- web.groovymark@gmail.com
- November 17, 2024
Question 21
Which organization is responsible for publishing security frameworks and standards to help an organization achieve security outcomes?
a) Open Web Application Security Project (OWASP)
b) Internet Assigned Numbers Authority (IANA)
c) National Institute of Standards and Technology (NIST)
d) International Organization for Standardization (ISO)
Correct Answer: c) National Institute of Standards and Technology (NIST)
Explanation: NIST publishes widely recognized security standards and frameworks that help organizations achieve secure operational practices.
Question 22
Which security process can help obtain a deep insight into events in the existing system?
a) Vulnerability
b) Logging
c) Threat agent
d) Reconnaissance
Correct Answer: b) Logging
Explanation: Logging involves recording system and network events, providing valuable insights for troubleshooting, auditing, and detecting security incidents.
Question 23
Which in-line security technology proactively examines, detects, and prevents an attacker from exploiting a vulnerability in a system?
a) Vulnerability scanner
b) Port scanner
c) Intrusion detection system (IDS)
d) Intrusion prevention system (IPS)
Correct Answer: d) Intrusion prevention system (IPS)
Explanation: An IPS not only detects but also takes proactive steps to prevent potential threats from exploiting vulnerabilities in the system.
Question 24
Which plane can have security problems such as cross-site scripting and cross-site request forgery?
a) Application
b) Data
c) Management
d) Control
Correct Answer: a) Application
Explanation: The application plane is prone to security issues like cross-site scripting (XSS) and cross-site request forgery (CSRF) due to vulnerabilities in web applications.
Question 25
Which communication protocol makes it possible for the SDN controller to interact with devices such as the switch or the router?
a) Transport Layer Security (TLS)
b) Secure Shell Protocol (SSH)
c) Secure File Transfer Protocol (SFTP)
d) OpenFlow
Correct Answer: d) OpenFlow
Explanation: OpenFlow is the standard communication protocol used in SDN to enable the controller to interact with forwarding devices like switches and routers.
Question 26
Which device prohibits virtual networks from communicating with other networks during the implementation of virtual extensible local networks (VXLANs)?
a) Hub
b) Virtual switch
c) Gateway
d) Virtual router
Correct Answer: d) Virtual router
Explanation: A virtual router isolates virtual networks from other networks, ensuring that they do not communicate during the implementation of VXLANs.
Question 27
Which term describes a network security solution that inspects packets and provides filtering as well as monitoring for virtual machines within a virtualized environment?
a) Proxy server
b) Virtual firewall
c) Physical firewall
d) Network address translation
Correct Answer: b) Virtual firewall
Explanation: A virtual firewall operates in virtualized environments, inspecting packets, applying filtering, and monitoring virtual machine traffic to enhance security.
Question 28
Which SDN microsegmentation consideration significantly reduces the available attack surface that a network presents?
a) Zero trust zones
b) Tools for supporting legacy networks
c) Fine-grained data flow and policy management
d) Leveraging cloud-based resource management and support
Correct Answer: c) Fine-grained data flow and policy management
Explanation: Microsegmentation with fine-grained data flow and policy management limits the attack surface by enforcing strict security policies for each network segment.
Question 29
Which benefit of distributed firewalls ensures that telecommuters are protected whether the tunnel is set up or not?
a) Topology independence
b) Protection from internal attacks
c) Elimination of single point of failure
d) Improved host decision-making
Correct Answer: a) Topology independence
Explanation: Distributed firewalls with topology independence protect telecommuters regardless of whether a VPN tunnel is established, offering security in various network configurations.
Question 30
Which firewall term refers to a program that deals with external devices on behalf of internal clients?
a) Network address translation
b) Dual-homed host
c) Proxy
d) Perimeter network
Correct Answer: c) Proxy
Explanation: A proxy acts as an intermediary between internal clients and external servers, handling communication and providing a layer of security.
Question 31
Which networking task would benefit from the use of network automation tools?
a) Configuring multiple wireless access points
b) Changing user privileges due to job changes
c) Creating a physical connection between devices
d) Identifying and fixing a faulty switch protocol
Correct Answer: a) Configuring multiple wireless access points
Explanation: Network automation tools streamline tasks like configuring multiple wireless access points, ensuring consistency and reducing manual effort.
Question 32
Which task can be performed by an administrator using a network’s automation software?
a) Add a firewall to the network
b) Create a network attack graph
c) Perform a penetration test
d) Design the topology of the network
Correct Answer: a) Add a firewall to the network
Explanation: Network automation software can be used to automate tasks such as adding a firewall to the network, enhancing security without manual intervention.
Question 33
Which automation tool uses logic referred to as a playbook?
a) Ansible
b) Chef
c) Puppet
d) Apstra
Correct Answer: a) Ansible
Explanation: Ansible uses playbooks written in YAML to define and automate complex tasks, making it a powerful tool for network automation.
Question 34
Which network configuration automation tool is written using C++, Clojure, and Ruby?
a) Ansible
b) Chef
c) Puppet
d) Apstra
Correct Answer: b) Chef
Explanation: Chef is a configuration management tool written in Ruby and C++, with its recipes defining system configurations in a declarative manner.
Question 35
How does software-defined networking (SDN) affect information security?
a) A single device can be configured for switching, routing, load balancing, or security monitoring.
b) Each network function is handled by a separate, isolated device.
c) With the complexity of software, carriers have little visibility into security issues.
d) Network information is now centralized on one physical device.
Correct Answer: a) A single device can be configured for switching, routing, load balancing, or security monitoring.
Explanation: SDN centralizes control, allowing a single device to manage various network functions, including security monitoring, which enhances visibility and management.
Question 36
Which model involves moving services like load balancing, firewalls, and intrusion prevention systems away from dedicated hardware into a non-physical environment?
a) Network functions virtualization (NFV)
b) Software as a service (SaaS)
c) Open systems interconnection (OSI)
d) Internet Engineering Task Force (IETF)
Correct Answer: a) Network functions virtualization (NFV)
Explanation: NFV virtualizes network functions such as firewalls and load balancers, allowing them to run on general-purpose hardware instead of dedicated appliances.
Question 37
A network utilizes virtualized environments with virtual machines running delay-sensitive applications. Which recommendation should be used to protect the virtual workload in accordance with NIST 800-125B?
a) Virtual firewalls should be deployed for traffic flow control instead of physical firewalls.
b) Two identical bastion hosts should be used instead of one primary host.
c) The logical network topology should be either a star topology or a bus topology.
d) The firewall should be reconfigured and optimized daily
Correct Answer: a) Virtual firewalls should be deployed for traffic flow control instead of physical firewalls.
Explanation: NIST 800-125B recommends deploying virtual firewalls to control traffic in virtualized environments, as they provide more flexibility and control compared to physical firewalls.
Question 38
A virtualized network uses a subnet-level virtual firewall. Which recommendation should be used to protect the virtual workload in accordance with NIST 800-125B?
a) The firewall should be integrated with a virtualization management platform.
b) The firewall should be accessible only through a standalone console.
c) The firewall should be located at the center of the network topology.
d) The firewall should be reconfigured and optimized on a daily basis.
Correct Answer: a) The firewall should be integrated with a virtualization management platform.
Explanation: NIST 800-125B suggests integrating virtual firewalls with a virtualization management platform for better control and efficiency in managing virtual environments.
Question 39
A network uses event logging for auditing purposes. How should the audit records be managed according to the recommendations in NIST 800-53?
a) Generate time stamps for audit records.
b) Store audit records for a period of 36 months.
c) Use a designated local device for audit record storage.
d) Manually inspect audit records at specified intervals.
Correct Answer: a) Generate time stamps for audit records.
Explanation: NIST 800-53 recommends generating time stamps for audit records to ensure that events can be traced accurately and provide a reliable audit trail.
Question 40
How has network functions virtualization (NFV) changed network functions?
a) It has moved network functions from stand-alone appliances to software running on any server.
b) It has moved network functions from software running on any server to stand-alone appliances.
c) It has moved network functions from the network presentation layer to the transport layer.
d) It has moved network functions from the network transport layer to the presentation layer.
Correct Answer: a) It has moved network functions from stand-alone appliances to software running on any server.
Explanation: NFV virtualizes network functions, allowing them to run on standard servers rather than specialized hardware, improving flexibility and scalability.