Which port access control technology allows dynamic authorization policy to be downloaded from the authentication server?
A. VLAN map
B. Port security
C. 802.1x
D. MAC access list
Which of the following VPN protocols do not provide data integrity, authentication, and data encryption?
A. L2TP
B. GRE
C. SSL
D. MPLS
Which of the following is an attack where threat actors can attack hosts, switches, and routers connected to your Layer 2 network by poisoning the ARP caches of systems connected to the subnet and by intercepting traffic intended for other hosts on the subnet?
A. ARP cache injection
B. ARP cache poisoning
C. DHCP snooping
D. ARP snooping
What is SSH used for?
A. Remote access
B. To provide a client-based VPN solution for remote users
C. Managing network equipment remotely
D. Preventing man-in-the-middle attacks by securing traffic between the client and server
Which purpose of a security risk assessment is true?
A. Score a vulnerability.
B. Notify the customer of a vulnerability.
C. Find implementation issues that could lead to a vulnerability.
D. Set the SIR value of a vulnerability.
Which method is a permissive security control in which only specified applications can run on an end host, while all other applications are prevented?
A. application blacklisting
B. application whitelisting
C. application deep packets inspection
D. application recognition and detection
Which of the following network security data types requires the largest amount of storage?
A. session data
B. full packet capture
C. transaction data
D. extracted content
E. alert data
What two statements about Linux are true? (Choose two.)
A. Linux was started by Linus Torvalds as a project to create a Unix-like environment that he could run on his personal home computer because the systems at the university that he attended ran Unix.
B. Linux is openly available to others with very limited restrictions under the terms of GNU public licensing or GPL guidelines.
C. Linux was developed at ATandT labs to serve as a competition against DOS and Windows operating systems.
D. The Linux source code cannot be altered or modified.
What type of spoofing attack uses fake source IP addresses that are different than their real IP addresses?
A. MAC spoofing
B. IP spoofing
C. application spoofing
D. name spoofing
Which three statements best describe password attack countermeasures? (Choose three.)
A. Give password hints upon failure.
B. Lock the account or increase the delay between log-in attempts when there have been repeated failures.
C. Use two-factor authentication.
D. Write the password on a sticky note and post it under the keyboard.
E. Enforce a password complexity policy
