is designed to terminate all active sessions and require re-authentication after detecting any unauthorized access attempts. What principle does this illustrate?

Fail-safe

At a software company, which of the following practices best exemplifies separation of duties in incident response?

One team detects and reports security incidents, while a different team analyzes and responds to these incidents.

If a company installs a state-of-the-art firewall, it is primarily engaged in:

Risk mitigation

An organization is setting up a firewall capable of analyzing individual packets and the association in which these packets are grouped. Which type of access control is being utilized?

Context-based

What distinguishes asymmetric encryption from symmetric encryption?

Employs different keys for encryption and decryption

An organization requires a firewall that can allow or deny packets based on administrator-defined rules for IP addresses and protocols. Which type should they use?

Packet filtering firewall

In an information security policy document, what must each sub-policy clearly contain to meet compliance and clarity requirements?

The specific compliance obligations the sub-policy fulfills

A large number of ICMP Echo requests originating from a spoofed IP address are flooding a network. What traditional network security tool can help mitigate this type of ICMP Ping flood attack?

Firewall with ICMP filtering capabilities

Which strong wireless encryption protocol uses the same encryption key for all device on the wireless network?

WPA2

A company develops an encryption software that uses a simple, well-understood algorithm instead of multiple complex algorithms. This strategy primarily enhances security through which principle?

Economy of Mechanism

During a security review, the IT department uses records to track back an unauthorized data breach to a specific user's account. Which AAA service provides this capability?

Accounting

A large e-commerce company, preparing for an upcoming holiday sale, is concerned about the potential for DoS/DDoS attacks that could disrupt their services. What is the most effective strategy they should implement to mitigate the risk of such attacks?

Monitor normal traffic patterns

An organization is adjusting its information security policies to adhere to the requirements of the Personal Information Protection and Electronic Documents Act (PIPEDA).

Under PIPEDA, what is the organization required to do?

Establish adequate security measures for the protection of stored personal data

A company’s security policy requires that all incoming and outgoing messages be inspected for harmful content like viruses and spyware before they reach the desktops. Which firewall should they deploy?

application level firewall

A local library has previously fallen victim to war chalking, where unauthorized individuals marked the exterior with symbols indicating an unsecured Wi-Fi network. To prevent future incidents and secure their network against unauthorized access, what should the library implement?

Implement WPA2 or WPA3 wireless encryption

What layer of protection could be considered the last line of defense in a well-implemented security in depth strategy?

data encryption at rest

Tom accesses his workplace computer using a fingerprint scan. The security system he interacts with uses which type of authentication?

something you are

Which technology is essential for achieving effective Zero Trust architecture?

MFA

What capability does an IPS have that an IDS lacks?

Blocking detected threats automatically

According to the Personal Information Protection and Electronic Documents Act (PIPEDA), personal information must be protected by:

Appropriate security safeguards

What is a primary reason attackers set up rogue access points in public places like cafes and airports?

To capture personal and financial information from unsuspecting users

A software developer attempts to access the customer database but is denied. What part of the AAA framework is responsible for this decision?

authorization

What distinguishes DAC (Discretionary Access Control) from other access control models?

it allows file owners to control access

After implementing a mandatory complex password policy, a company notices many employees writing down their passwords. The company decides to allow less complex passwords with two-factor authentication to ensure the authentication system is more user-friendly. Which principle is being reinforced?

Psychological acceptability

What are the two wireless infrastructure modes?

infrastructure and ad hoc

If a small business owner chooses to ignore minor security risks associated with a less critical part of the business because the cost to address them would outweigh the potential loss, what is this an example of?

risk acceptance

.A network firewall analyzes each packet against a set of security criteria, such as source IP Address, destination IP address, or port number before deciding to allow or block. This approach is known as:

rule-based access control