Sec+ CH.3 Review Test Professional Development Quiz

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An outside consultant performed an audit of the Municipal House of

Pancakes network. She identified a legacy protocol being used to access

browser-based interfaces on switches and routers within the network. She

recommended replacing the legacy protocol with a secure protocol to access

these network devices using the same interface. Which of the following

protocols should be implemented?

The newest fully supported version of SSL

The newest fully supported version of TLS

The newest fully supported version of LDAPS

The newest fully supported version of SNMP

Answer explanation

B is correct The newest version of Transport Layer Security (TLS)

should be implemented to access the network devices. Because the scenario

says the same interface is needed, the only possible choices are TLS or

Secure Sockets Layer (SSL). However, SSL has been deprecated and

should not be used. Lightweight Directory Access Protocol Secure

(LDAPS) is used to communicate with directories such as Microsoft Active

Directory. Simple Network Management Protocol version 3 (SNMPv3)

adds security to SNMP and encrypts the credentials sent to and from the

network devices, but it doesn’t support access via a browser interface.

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Your organization’s security policy requires that confidential data

transferred over the internal network must be encrypted. Which of the

following protocols would BEST meet this requirement?

FTP

SSH

SNMPv3

SRTP

Answer explanation

B is correct. You can use Secure Shell (SSH) to encrypt confidential data

when transmitting it over the network. Secure File Transfer Protocol

(SFTP) uses SSH to encrypt File Transfer Protocol (FTP) traffic, but FTP is

unencrypted. Simple Network Management Protocol version 3 (SNMPv3)

is used to monitor and manage network devices, not transmit data over a

network. Secure Real-Time Transport Protocol (SRTP) provides encryption,

message authentication, and integrity for voice and video, but not all data.

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Maggie needs to collect network device configuration information and

network statistics from devices on the network. She wants to protect the

confidentiality of credentials used to connect to these devices. Which of the

following protocols would BEST meet this need?

SSH

FTPS

SNMPv3

TLS

Answer explanation

C is correct. Simple Network Management Protocol version 3 (SNMPv3)

is a secure protocol that can monitor and collect information from network

devices. It includes strong authentication mechanisms to protect the

confidentiality of credentials. None of the other protocols listed are used to

monitor network devices. Secure Shell (SSH) provides a secure method of

connecting to devices but does not monitor them. File Transfer Protocol

Secure (FTPS) is useful for encrypting large files in transit, using Transport

Layer Security (TLS). TLS is commonly used to secure transmissions but

doesn’t include methods to monitor devices.

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are trying to determine what information attackers can gain about

your organization using network reconnaissance methods via the Internet.

Using a public wireless hot spot, you issue the following command:

nslookup -querytype=mx gcgapremium.com

You then see these results:

Server: UnKnown

Address: 10.0.0.1

Non-authoritative answer:

gcgapremium.com MX preference = 90, mail exchanger =

mx1.emailsrvr.com

gcgapremium.com MX preference = 20, mail exchanger =

mx2.emailsrvr.com

What does this tell you?

10.0.0.1 is the IP address of the primary mail server.

gcgapremium.com is unknown to DNS.

The mx1.emailsrvr.com is a backup mail server.

The MX servers are showing too much information to the public.

Answer explanation

C is correct. This indicates that the mx1.emailsrvr.com is a backup mail

server. The preference of mx1.emailsrvr.com is 90, which is higher than the

preference of 20 for mx2.emailsrvr.com. In other words, mx2.emailsrvr.com

is the primary email server and mx1.emailsrvr.com is the secondary email

server. The “Address: 10.0.0.1” response indicates that the address of the

Domain Name System (DNS) server that gave the response is 10.0.0.1. The

“Server: UnKnown” response indicates that the DNS server is not using

PTR records, which resolve IP addresses to hostnames. Note that

“UnKnown” looks like a typo but is the way that nslookup (short for name

server lookup) displays it. The MX records are required so that other

Internet-based mail servers can find the mail servers handling mail sent to a

domain.

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Administrators are configuring a server within your organization’s

screened subnet. This server will have the following capabilities when it is

fully configured:

1) It will use RRSIG.

2) It will perform authenticated requests for A records.

3) It will perform authenticated requests for AAAA records.

What BEST identifies the capabilities of this server?

SSH

SNMPv3

S/MIME

DNSSEC

Answer explanation

D is correct. This is a Domain Name System (DNS) server with the

added capabilities of DNS Security Extensions (DNSSEC). DNSSEC is a

suite of extensions to DNS. It uses a Resource Record Signature (RRSIG),

commonly referred to as a digital signature, to provide data integrity and

authentication for DNS replies. A DNS server resolves hostnames to IP

addresses. Secure Shell (SSH) is commonly used to connect to remote

systems and can be used to send files in an encrypted format over a

network. Simple Network Management Protocol version 3 (SNMPv3) is

used to manage and monitor network devices. Secure/Multipurpose Internet

Mail Extensions(S/MIME) is a popular standard used to encrypt email, but

email is not mentioned in the scenario.

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Maggie regularly connects to a remote server named gcga using Secure

Shell (ssh) from her Linux system. However, she has trouble remembering

the password, and she wants to avoid using it without sacrificing security.

She creates a cryptographic key pair to use instead. Which of the following

commands is the BEST choice to use after creating the key pair?

ssh-copy-id -i ~.ssh/id_rsa.pub maggie@gcga

chmod 644 ~/.ssh/id_rsa

ssh-keygen -t rsa

ssh root@gcga

Answer explanation

A is correct. After creating the key pair, she should use the ssh-copy-id

command to copy the public key to the server. The first step uses the ssh-

keygen -t rsa command. This creates an RSA-based key pair (a private key

and a public key). The public key’s location and the name is

~.ssh/id_rsa.pub, and the private key’s location and the name is

~/.ssh/id_rsa. The second step is to copy the public key to the remote server

using the command ssh-copy-id -i ~.ssh/id_rsa.pub maggie@gcga. The

private key should always stay private, but the chmod 644 command makes

it readable by everyone, so it shouldn’t be used. The ssh command connects

to the remote server using Secure Shell (ssh). However, it’s not required to

connect to the server before copying it. The ssh-copy-id command is a

utility within the OpenSSH suite of tools.

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are tasked with enabling NTP on some servers within your

organization’s screened subnet. Which of the following use cases are you

MOST likely supporting with this action?

Encrypting voice and video transmissions

Providing time synchronization

Enabling email usage

Encrypting data-in-transit

Answer explanation

B is correct. The Network Time Protocol (NTP) provides time

synchronization services, so enabling NTP on servers in the screened subnet

(sometimes called a demilitarized zone or DMZ) would meet this use case.

The Secure Real-time Transport Protocol (SRTP) provides encryption,

message authentication, and integrity for audio and video over IP networks.

Protocols such as Simple Mail Transfer Protocol (SMTP), Post Office

Protocol v3 (POP3), and Internet Message Access Protocol version 4

(IMAP4) are used for email. Encrypting data isn’t relevant to time

synchronization services provided by NTP.

8.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Your organization has several switches in use throughout the internal

network. Management wants to implement a security control to prevent

unauthorized access to these switches within the network. Which of the

following choices would BEST meet this need?

Disable unused ports.

Disable STP.

Enable SSH.

Enable DHCP.

Answer explanation

A is correct. You can prevent unauthorized access by disabling unused

physical ports on the switches as an overall port security practice. This

prevents the connection if someone plugs their computer into an unused

disabled port. Spanning Tree Protocol (STP) prevents switching loop

problems and should be enabled. Secure Shell (SSH) encrypts traffic and

can be used to connect to network devices for management, but it doesn’t

directly protect a switch. Dynamic Host Configuration Protocol (DHCP) is

used to dynamically issue IP addresses and is unrelated to this scenario.

9.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Network administrators manage network devices remotely. However, a

recent security audit discovered they are using a protocol that allows them

to send credentials over the network in cleartext. Which of the following

methods should be adopted to eliminate this vulnerability?

Use SNMPv2c.

Use SSH.

Use SSL.

Use SFTP.

Answer explanation

B is correct. Secure Shell (SSH) can be used to connect to many network

devices and is the best answer of the given choices. It encrypts the entire

session, including the credentials. The scenario indicates that administrators

are likely using Simple Network Management Protocol v1 (SNMPv1),

SNMPv2, or SNMPv2c. These protocols all send a community string over

the network in cleartext. SNMPv3 (which isn’t available as a possible

answer) encrypts the credentials before sending them over the network.

Secure Sockets Layer (SSL) has been deprecated and shouldn’t be used.

Secure File Transfer Protocol (SFTP) is a secure implementation of FTP

and is used to transfer files, not manage network devices.

10.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following devices would MOST likely have the following

entries used to define its operation?

permit IP any any eq 80

permit IP any any eq 443

deny IP any any

Firewall

Proxy server

Web server

Jump server

Answer explanation

A is correct. These are rules in an access control list (ACL) within a

firewall. The first two rules indicate that traffic from any IP address, to any

IP address, using ports 80 or 443 is permitted or allowed. The final rule is

also known as an implicit deny rule and is placed last in the ACL. It ensures

that all traffic that hasn’t been previously allowed is denied. A proxy server

would not use an ACL, although it would use ports 80 and 443 for

Hypertext Transfer Protocol (HTTP) and HTTP Secure (HTTPS),

respectively. A web server wouldn’t use an ACL, although it would also use

ports 80 and 443. A jump server is a server placed between different

security zones (such as an internal network and a screened subnet) and is

used to manage devices in the other security zone.

Create a free account and access millions of resources

Similar Resources on Quizizz

Popular Resources on Quizizz

Discover more resources for Computers