SANS SEC401 Module Quizzes | Complete
Study Guide with Questions and
Verified Answers | 100% Correct | Grade
A+
‣ Conceptual Design (network architecture) ✓✓Includes the core
components of a network architecture
Will consider OS platforms, server services, critical core operational
functions, etc.
Helps to understand the overall purpose the network ('WHY' we have it
and the "WHAT' it helps us to achieve)
May utilize the concept of "closed-box" diagramming
‣ TTP ✓✓Tactics
Techniques
Procedures
‣ Logical design (network architecture) ✓✓Represents the logical
functions in the system
Putting the conceptional design on paper
,Maps the components of the conceptual design via the use of a network
diagram
Next parts of the architecture understanding will leverage and build
upon this design step
Uses icons to depict workstations servers printers routers switches and
other devices connected to the network
‣ Physical design (network architecture) ✓✓Builds upon the logical
design by providing detailed aspects of the network components
Details might include: versions, patch levels, hardening configurations,
risk categorization, etc.
Physical design also considers physical risks such as network cable
location, risk of communication interception, etc.
Physical security can betray logical security controls
Details include OS version, patches, hardening configurations, risks,
physical security
,‣ Communication Flow ✓✓Understanding Who accesses data ? When
(at what times) data is accessed ? How much data is accessed ?
Will lead to the development of a baseline - knowing normal allows
abormal to stand out.
Never a 'one and done'. Continual updating is necessary.
‣ Threat Agents ✓✓Opportunistic
Organized cyber crime
Advanced Persistent Threats (nation states)
‣ Attacks Against Routers (5 examples) ✓✓Denial of Service
Distributed Denial of Service
Packet Sniffing
Packet Misrouting
, Routing Table Poisoning
‣ Attacks against switches (5 examples) ✓✓CDP Information Disclosure
MAC Flooding
DHCP Manipulation
STP Manipulation
VLAN Hopping
‣ CDP Information Disclosure ✓✓Cisco Discovery Protocol is used for
switches to communicate about other devices are discoverable on the
network. Exploiting this protocol would give information about types
and versions of switches, OS, usernames and administrative accounts on
the switches, etc.
‣ MAC Flooding ✓✓Flooding the network with fake Media Access
Control (MAC) addresses may degrade the switch and force it into
downgrading into a hub, giving the attackers access to the overall
network.
‣ DHCP Manipulation ✓✓Dynamic Host Configuration Protocol is used
to communicate the network configuration to other devices on the
Study Guide with Questions and
Verified Answers | 100% Correct | Grade
A+
‣ Conceptual Design (network architecture) ✓✓Includes the core
components of a network architecture
Will consider OS platforms, server services, critical core operational
functions, etc.
Helps to understand the overall purpose the network ('WHY' we have it
and the "WHAT' it helps us to achieve)
May utilize the concept of "closed-box" diagramming
‣ TTP ✓✓Tactics
Techniques
Procedures
‣ Logical design (network architecture) ✓✓Represents the logical
functions in the system
Putting the conceptional design on paper
,Maps the components of the conceptual design via the use of a network
diagram
Next parts of the architecture understanding will leverage and build
upon this design step
Uses icons to depict workstations servers printers routers switches and
other devices connected to the network
‣ Physical design (network architecture) ✓✓Builds upon the logical
design by providing detailed aspects of the network components
Details might include: versions, patch levels, hardening configurations,
risk categorization, etc.
Physical design also considers physical risks such as network cable
location, risk of communication interception, etc.
Physical security can betray logical security controls
Details include OS version, patches, hardening configurations, risks,
physical security
,‣ Communication Flow ✓✓Understanding Who accesses data ? When
(at what times) data is accessed ? How much data is accessed ?
Will lead to the development of a baseline - knowing normal allows
abormal to stand out.
Never a 'one and done'. Continual updating is necessary.
‣ Threat Agents ✓✓Opportunistic
Organized cyber crime
Advanced Persistent Threats (nation states)
‣ Attacks Against Routers (5 examples) ✓✓Denial of Service
Distributed Denial of Service
Packet Sniffing
Packet Misrouting
, Routing Table Poisoning
‣ Attacks against switches (5 examples) ✓✓CDP Information Disclosure
MAC Flooding
DHCP Manipulation
STP Manipulation
VLAN Hopping
‣ CDP Information Disclosure ✓✓Cisco Discovery Protocol is used for
switches to communicate about other devices are discoverable on the
network. Exploiting this protocol would give information about types
and versions of switches, OS, usernames and administrative accounts on
the switches, etc.
‣ MAC Flooding ✓✓Flooding the network with fake Media Access
Control (MAC) addresses may degrade the switch and force it into
downgrading into a hub, giving the attackers access to the overall
network.
‣ DHCP Manipulation ✓✓Dynamic Host Configuration Protocol is used
to communicate the network configuration to other devices on the
