CCNA Security v2.0 Chapter 1 Exam Answers 1. What methd can be used t mitigate ping sweeps? using encrypted r hashed authenticatin prtcls installing antivirus sftware n hsts deplying antisniffer sftware n all netwrk devices blcking ICMP ech and ech-replies at the netwrk edge 2. What are the three majr cmpnents f a wrm attack? (Chse three.) a penetratin mechanism an infecting vulnerability a paylad an enabling vulnerability a prbing mechanism a prpagatin mechanism 3. Which statement accurately characterizes the evlutin f threats t netwrk security? Internal threats can cause even greater damage than external threats. Threats have becme less sphisticated while the technical knwledge needed by an attacker has grwn. Early Internet users ften engaged in activities that wuld harm ther users. Internet architects planned fr netwrk security frm the beginning. 4. What causes a buffer verflw? launching a security cuntermeasure t mitigate a Trjan hrse sending repeated cnnectins such as Telnet t a particular device, thus denying ther data surces. dwnlading and installing t many sftware updates at ne time attempting t write mre data t a memry lcatin than that lcatin can hld sending t much infrmatin t tw r mre interfaces f the same device, thereby causing drpped packets 5. What cmmnly mtivates cybercriminals t attack netwrks as cmpared t hactivists r state-spnsred hackers? status amng peers fame seeking financial gain CCNA 5 Page 1
plitical reasns 6. Which tw netwrk security slutins can be used t mitigate DS attacks? (Chse tw.) virus scanning intrusin prtectin systems applying user authenticatin antispfing technlgies data encryptin 7. Which tw statements characterize DS attacks? (Chse tw.) Examples include smurf attacks and ping f death attacks. They attempt t cmprmise the availability f a netwrk, hst, r applicatin 8. An attacker is using a laptp as a rgue access pint t capture all netwrk traffic frm a targeted user. Which type f attack is this? trust explitatin buffer verflw man in the middle prt redirectin 9. What functinal area f the Cisc Netwrk Fundatin Prtectin framewrk is respnsible fr device-generated packets required fr netwrk peratin, such as ARP message exchanges and ruting advertisements? data plane cntrl plane management plane frwarding plane 10. What are the three cmpnents f infrmatin security ensured by cryptgraphy? (Chse three.) threat preventin authrizatin cnfidentiality cuntermeasures integrity availability 11. What is the primary methd fr mitigating malware? CCNA 5 Page 2
using encrypted r hashed authenticatin prtcls installing antivirus sftware n all hsts blcking ICMP ech and ech-replies at the netwrk edge deplying intrusin preventin systems thrughut the netwrk 12. What is an bjective f a state-spnsred attack? t gain financial prsperity t sell peratin system vulnerabilities t ther hackers t gain attentin t right a perceived wrng 13. What rle des the Security Intelligence Operatins (SIO) play in the Cisc SecureX architecture? identifying and stpping malicius traffic authenticating users enfrcing plicy identifying applicatins 14. What wrm mitigatin phase invlves actively disinfecting infected systems? Treatment 15. Hw is a smurf attack cnducted? by sending a large number f packets t verflw the allcated buffer memry f the target device by sending a large number f ICMP requests t directed bradcast addresses frm a spfed surce address n the same netwrk by sending a large number f TCP SYN packets t a target device frm a spfed surce address by sending an ech request in an IP packet larger than the maximum packet size f 65,535 bytes 16. What is a characteristic f a Trjan hrse as it relates t netwrk security? Malware is cntained in a seemingly legitimate executable prgram. Extreme quantities f data are sent t a particular netwrk device interface. An electrnic dictinary is used t btain a passwrd t be used t infiltrate a key netwrk device. T much infrmatin is destined fr a particular memry blck causing additinal memry areas t be affected. CCNA 5 Page 3
17. What is the first step in the risk management prcess specified by the ISO/IEC? Create a security plicy. Cnduct a risk assessment. Inventry and classify IT assets. Create a security gvernance mdel. 18. What is the significant characteristic f wrm malware? A wrm can execute independently A wrm must be triggered by an event n the hst system. Wrm malware disguises itself as legitimate sftware Once installed n a hst system, a wrm des nt replicate itself. 19. Which cnditin describes the ptential threat created by Instant On in a data center? when the primary firewall in the data center crashes when an attacker hijacks a VM hypervisr and then launches attacks against ther devices in the data center when the primary IPS appliance is malfunctining when a VM that may have utdated security plicies is brught nline after a lng perid f inactivity. 20. What are the three cre cmpnents f the Cisc Secure Data Center slutin? (Chse three.) mesh netwrk secure segmentatin visibility threat defense servers infrastructure 21. A disgruntled emplyee is using Wireshark t discver administrative Telnet usernames and passwrds. What type f netwrk attack des this describe? trust explitatin denial f service recnnaissance prt redirectin 22. Which tw statements describe access attacks? (Chse tw.) CCNA 5 Page 4
Trust explitatin attacks ften invlve the use f a laptp t act as a rgue access pint t capture and cpy all netwrk traffic in a public lcatin, such as a wireless htspt. T detect listening services, prt scanning attacks scan a range f TCP r UDP prt numbers n a hst Buffer verflw attacks write data beynd the hallcated buffer memry t verwrite valid data r t explit systems t execute malicius cde. Passwrd attacks can be implemented by the use s brute-frce attack methds, Trjan hrse, r packet sniffers. Prt redirectin attacks use a netwrk adapter card in prmiscuus mde t capture all netwrk packets that are sent acrss a LAN. 23. What is a ping sweep? a scanning technique that examines a range f TCP r UDP prt numbers n a hst t detect listening services. a sftware applicatin that enables the capture f all netwrk packets that are sent acrss a LAN. a query and respnse prtcl that identifies infrmatin abut a dmain, including the addresses that are assigned t that dmain a netwrk scanning technique that indicates the live hsts in a range f IP addresses. 24. As a dedicated netwrk security tl, an intrusin Prtectin system can prvide detectin and blcking f attacks in real time. CCNA 5 Page 5