1.Question 1Which tenant of security are flood guards designed to help ensure?1 pointAuthorizationAuthenticationAccountingAvailability2.Question 2Which enterprise switch features protect against layer 2 man-in-the-middle attacks? Select all that apply.1 pointDynamic ARP inspection (DAI)DHCP Snooping Flood GuardIP Source Guard 3.Question 3What can be configured to allow secure remote connections to web applications without requiring a VPN?1 pointReverse proxyDHCP snoopingRC4Firewall4.Question 4Multiple vulnerabilities in the WEP protocol make it possible for the encryption key to be recovered by hackers. Which parts of the WEP protocol create this vulnerability? Select all that apply.1 pointIn open-system WEP authentication mode, the client can be authenticated by the Access Point (AP) without passing the decryption challenge. WEP encryption is limited to a 64-bit protocol. In shared-key WEP authentication mode, the Access Point (AP) shares both the plaintext and the ciphertext with the client. The initialization vectors, and therefore the encryption keys, were weak and reused too often. 5.Question 5Which of the following are critical flaws of PIN entry WPS authentication with a hard-coded PIN?1 pointIt uses an 8 digit pin, which is made of 7 digits and one checksum value, and sends it in two parts. This means it takes a maximum of 11,000 tries to guess the PIN. There is a one-minute lockout period after three incorrect PIN attempts. It allows for the secure exchange of the SSID and the pre-shared key.The hard-coded PIN can never be reset, so if it is recovered by a hacker it can be reused to recover the new password.6.Question 6Which of the following options is currently the most secure way to protect a wireless network?1 pointWPA802.1x with EAP-TLSWPA2 with AES/CCMP modeWEP7.Question 7You’re an IT support specialist and you’ve been tasked with making sure the company is monitoring its network traffic adequately. What technique should you use if you want to access all packets from a specified port, port range, or entire VLAN?1 pointtcpdumpNetwork hub DHCP snoopingPort mirroring 8.Question 8You’re an IT support specialist tasked with setting up a NIPS to help protect your company’s network traffic from malicious behavior. Which constraint must you consider when you set up the NIPS?1 pointYou must be able to monitor and access all traffic, not just the traffic flowing directly through the NIPS device. The NIPS must have access to all outgoing traffic.The NIPS must have access to all incoming traffic.The monitored traffic must pass through the NIPS so that the NIPS can drop suspicious traffic.9.Question 9Complete the Qwiklab Introduction to tcpdump before answering this question. You want to use tcpdump to retrieve packets with 100.1.4.3 as the source or destination IP address and any port as the source or destination port. Which command should you use?1 pointtcpdump -i eth0 -vn host 100.1.4.3 and port 53 &sudo tcpdump -i eth0 -vn host 100.1.4.3sudo tcpdump -i eth0 -vn host 100.1.4.3 and port 53 &tcpdump -i eth0 -vn host 100.1.4.3 10.Question 10Complete the Qwiklab Introduction to tcpdump before answering this question. You want to determine the layer 3 protocol, source, and destination addresses and ports for all incoming packets, as well as their TCP details. However, you don’t want more detailed output. What additional flags should you use with the command sudo tcpdump -i eth0? 1 point-nnoneB : -v-vn

Question 1Which tenant of security are flood guards designed to help ensure?1 pointAuthenticationAccountingAuthorizationAvailability2.Question 2Which enterprise switch features protect against layer 2 man-in-the-middle attacks? Select all that apply.1 pointIP Source Guard Dynamic ARP inspection (DAI)DHCP Snooping Flood Guard3.Question 3Your company hires remote workers and wants them to be able to securely access company resources from their remote locations. What solution(s) would you recommend they consider? Select all that apply.1 pointVPNDHCP snoopingHost-based firewallReverse proxy4.Question 4What underlying symmetric encryption cipher does WEP use?1 pointRC4 DES RSA AES5.Question 5Which WPS method introduces critical security vulnerabilities into a system?1 pointPush-button authenticationUSB or NFCPin-entry authentication with a hard-coded PINPin-entry authentication with a user-generated PIN6.Question 6What tool can you use to ensure that WPS is disabled on your APs?1 pointWPS RemoverCleanseTerminateWash7.Question 7You’re an IT support specialist and you’ve been tasked with making sure the company is monitoring its network traffic adequately. What technique should you use if you want to access all packets from a specified port, port range, or entire VLAN?1 pointDHCP snoopingNetwork hub tcpdumpPort mirroring 8.Question 8You’re an IT support specialist tasked with setting up a NIDS system to monitor your company’s network traffic for suspicious behavior. Which of the following options would you implement? Select all that apply. 1 pointSet up the NIDS host with two network interfaces; one for analysis and one for management. Enable promiscuous mode on the NIDS analysis port.Set up the NIDS in-line with all incoming traffic. Use port mirroring to mirror all network traffic to the NIDS host 9.Question 9Complete the Qwiklab Introduction to tcpdump before answering this question. You want to use tcpdump to retrieve packets with 113.8.81.2 as the source or destination IP address and port 8080 as the source or destination port. Which command should you use?1 pointsudo tcpdump -i -vn host 113.8.81.2 and port 8080 &sudo tcpdump -i eth0 -vn host 113.8.81.2 and port 8080 &sudo tcpdump -i eth0 -vn host 8.8.8.8 and port 8080 &sudo tcpdump -i eth0 -vn host 113.8.81.210.Question 10Complete the Qwiklab Introduction to tcpdump before answering this question. You want to determine the layer 3 protocol, source, and destination addresses and ports for all incoming packets, as well as their TCP details. However, you don’t want more detailed output. What additional flags should you use with the command sudo tcpdump -i eth0? 1 point-nnoneB : -v-vn

1.Question 1Which tenant of security are flood guards designed to help ensure?1 pointAccountingAvailabilityAuthorizationAuthentication2.Question 2Which enterprise switch features protect against layer 2 man-in-the-middle attacks? Select all that apply.1 pointDHCP Snooping Dynamic ARP inspection (DAI)Flood GuardIP Source Guard 3.Question 3A host-based firewall protects against malicious attacks in which of the following scenarios? Select all that apply. 1 pointA company’s network experiences a layer 2 man-in-the-middle attack. A company’s network experiences a rogue DHCP server attack. An employee connects to the unsecured internet at their local coffee shop with their company computer. A device on a company’s internal network needs protection when another device connected to the network has been corrupted. 4.Question 4What underlying symmetric encryption cipher does WEP use?1 pointRSA RC4 AESDES 5.Question 5Which WPS method introduces critical security vulnerabilities into a system?1 pointPin-entry authentication with a hard-coded PINPush-button authenticationUSB or NFCPin-entry authentication with a user-generated PIN6.Question 6What tool can you use to ensure that WPS is disabled on your APs?1 pointCleanseWashWPS RemoverTerminate7.Question 7Port mirroring allows you to:1 pointPerform DHCP snooping. Access all packets from a specified port, port range, or entire VLAN by placing your ethernet network interface into promiscuous mode. Access all packets from a specified port, port range, or entire VLAN. Access only the packets from a specified port. 8.Question 8You’re an IT support specialist tasked with setting up a NIPS to help protect your company’s network traffic from malicious behavior. Which constraint must you consider when you set up the NIPS?1 pointThe NIPS must have access to all outgoing traffic.You must be able to monitor and access all traffic, not just the traffic flowing directly through the NIPS device. The NIPS must have access to all incoming traffic.The monitored traffic must pass through the NIPS so that the NIPS can drop suspicious traffic.9.Question 9Complete the Qwiklab Introduction to tcpdump before answering this question. You want to use tcpdump to retrieve packets with 113.8.81.2 as the source or destination IP address and port 8080 as the source or destination port. Which command should you use?1 pointsudo tcpdump -i -vn host 113.8.81.2 and port 8080 &sudo tcpdump -i eth0 -vn host 113.8.81.2sudo tcpdump -i eth0 -vn host 113.8.81.2 and port 8080 &sudo tcpdump -i eth0 -vn host 8.8.8.8 and port 8080 &10.Question 10Complete the Qwiklab Introduction to tcpdump before answering this question. You want to determine the layer 3 protocol, source, and destination addresses and ports for all incoming packets, as well as their TCP details. However, you don’t want more detailed output. What additional flags should you use with the command sudo tcpdump -i eth0? 1 point-vn-nnoneB : -v

3.Question 3What can be configured to allow secure remote connections to web applications without requiring a VPN?1 pointReverse proxyDHCP snoopingRC4Firewall

1.Question 1To connect an entire city, the most effective network type would be a local area network (LAN).1 pointTrueFalse2.Question 2A security professional wants to ensure information is being broadcast to every computer on their organization’s network. What device should they investigate?1 pointHubRouterInternet Modem3.Question 3What are some benefits of switches? Select all that apply.1 pointThey control the flow of traffic.They only pass data to the intended destination.They automatically install device-protection software.They can improve network performance.4.Question 4Fill in the blank: The practice of using servers, applications, and network services that are hosted on the internet is called _____ computing. 1 pointwebsiteconnectedclouduploadable

Question 1Fill in the blank: Security teams can use _____ to examine network logs and identify events of interest. 1 pointbaseline configurationport filteringnetwork segmentationsecurity information and event management (SIEM) tools2.Question 2What is a basic principle of port filtering?1 pointAllow ports that are used by normal network operations.Disallow ports that are used by normal network operations.Block all ports in a network.Allow users access to only areas of the network that are required for their role. 3.Question 3A security professional creates different subnets for the various departments in their business, ensuring users have access that is appropriate for their particular roles. What does this scenario describe?1 pointNetwork log analysisPatch updatesNetwork segmentationFirewall maintenance4.Question 4Data in restricted zones should have the same encryption standards as data in other zones.1 pointTrueFalse