Network Administration and Security Exam Questions - 750 Verified Questions

Page 1

Network Administration and Security Exam Questions

Course Introduction

Network Administration and Security explores the essential principles and practices involved in managing, configuring, and securing computer networks. The course covers network architectures, protocols, hardware components, and operating systems, emphasizing the strategies required to maintain network efficiency and reliability. Students learn to implement administrative tasks, such as user management, resource allocation, and network monitoring, alongside the deployment of security measures including firewalls, intrusion detection systems, and encryption techniques to protect against threats and vulnerabilities. Practical labs and real-world scenarios equip learners with the technical skills and critical thinking needed to ensure robust and secure network environments.

Recommended Textbook

CompTIA Security Guide to Network Security Fundamentals 6th Edition by

Available Study Resources on Quizplus 15 Chapters

750 Verified Questions

750 Flashcards

Source URL: https://quizplus.com/study-set/2311

Page 2

Mark Ciampa

Chapter 1: Introduction to Security

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45966

Sample Questions

Q1) Why are there delays in updating products such as anti-virus software to resist attacks?

Answer: At the current rate of submissions of potential malware on a daily basis,updates for anti-virus software would need to be released every few seconds.

Q2) What level of security access should a computer user have to do their job?

A)password protected

B)least amount

C)limiting amount

D)authorized access

Answer: B

Q3) What term best describes any premeditated,politically motivated attack against information,computer systems,computer programs,and data which results in violence against noncombatant targets by subnational groups or clandestine agents?

A)cybercriminal

B)cracking

C)cyberterrorism

D)hacking

Answer: C

To view all questions and flashcards with answers, click on the resource link above. Page 3

Chapter 2: Malware and Social Engineering Attacks

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45967

Sample Questions

Q1) A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as:

A)A rootkit

B)A macro

C)A program

D)A process

Answer: B

Q2) What social engineering principal convinces a victim an immediate action is needed?

A)authority

B)urgency

C)intimidation

D)scarcity

Answer: B

Q3) Malware is software that enters a computer system with the user's knowledge or consent and then performs an unwanted and harmful action.

A)True

B)False

Answer: False

To view all questions and flashcards with answers, click on the resource link above. Page 4

Chapter 3: Basic Cryptography

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45968

Sample Questions

Q1) What technology uses a chip on the motherboard of the computer to provide cryptographic services?

A)SEDs

B)FDE

C)TPM

D)HSM

Answer: C

Q2) GNU Privacy Guard a proprietary software that runs on different operating systems.

A)True

B)False

Answer: False

Q3) What is a pseudorandom number generator?

Answer: A pseudorandom number generator is an algorithm for creating a sequence of numbers whose properties approximate those of a random number.

Q4) Wireless data networks are particularly susceptible to known ciphertext attacks.

A)True

B)False

Answer: True

To view all questions and flashcards with answers, click on the resource link above. Page 5

Chapter 4: Advanced Cryptography and PKI

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45969

Sample Questions

Q1) What is a value that can be used to ensure that plaintext,when hashed,will not consistently result in the same digest?

A)salt

B)initialization vector

C)counter

D)nonce

Q2) What is the S/MIME protocol used for?

Q3) Explain how digital certificates are managed.

Q4) Some CAs issue only entry-level certificates that provide domain-only validation.

A)True

B)False

Q5) What role does a key recovery agent fulfill in an enterprise environment?

Q6) Select the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:

A)Registration Authority

B)Delegation Authority

C)Certification Authority

D)Participation Authority

To view all questions and flashcards with answers, click on the resource link above. Page 6

Chapter 5: Networking and Server Attacks

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45970

Sample Questions

Q1) On a compromised computer,you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts.What type of exploit has occurred?

A)Privilege escalation

B)DNS cache poisoning

C)ARP poisoning

D)Man-in-the-middle

Q2) Traditional network security devices can block traditional network attacks,but they cannot always block web application attacks.

A)True

B)False

Q3) How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?

A)DNS poisoning

B)Phishing

C)DNS marking

D)DNS overloading

Q4) What is the basis for domain name resolution of names-to-IP addresses?

Q5) What are some of the typical server attacks used by attackers?

To view all questions and flashcards with answers, click on the resource link above. Page 7

Chapter 6: Network Security Devices, Design, and Technology

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45971

Sample Questions

Q1) What dedicated hardware device aggregates hundreds or thousands of VPN connections?

A)VPN server

B)VPN gateway

C)VPN switch

D)VPN concentrator

Q2) If a network is completely isolated by an air gap from all other outside networks it is using what type of configuration?

A)physical network segregation

B)complete network segregation

C)network isolation

D)logical network segregation

Q3) Which of the following is a server that routes incoming requests coming from an external network to the correct internal server?

A)forward proxy

B)application proxy

C)system proxy

D)reverse proxy

Q4) Discuss the two advantages that NAT provides.

To view all questions and flashcards with answers, click on the resource link above. Page 8

Chapter 7: Administering a Secure Network

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45972

Sample Questions

Q1) What secure protocol is recommended for Network address translation?

A)SRTP

B)S/MIME

C)IMAP

D)IPsec

Q2) When setting up a server virtualization environment,what component below manages the virtual machine operating systems and supports one or more guest systems?

A)kernel

B)supervisor

C)hypercard

D)hypervisor

Q3) S/MIME can be used when mail is accessed through a web browser.

A)True

B)False

Q4) A correlation engine aggregates and correlates content from different sources to uncover an attack.

A)True

B)False

Q5) Describe the ways you can use FTP on a local host computer.

Page 9

To view all questions and flashcards with answers, click on the resource link above.

Chapter 8: Wireless Network Security

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45973

Sample Questions

Q1) In a bluesnooping attack,the attacker copies emails,calendars,contact lists,cell phone pictures,or videos by connecting to the Bluetooth device without the owner's knowledge or permission.

A)True

B)False

Q2) What technique can an attacker use to search for unprotected home wireless signals from an automobile or on foot using a portable computing device?

Q3) The current Bluetooth version is Bluetooth 6.

A)True

B)False

Q4) Which of the following self-contained APs are autonomous,or independent,because they are separate from other network devices and even other autonomous APs?

A)fat APs

B)single APs

C)thin APs

D)super APs

Q5) How does the WPA Temporal Key Integrity Protocol encryption technology operate?

Q6) Discuss how to prevent bluesnarfing.

To view all questions and flashcards with answers, click on the resource link above. Page 10

Chapter 9: Client and Application Security

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45974

Sample Questions

Q1) What is a bollard?

Q2) An automated patch update service is used to manage patches within the enterprise instead of relying on the vendor's online updates.

A)True

B)False

Q3) What specific software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus?

A)anti-malware

B)antivirus

C)security applications

D)firewall

Q4) What type of video surveillance is typically used by banks,casinos,airports,and military installations,and commonly employs guards who actively monitor the surveillance?

A)CCTV

B)ICTV

C)IPTV

D)ITV

Q5) How can cable conduits that run between two secure areas be protected?

To view all questions and flashcards with answers, click on the resource link above. Page 11

Chapter 10: Mobile and Embedded Device Security

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45975

Sample Questions

Q1) How might an attacker misuse a QR code?

Q2) Which of the following can replace using radio frequency (RF)for the communication media?

A)ANT

B)Bluetooth

C)repeaters

D)infrared

Q3) MDM tools cannot provide the ability to detect and restrict jailbroken and rooted devices.

A)True

B)False

Q4) Which of the following is NOT a benefit of using the CYOD enterprise deployment model for an enterprise?

A)management flexibility

B)increased internal service

C)increased employee performance

D)less oversight

Q5) Infrared light is next to the visible light on the light spectrum.

A)True

B)False

12

To view all questions and flashcards with answers, click on the resource link above.

Chapter 11: Authentication and Account Management

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45976

Sample Questions

Q1) Discuss the types of shortcuts that users take to help them recall their passwords.

Q2) Hash algorithms like MD5 and SHA are considered secure for creating digests because these hashing algorithms are designed to create a digest as strong as possible.

A)True

B)False

Q3) Which of the following options prevents a logon after a set number of failed logon attempts within a specified period and can also specify the length of time that the lockout is in force?

A)password lock

B)logon lock

C)password lockout

D)logon lockout

Q4) How does an iris scanner work?

Q5) What are the three advantages of a rainbow table over other password attacks?

Q6) What smartcard standard is used to cover all U.S.government employees?

Q7) What is a dictionary attack?

Q8) How does a retina scanner work?

Q9) Describe how rainbow tables work.

Page 13

To view all questions and flashcards with answers, click on the resource link above.

Chapter 12: Access Management

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45977

Sample Questions

Q1) Authorization is granting permission for admittance.

A)True

B)False

Q2) What is the purpose of an ACL?

Q3) What is the name for a predefined framework that can be used for controlling access,and is embedded into software and hardware?

A)accounting and access model

B)user control model

C)access control model

D)authorization control model

Q4) Which access control model that uses access based on a user's job function within an organization?

A)Role Based Access Control

B)Rule Based Access Control

C)Discretionary Access Control

D)Mandatory Access Control

Q5) Describe LDAP injection attacks.

Q6) Discuss the differences between DAP and LDAP.

Q7) Describe the two key elements of the MAC model.

Q8) Describe how Kerberos works.

To view all questions and flashcards with answers, click on the resource link above. Page 14

Chapter 13: Vulnerability Assessment and Data Security

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45978

Sample Questions

Q1) In white box and gray box testing,the first task of the tester is to perform preliminary information gathering on their own from outside the organization,sometimes called open source intelligence (OSINT).

A)True

B)False

Q2) What is the end result of a penetration test?

A)penetration test profile

B)penetration test report

C)penetration test system

D)penetration test view

Q3) Which of the following is used to replicate attacks during a vulnerability assessment by providing a structure of exploits and monitoring tools?

A)replication image

B)assessment image

C)penetration framework

D)exploitation framework

Q4) List and describe two common uses for a protocol analyzer.

Q5) Discuss one type of asset that an organization might have.

Q6) Describe a penetration testing report.

15

To view all questions and flashcards with answers, click on the resource link above.

Chapter 14: Business Continuity

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45979

Sample Questions

Q1) The process of identifying exposure to threats,creating preventive and recovery procedures,and then testing them to determine if they are sufficient,is known as:

A)business continuity planning

B)disaster planning

C)business management planning

D)enterprise disaster planning

Q2) A business continuity plan will help determine the mission-essential function or the activity that serves as the core purpose of the enterprise.

A)True

B)False

Q3) What specific way can disaster recovery plans be tested?

A)alternative processing

B)restoration simulation

C)tabletop exercises

D)alternative exercises

Q4) What is a hot site?

Q5) A privacy impact assessment is used to identify and mitigate privacy risks.

A)True

B)False

To view all questions and flashcards with answers, click on the resource link above. Page 16

Chapter 15: Risk Mitigation

Available Study Resources on Quizplus for this Chatper

50 Verified Questions

50 Flashcards

Source URL: https://quizplus.com/quiz/45980

Sample Questions

Q1) What is a service contract between a vendor and a client that specifies what services will be provided,the responsibilities of each party,and any guarantees of service?

A)MOU

B)SLA

C)BPA

D)ISA

Q2) What term can be described as a function of threats,consequences of those threats,and the resulting vulnerabilities?

A)threat

B)mitigation

C)risk

D)management

Q3) What are the two risk calculation formulas commonly used to calculate expected losses?

Q4) A subject's privilege over an object should follow the principle of least privilege.

A)True

B)False

Q5) What is mean time to recovery (MTTR)?

To view all questions and flashcards with answers, click on the resource link above. Page 17

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.