IT-341 Module-10 Chapter-10 (Cisco)

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/36

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

37 Terms

1
New cards

Which attack encrypts the data on hosts in an attempt to extract a monetary payment from the victim?

a. DDoS

b. Data breach

c. Malware

d. Ransomware

d. Ransomware

2
New cards

Which devices are specifically designed for network security? (Choose three)

a. VPN-enabled router

b. NGFW

c. Switch

d. WLC

e. NAC

a. VPN-enabled router

b. NGFW

e. NAC

3
New cards

Which device monitors SMTP traffic to block threats and encrypt outgoing messages to prevent data loss?

a. NGFW

b. ESA

c. NAC

d. WSA

b. ESA

4
New cards

Which device monitors HTTP traffic to block access to risky sites and encrypt outgoing messages?

a. NGFW

b. ESA

c. NAC

d. WSA

d. WSA

5
New cards

Which AAA component is responsible for collecting and reporting usage data for auditing and billing purposes?

a. Authentication

b. Authorization

c. Accounting

c. Accounting

6
New cards

Which AAA component is responsible for controlling who is permitted to access the network?

a. Authentication

b. Authorization

c. Accounting

a. Authentication

7
New cards

Which AAA component is responsible for determining what the user can access?

a. Authentication

b. Authorization

c. Accounting

b. Authorization

8
New cards

In an 802.1X implementation, which device is responsible for relaying responses?

a. Supplicant

b. Authenticator

c. Router

d. Authentication server

e. Client

b. Authenticator

9
New cards

Which of the following mitigation techniques are used to protect Layer 3 through Layer 7 of the OSI Model? (Choose three.)

a. DHCP snooping

b. VPN

c. Firewalls

d. IPSG

e. IPS devices

b. VPN

c. Firewalls

e. IPS devices

10
New cards

Which of the following mitigation techniques prevents many types of attacks including MAC address table overflow and DHCP starvation attacks?

a. IPSG

b. DHCP snooping

c. DAI

d. Port security

d. Port security

11
New cards

Which of the following mitigation techniques prevents MAC and IP address spoofing?

a. IPSG

b. DHCP snooping

c. DAI

d. Port security

a. IPSG

12
New cards

Which of the following mitigation techniques prevents ARP spoofing and ARP poisoning attacks?

a. IPSG

b. DHCP snooping

c. DAI

d. Port security

c. DAI

13
New cards

Which of the following mitigation techniques prevents DHCP starvation and DHCP spoofing attacks?

a. IPSG

b. DHCP snooping

c. DAI

d. Port security

b. DHCP snooping

14
New cards

What is the behavior of a switch as a result of a successful MAC address table attack?

a. The switch will shut down.

b. The switch interfaces will transition to the error-disabled state.

c. The switch will forward all received frames to all other ports within the VLAN.

d. The switch will drop all received frames.

c. The switch will forward all received frames to all other ports within the VLAN.

15
New cards

What would be the primary reason a threat actor would launch a MAC address overflow attack?

a. So that the threat actor can see frames that are destined for other devices.

b. So that the threat actor can execute arbitrary code on the switch.

c. So that the switch stops forwarding traffic.

d. So that legitimate hosts cannot obtain a MAC address.

a. So that the threat actor can see frames that are destined for other devices.

16
New cards

What mitigation technique must be implemented to prevent MAC address overflow attacks?

a. IPSG

b. DAI

c. Port security

d. DHCP snooping

c. Port security

17
New cards

A threat actor changes the MAC address of the threat actor's device to the MAC address of the default gateway. What type of attack is this?

a. Address spoofing

b. ARP spoofing

c. CDP reconnaissance

d. DHCP starvation

e. STP attack

f. VLAN hopping

a. Address spoofing

18
New cards

A threat actor sends a BPDU message with priority 0. What type of attack is this?

a. Address spoofing

b. ARP spoofing

c. CDP reconnaissance

d. DHCP starvation

e. STP attack

f. VLAN hopping

e. STP attack

19
New cards

A threat actor leases all the available IP addresses on a subnet. What type of attack is this?

a. Address spoofing

b. ARP spoofing

c. CDP reconnaissance

d. DHCP starvation

e. STP attack

f. VLAN hopping

d. DHCP starvation

20
New cards

A threat actor sends a message that causes all other devices to believe the MAC address of the threat actor's device is the default gateway. What type of attack is this?

a. Address spoofing

b. ARP spoofing

c. CDP reconnaissance

d. DHCP starvation

e. STP attack

f. VLAN hopping

b. ARP spoofing

21
New cards

A threat actor configures a host with the 802.1Q protocol and forms a trunk with the connected switch. What type of attack is this?

a. Address spoofing

b. ARP spoofing

c. CDP reconnaissance

d. DHCP starvation

e. STP attack

f. VLAN hopping

f. VLAN hopping

22
New cards

A threat actor discovers the IOS version and IP addresses of the local switch. What type of attack is this?

a. Address spoofing

b. ARP spoofing

c. CDP reconnaissance

d. DHCP starvation

e. STP attack

f. VLAN hopping

c. CDP reconnaissance

23
New cards

What two protocols are supported on Cisco devices for AAA communications? (Choose two.)

a. VTP

b. LLDP

c. HSRP

d. RADIUS

e. TACACS+

d. RADIUS

e. TACACS+

24
New cards

Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack?

a. HTTP

b. CDP

c. FTP

d. LLDP

b. CDP

25
New cards

When security is a concern, which OSI Layer is considered to be the weakest link in a network system?

a. Layer 4

b. Layer 2

c. Layer 3

d. Layer 7

b. Layer 2

26
New cards

Which Layer 2 attack will result in a switch flooding incoming frames to all ports?

a. ARP poisoning

b. IP address spoofing

c. MAC address overflow

d. Spanning Tree Protocol manipulation

c. MAC address overflow

27
New cards

Why is authentication with AAA preferred over a local database method?

a. It uses less network bandwidth.

b. It requires a login and password combination on the console, vty lines, and aux ports.​

c. It provides a fallback authentication method if the administrator forgets the username or password.

d. It specifies a different password for each line or port.

c. It provides a fallback authentication method if the administrator forgets the username or password.

28
New cards

In a server-based AAA implementation, which protocol will allow the router to successfully communicate with the AAA server?

a. SSH

b. RADIUS

c. TACACS

d. 802.1x

b. RADIUS

29
New cards

Which Cisco solution helps prevent MAC and IP address spoofing attacks?

a. Port Security

b. DHCP Snooping

c. IP Source Guard

d. Dynamic ARP Inspection

c. IP Source Guard

30
New cards

What is the purpose of AAA accounting?

a. To collect and report application usage

b. To determine which resources the user can access

c. To prove users are who they say they are

d. To determine which operations the user can perform

a. To collect and report application usage

31
New cards

Which Layer 2 attack will result in legitimate users not getting valid IP addresses?

a. ARP spoofing

b. DHCP starvation

c. IP address spoofing

d. MAC address flooding

b. DHCP starvation

32
New cards

Which three Cisco products focus on endpoint security solutions? (Choose three.)

a. IPS Sensor Appliance

b. Web Security Appliance

c. Email Security Appliance

d. SSL/IPsec VPN Appliance

e. Adaptive Security Appliance

f. NAC Appliance

b. Web Security Appliance

c. Email Security Appliance

f. NAC Appliance

33
New cards

True or False?
In the 802.1X standard, the client attempting to access the network is referred to as the supplicant.

True

34
New cards

What is involved in an IP address spoofing attack?

a. A legitimate network IP address is hijacked by a rogue node.

b. A rogue node replies to an ARP request with its own MAC address indicated for the target IP address.

c. A rogue DHCP server provides false IP configuration parameters to legitimate DHCP clients.

d. Bogus DHCPDISCOVER messages are sent to consume all the available IP addresses on a DHCP server.

a. A legitimate network IP address is hijacked by a rogue node.

35
New cards

What three services are provided by the AAA framework? (Choose three.)

a. Accounting

b. Automation

c. Authorization

d. Authentication

e. Autobalancing

f. Autoconfiguration

a. Accounting

c. Authorization

d. Authentication

36
New cards

Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this?

a. Accessibility

b. Accounting

c. Auditing

d. Authentication

e. Authorization

e. Authorization

37
New cards

What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow?

a. Disable DTP.

b. Disable STP.

c. Enable port security.

d. Place unused ports in an unused VLAN.

c. Enable port security.