What are two advantages of using security templates? (Select two.)

Ensuring uniform security settings across devices

Applying standardized settings to many systems quickly

You recently installed a Cisco router that links several network segments. You currently back up the router’s configuration using FTP. Which step would most improve the router’s security?

Use SCP to securely transfer the router’s configuration backups

Switch to Type 7 password encryption

Relocate the router to another facility

Which option correctly explains how a stateful inspection firewall evaluates network traffic?

It bases decisions on the status of active connections

It lets multiple devices share one public IP

It stands between a device and a server to act on the device’s behalf

It creates secure encrypted tunnels

A financial institution discovers a zero-day flaw that allows XSS attacks on its internal web portal. Which immediate action best reduces the risk?

Deploy a web application firewall (WAF)

Tell staff to change their passwords

Limit the number of login attempts

What is most likely to occur if the firewall protecting a screened subnet stops functioning?

Only the screened subnet’s servers are affected, but the LAN remains safe

The LAN is compromised while the screened subnet stays safe

Nothing changes; protection stays in place

All devices in both the subnet and LAN become compromised

Which statement accurately represents zero-trust security?

Devices must pass authentication and authorization before being trusted

Only devices that pass authorization are trusted

All devices are automatically trusted

Only authenticated devices are trusted

Your company receives a critical security patch for its main database system. Installing it requires taking the database offline, which disrupts business operations. What is the BEST way to handle the patch?

Test the patch in a staging environment first, then deploy it gradually

Ignore the update because the downtime is too disruptive

Wait several weeks to see whether other organizations report issues

Apply the patch immediately to every system without testing

A global company is experiencing an increase in remote workers using personal devices and smart home equipment. Which option MOST effectively controls device access and applies security policies?

Deploy agent-based NAC with dynamic VLAN assignments and firewall integration

Rely only on the firewall for device authentication

Use agentless NAC without firewall oversight

You are implementing vulnerability scanning for applications your company develops. What is the MOST effective approach?

Scan the applications and train developers on how to address the issues found

Scan only applications that have already been breached

Scan without notifying the development team

Stop all development until every flaw is fixed

What is the primary purpose of using a VPN?

Secure communication over an untrusted network

Reduce long-distance communication charges

Allow access to shared printers

You deploy a Cisco router and currently access it using Telnet with default admin credentials. What actions should you take to strengthen the router’s security? (Select two.)

Change the default admin username and password

A software vendor learns of a zero-day flaw that could expose user data and is working on a patch. What BEST describes the current risk and appropriate response?

The risk is serious; the vendor should develop the patch privately before notifying users

There is no risk as long as the vendor hides the vulnerability

The risk is minimal; the vendor should immediately alert all users

The vendor should contact users individually to assess impact

A company discovers a zero-day vulnerability in its database while a known threat group actively targets that software. Which statement BEST describes the relationship between threat, vulnerability, and risk?

The company’s risk increases because a threat is targeting an existing vulnerability

The company runs routine vulnerability scans

The company reduces risk by improving physical security

The company hires outside specialists to find threats

What can a proxy server be configured to do?

Prevent internal users from accessing external websites

Allow all content except what you mark as restricted

Work as a unified threat management firewall

Block everything except permitted content

Security Module 5 Network Architecture Review

Quiz

•

Information Technology (IT)

•

12th Grade

•

Practice Problem

•

Easy

Kyle Hatfield

Used 2+ times

FREE Resource

30 questions

Show all answers

MULTIPLE SELECT QUESTION

30 sec • 1 pt

Which two traits are commonly found in a basic packet-filtering firewall? (Select two.)

Tracks active connection states

Filters traffic by IP address and port number

Filters traffic based on websites visited

Makes decisions using session information

Operates without remembering previous packets

Answer explanation

Explanation:
Packet-filtering firewalls are stateless and only look at basic header information like IPs and ports.
Real-World Scenario:
This is like a security guard who only checks your student ID and destination every time you enter, but never remembers you from earlier.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A cloud system is fully updated, yet a researcher discovers a flaw no one has ever reported. What type of vulnerability is this?

A vulnerability that is brand-new and not yet patched

A flaw caused by user-generated scripts

A database query manipulation issue

A misconfigured network device

Answer explanation

Explanation:
A zero-day vulnerability is unknown to developers and has no existing fix yet.
Real-World Scenario:
It’s like finding a hidden shortcut in a building no one else knew about — and because it hasn’t been secured, it creates risk.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company now allows personal devices and IoT equipment on the network. Which option best ensures devices are checked and placed into the correct network areas with proper restrictions?

Use NAC with installed agents, dynamic VLAN assignment, and firewall integration

Use NAC without firewall coordination

Rely only on the existing firewall

Use NAC without dynamic VLANs

Answer explanation

Explanation:
Agent-based NAC with dynamic VLANs and firewall integration provides the strongest control in mixed-device environments.
Real-World Scenario:
It’s like having students scan in at the door, then automatically directing them to the right classroom based on their schedule.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What action best reduces how many ways an attacker could compromise a server?

Remove unnecessary or unused services

Install the latest updates

Add anti-malware software

Install a host-based intrusion detection tool

Answer explanation

Explanation:
Every running service adds a potential attack point; removing unused ones shrinks the attack surface.
Real-World Scenario:
If a school locks all unused rooms, there are fewer places for someone to hide or sneak in.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which attack tricks devices into linking the attacker’s MAC address to another device’s IP address?

MAC spoofing

Cross-site scripting

ARP poisoning

DNS manipulation

Answer explanation

Explanation:
ARP poisoning inserts false ARP entries so traffic is misdirected to the attacker.
Real-World Scenario:
It’s like someone replacing your name on the class attendance list with their own name so your messages get routed to them

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Before enforcing an application allow-list, you want to observe traffic and record violations. How should the control software handle applications not on the list?

Slow unwanted traffic

Log and flag anything not approved

Drop all unapproved traffic

Fully block everything not approved

Answer explanation

Explanation:
Flagging allows administrators to gather data before enforcing stricter rules.
Real-World Scenario:
It’s like monitoring hallway behavior for a week before deciding on new rules.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Devices on different VLANs cannot communicate. What is the MOST likely reason, and what should you do?

Inter-VLAN routing is not turned on; enable a router or Layer 3 switch

Devices were assigned the wrong VLAN ID

The switch is missing VLAN configuration settings

Switch ports were assigned improperly

Answer explanation

Explanation:
Different VLANs require Layer 3 routing to communicate.
Real-World Scenario:
Think of two separate hallways in a building — without a connecting doorway, students can’t move between them

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

HTML -SHS2025

Quiz

•

12th Grade

25 questions

CompTIA Security+ Certification Exam SY0-701 Practice Test 24

Quiz

•

12th Grade

28 questions

ĐỀ CƯƠNG ÔN TẬP KTCK II - TIN 12 (KNTT) - ĐỀ CƯƠNG SỐ 1

Quiz

•

12th Grade - University

32 questions

Form 1 - Information Technology Quiz

Quiz

•

7th Grade - University

30 questions

PAS GENAP TIK KELAS XI TAHUN 2024

Quiz

•

11th Grade - University

30 questions

Form 4 - CSEC Information Technology Quiz

Quiz

•

10th Grade - University

35 questions

PKL CICIMANJA

Quiz

•

12th Grade - University

25 questions

Konfigurasi Hotspot Mikrotik RB941

Quiz

•

12th Grade - University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Information Technology (IT)

20 questions

-AR -ER -IR present tense

Quiz

•

10th - 12th Grade

15 questions

Making Inferences

Quiz

•

7th - 12th Grade

12 questions

Add and Subtract Polynomials

Quiz

•

9th - 12th Grade

7 questions

How James Brown Invented Funk

Interactive video

•

10th Grade - University

15 questions

Atomic Habits: Career Habits

Lesson

•

9th - 12th Grade

20 questions

Banking

Quiz

•

9th - 12th Grade

15 questions

Exponential Growth and Decay Word Problems Practice

Quiz

•

9th - 12th Grade

18 questions

AP Bio Insta-Review Topic 6.1*: DNA & RNA Structure

Quiz

•

9th - 12th Grade

Security Module 5 Network Architecture Review

30 questions

Which two traits are commonly found in a basic packet-filtering firewall? (Select two.)

Explanation:
Packet-filtering firewalls are stateless and only look at basic header information like IPs and ports.
Real-World Scenario:
This is like a security guard who only checks your student ID and destination every time you enter, but never remembers you from earlier.

A cloud system is fully updated, yet a researcher discovers a flaw no one has ever reported. What type of vulnerability is this?

Explanation:
A zero-day vulnerability is unknown to developers and has no existing fix yet.
Real-World Scenario:
It’s like finding a hidden shortcut in a building no one else knew about — and because it hasn’t been secured, it creates risk.

A company now allows personal devices and IoT equipment on the network. Which option best ensures devices are checked and placed into the correct network areas with proper restrictions?

Explanation:
Agent-based NAC with dynamic VLANs and firewall integration provides the strongest control in mixed-device environments.
Real-World Scenario:
It’s like having students scan in at the door, then automatically directing them to the right classroom based on their schedule.

What action best reduces how many ways an attacker could compromise a server?

Explanation:
Every running service adds a potential attack point; removing unused ones shrinks the attack surface.
Real-World Scenario:
If a school locks all unused rooms, there are fewer places for someone to hide or sneak in.

Which attack tricks devices into linking the attacker’s MAC address to another device’s IP address?

Explanation:
ARP poisoning inserts false ARP entries so traffic is misdirected to the attacker.
Real-World Scenario:
It’s like someone replacing your name on the class attendance list with their own name so your messages get routed to them

Before enforcing an application allow-list, you want to observe traffic and record violations. How should the control software handle applications not on the list?

Explanation:
Flagging allows administrators to gather data before enforcing stricter rules.
Real-World Scenario:
It’s like monitoring hallway behavior for a week before deciding on new rules.

Devices on different VLANs cannot communicate. What is the MOST likely reason, and what should you do?

Explanation:
Different VLANs require Layer 3 routing to communicate.
Real-World Scenario:
Think of two separate hallways in a building — without a connecting doorway, students can’t move between them

Which attack overwhelms a switch’s MAC table, causing it to forward frames like a hub?

Explanation:
MAC flooding fills the table so the switch fails open and broadcasts traffic everywhere.
Real-World Scenario:
Like giving a teacher hundreds of fake student names — they eventually give up and allow everyone into the classroom.

Which security action is considered non-intrusive because it identifies weaknesses without actively attacking the system?

Explanation:
Vulnerability scanning reports issues without exploiting them.
Real-World Scenario:
It’s similar to checking doors to see if they’re locked — without actually trying to break in.

What are two advantages of using security templates? (Select two.)

Explanation:
Security templates let administrators push consistent settings to multiple devices efficiently.
Real-World Scenario:
It’s like a teacher copying the same rules sheet for every student instead of writing them out individually.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)

Security Module 5 Network Architecture Review

30 questions

Which two traits are commonly found in a basic packet-filtering firewall? (Select two.)

Explanation:Packet-filtering firewalls are stateless and only look at basic header information like IPs and ports.Real-World Scenario:This is like a security guard who only checks your student ID and destination every time you enter, but never remembers you from earlier.

A cloud system is fully updated, yet a researcher discovers a flaw no one has ever reported. What type of vulnerability is this?

Explanation:A zero-day vulnerability is unknown to developers and has no existing fix yet.Real-World Scenario:It’s like finding a hidden shortcut in a building no one else knew about — and because it hasn’t been secured, it creates risk.

A company now allows personal devices and IoT equipment on the network. Which option best ensures devices are checked and placed into the correct network areas with proper restrictions?

Explanation:Agent-based NAC with dynamic VLANs and firewall integration provides the strongest control in mixed-device environments.Real-World Scenario:It’s like having students scan in at the door, then automatically directing them to the right classroom based on their schedule.

What action best reduces how many ways an attacker could compromise a server?

Explanation:Every running service adds a potential attack point; removing unused ones shrinks the attack surface.Real-World Scenario:If a school locks all unused rooms, there are fewer places for someone to hide or sneak in.

Which attack tricks devices into linking the attacker’s MAC address to another device’s IP address?

Explanation:ARP poisoning inserts false ARP entries so traffic is misdirected to the attacker.Real-World Scenario:It’s like someone replacing your name on the class attendance list with their own name so your messages get routed to them

Before enforcing an application allow-list, you want to observe traffic and record violations. How should the control software handle applications not on the list?

Explanation:Flagging allows administrators to gather data before enforcing stricter rules.Real-World Scenario:It’s like monitoring hallway behavior for a week before deciding on new rules.

Devices on different VLANs cannot communicate. What is the MOST likely reason, and what should you do?

Explanation:Different VLANs require Layer 3 routing to communicate.Real-World Scenario:Think of two separate hallways in a building — without a connecting doorway, students can’t move between them

Which attack overwhelms a switch’s MAC table, causing it to forward frames like a hub?

Explanation:MAC flooding fills the table so the switch fails open and broadcasts traffic everywhere.Real-World Scenario:Like giving a teacher hundreds of fake student names — they eventually give up and allow everyone into the classroom.

Which security action is considered non-intrusive because it identifies weaknesses without actively attacking the system?

Explanation:Vulnerability scanning reports issues without exploiting them.Real-World Scenario:It’s similar to checking doors to see if they’re locked — without actually trying to break in.

What are two advantages of using security templates? (Select two.)

Explanation:Security templates let administrators push consistent settings to multiple devices efficiently.Real-World Scenario:It’s like a teacher copying the same rules sheet for every student instead of writing them out individually.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)

Explanation:
Packet-filtering firewalls are stateless and only look at basic header information like IPs and ports.
Real-World Scenario:
This is like a security guard who only checks your student ID and destination every time you enter, but never remembers you from earlier.

Explanation:
A zero-day vulnerability is unknown to developers and has no existing fix yet.
Real-World Scenario:
It’s like finding a hidden shortcut in a building no one else knew about — and because it hasn’t been secured, it creates risk.

Explanation:
Agent-based NAC with dynamic VLANs and firewall integration provides the strongest control in mixed-device environments.
Real-World Scenario:
It’s like having students scan in at the door, then automatically directing them to the right classroom based on their schedule.

Explanation:
Every running service adds a potential attack point; removing unused ones shrinks the attack surface.
Real-World Scenario:
If a school locks all unused rooms, there are fewer places for someone to hide or sneak in.

Explanation:
ARP poisoning inserts false ARP entries so traffic is misdirected to the attacker.
Real-World Scenario:
It’s like someone replacing your name on the class attendance list with their own name so your messages get routed to them

Explanation:
Flagging allows administrators to gather data before enforcing stricter rules.
Real-World Scenario:
It’s like monitoring hallway behavior for a week before deciding on new rules.

Explanation:
Different VLANs require Layer 3 routing to communicate.
Real-World Scenario:
Think of two separate hallways in a building — without a connecting doorway, students can’t move between them

Explanation:
MAC flooding fills the table so the switch fails open and broadcasts traffic everywhere.
Real-World Scenario:
Like giving a teacher hundreds of fake student names — they eventually give up and allow everyone into the classroom.

Explanation:
Vulnerability scanning reports issues without exploiting them.
Real-World Scenario:
It’s similar to checking doors to see if they’re locked — without actually trying to break in.

Explanation:
Security templates let administrators push consistent settings to multiple devices efficiently.
Real-World Scenario:
It’s like a teacher copying the same rules sheet for every student instead of writing them out individually.