ccna-4-modul4
download klik >> download-ccna-4-modul-4
1. Which two statements are true regarding network security? (Choose two.)
Securing a network against internal threats is a lower priority because company employees represent a low security risk.
*****Both experienced hackers who are capable of writing their own exploit code and inexperienced individuals who
download exploits from the Internet pose a serious threat to network security.
Assuming a company locates its web server outside the firewall and has adequate backups of the web server, no further
security measures are needed to protect the web server because no harm can come from it being hacked.
Established network operating systems like UNIX and network protocols like TCP/IP can be used with their default settings
because they have no inherent security weaknesses.
*****Protecting network devices from physical damage caused by water or electricity is a necessary part of the security
policy.
2. Which two statements are true about network attacks? (Choose two.)
Strong network passwords mitigate most DoS attacks.
Worms require human interaction to spread, viruses do not.
Reconnaissance attacks are always electronic in nature, such as ping sweeps or port scans.
*****A brute-force attack searches to try every possible password from a combination of characters.
*****Devices in the DMZ should not be fully trusted by internal devices, and communication between the DMZ and internal devices should be authenticated to prevent attacks such as port redirection.
3. Users are unable to access a company server. The system logs show that the server is operating slowly because it is
receiving a high level of fake requests for service. Which type of attack is occurring?
reconnaissance
access
*****DoS
worm
virus
Trojan horse
4. An IT director has begun a campaign to remind users to avoid opening e-mail messages from suspicious sources. Which
type of attack is the IT director trying to protect users from?
DoS
DDoS
*****virus
access
reconnaissance
5. Which two statements regarding preventing network attacks are true? (Choose two.)
The default security settings for modern server and PC operating systems can be trusted to have secure default security
settings.
Intrusion prevention systems can log suspicious network activity, but there is no way to counter an attack in progress without
user intervention.
*****Physical security threat mitigation consists of controlling access to device console ports, labeling critical cable runs,
installing UPS systems, and providing climate control.
Phishing attacks are best prevented by firewall devices.
*****Changing default usernames and passwords and disabling or uninstalling unnecessary services are aspects of
device hardening.