ITN 263 MIDTERM PT 2 WITH
CORRECT SOLUTIONS
Devaki is an engineer who is designing network security for her company's
infrastructure. She is incorporating protections for programming flaws, default
settings, maximum values, processing capabilities, and memory capacities on
devices, as well as malicious code and social engineering. What is this type of
protection called? - ANSWER-Defense in depth
The chief information officer (CIO) of a large company has been informed by the
board of directors that their corporation is anticipating rapid growth over the next two
years. She calculates the contingency of building additional capacity into the current
network infrastructure. Based on the board's growth estimates, what percentage of
additional capacity should she plan for? - ANSWER-More than 50 percent
Dhruv is the lead network engineer for his three-year-old company. He is writing a
proposal that recommends the network protocol to use in several branch offices.
Based on the age of the networking equipment, what is his recommendation to the
chief information officer (CIO)? - ANSWER-Upgrade to IPv6
Thirty years ago, a major corporation purchased and still owns IP addresses within
the IPv4 Class A range. The corporation uses these addresses to connect to the
Internet. To which IPv4 address range do they belong? - ANSWER-1.0.0.1 to
126.255.255.254
The network engineer of a mid-size company needs to have all servers, network
printers, and other online resources possess the same IPv4 address over time. The
engineer does not want to perform manual address assignments on all of these
resources. Additionally, she wants to prevent any rogue device from having an IPv4
address dynamically assigned just by making the request. What is her solution? -
ANSWER-Dynamic Host Configuration Protocol (DHCP) reservation
Although it is not recommended, a company chief information officer (CIO) wants to
configure and use the ff02::1 group on his new IPv6 network to send traffic to every
node in the infrastructure. What group must he enable? - ANSWER-Anycast
A hacker is attempting to access a company's router using false Internet Control
Message Protocol (ICMP) type 5 redirect messages. What is the hacker's goal? -
ANSWER-To spoof or manipulate routing data
Isabelle is the cybersecurity engineer for a medium-sized company. She is setting up
a firewall for examining inbound network traffic for a variety of characteristics. While
remote users working from home should be allowed access to network resources,
malicious traffic should be blocked. To differentiate between the two, Isabelle is
looking at factors such as whether the inbound traffic is a response to a previous
request inside the network, whether it includes blocked domain names, IP
addresses, and protocols, and whether it conforms to known malicious patterns or is
, otherwise abnormal. What is she setting up the firewall to practice? - ANSWER-
Filtering
Mario is the network security engineer for his company. He discovered that,
periodically, a remote user working from home accesses certain resources on the
network that are not part of her regular duties. Mario has questioned the user and
her supervisor, and has accessed the user's workstation. Mario believes the user is
not the source of these intrusions and strongly suspects a malicious source is
responsible. What is the most likely explanation? - ANSWER-An external hacker has
gained access to the user's authentication and is accessing confidential company
resources.
Nicolau is a network engineer for a large online retailer. He is concerned about the
security of his company's network connections to its customers, vendors, and
partners. Although all of these sources are generally trusted, he knows they can be
hacked by malicious parties and used to steal confidential company data. Which
network-based solution should he choose to detect unauthorized user activity and
attacks that is also capable of taking action to prevent a breach? - ANSWER-
Intrusion detection system/intrusion prevention system (IDS/IPS)
Removing all unnecessary protocols, uninstalling all unnecessary applications and
services, and installing the latest final releases of all device drivers are part of which
security process? - ANSWER-Hardening
The chief information officer (CIO) is working with the chief financial officer (CFO) on
next year's budget for new networking equipment. The CIO is explaining that lowest-
cost equipment is not the sole deciding factor. The hardware must conform to high
security standards to prevent a malicious person from hacking into the network and
accessing valuable company data. Which of the following considerations does not
specifically require a hacker to have physical access to the equipment? - ANSWER-
Remote connection
Gino is an ethical hacker hired as a consultant to test the security of a mid-sized
company's network. As part of his assignment, he has been given physical access to
the system. He has built a dictionary of hashed passwords from the hard drive of the
device. Which type of attack is he planning to launch? - ANSWER-Rainbow
Every morning when James logs into his computer and attempts to access Microsoft
365, he is asked to enter his password. After that, he is sent a text on his mobile
phone with a six-digit code he must enter. In terms of multifactor authentication, his
password is something he knows. What is the text message? - ANSWER-Something
he has
Santiago is a new network engineer for a mid-sized company. It is his responsibility
to ensure that all employees working from home are able to connect to the office
network in an efficient and secure manner. He must provide a service that allows
communications between out-of-office staff and network resources to be encrypted
at the protocol level and to be performed by either client or server software. The
solution must also ensure that even if protocol encryption fails, the data is safe by its
CORRECT SOLUTIONS
Devaki is an engineer who is designing network security for her company's
infrastructure. She is incorporating protections for programming flaws, default
settings, maximum values, processing capabilities, and memory capacities on
devices, as well as malicious code and social engineering. What is this type of
protection called? - ANSWER-Defense in depth
The chief information officer (CIO) of a large company has been informed by the
board of directors that their corporation is anticipating rapid growth over the next two
years. She calculates the contingency of building additional capacity into the current
network infrastructure. Based on the board's growth estimates, what percentage of
additional capacity should she plan for? - ANSWER-More than 50 percent
Dhruv is the lead network engineer for his three-year-old company. He is writing a
proposal that recommends the network protocol to use in several branch offices.
Based on the age of the networking equipment, what is his recommendation to the
chief information officer (CIO)? - ANSWER-Upgrade to IPv6
Thirty years ago, a major corporation purchased and still owns IP addresses within
the IPv4 Class A range. The corporation uses these addresses to connect to the
Internet. To which IPv4 address range do they belong? - ANSWER-1.0.0.1 to
126.255.255.254
The network engineer of a mid-size company needs to have all servers, network
printers, and other online resources possess the same IPv4 address over time. The
engineer does not want to perform manual address assignments on all of these
resources. Additionally, she wants to prevent any rogue device from having an IPv4
address dynamically assigned just by making the request. What is her solution? -
ANSWER-Dynamic Host Configuration Protocol (DHCP) reservation
Although it is not recommended, a company chief information officer (CIO) wants to
configure and use the ff02::1 group on his new IPv6 network to send traffic to every
node in the infrastructure. What group must he enable? - ANSWER-Anycast
A hacker is attempting to access a company's router using false Internet Control
Message Protocol (ICMP) type 5 redirect messages. What is the hacker's goal? -
ANSWER-To spoof or manipulate routing data
Isabelle is the cybersecurity engineer for a medium-sized company. She is setting up
a firewall for examining inbound network traffic for a variety of characteristics. While
remote users working from home should be allowed access to network resources,
malicious traffic should be blocked. To differentiate between the two, Isabelle is
looking at factors such as whether the inbound traffic is a response to a previous
request inside the network, whether it includes blocked domain names, IP
addresses, and protocols, and whether it conforms to known malicious patterns or is
, otherwise abnormal. What is she setting up the firewall to practice? - ANSWER-
Filtering
Mario is the network security engineer for his company. He discovered that,
periodically, a remote user working from home accesses certain resources on the
network that are not part of her regular duties. Mario has questioned the user and
her supervisor, and has accessed the user's workstation. Mario believes the user is
not the source of these intrusions and strongly suspects a malicious source is
responsible. What is the most likely explanation? - ANSWER-An external hacker has
gained access to the user's authentication and is accessing confidential company
resources.
Nicolau is a network engineer for a large online retailer. He is concerned about the
security of his company's network connections to its customers, vendors, and
partners. Although all of these sources are generally trusted, he knows they can be
hacked by malicious parties and used to steal confidential company data. Which
network-based solution should he choose to detect unauthorized user activity and
attacks that is also capable of taking action to prevent a breach? - ANSWER-
Intrusion detection system/intrusion prevention system (IDS/IPS)
Removing all unnecessary protocols, uninstalling all unnecessary applications and
services, and installing the latest final releases of all device drivers are part of which
security process? - ANSWER-Hardening
The chief information officer (CIO) is working with the chief financial officer (CFO) on
next year's budget for new networking equipment. The CIO is explaining that lowest-
cost equipment is not the sole deciding factor. The hardware must conform to high
security standards to prevent a malicious person from hacking into the network and
accessing valuable company data. Which of the following considerations does not
specifically require a hacker to have physical access to the equipment? - ANSWER-
Remote connection
Gino is an ethical hacker hired as a consultant to test the security of a mid-sized
company's network. As part of his assignment, he has been given physical access to
the system. He has built a dictionary of hashed passwords from the hard drive of the
device. Which type of attack is he planning to launch? - ANSWER-Rainbow
Every morning when James logs into his computer and attempts to access Microsoft
365, he is asked to enter his password. After that, he is sent a text on his mobile
phone with a six-digit code he must enter. In terms of multifactor authentication, his
password is something he knows. What is the text message? - ANSWER-Something
he has
Santiago is a new network engineer for a mid-sized company. It is his responsibility
to ensure that all employees working from home are able to connect to the office
network in an efficient and secure manner. He must provide a service that allows
communications between out-of-office staff and network resources to be encrypted
at the protocol level and to be performed by either client or server software. The
solution must also ensure that even if protocol encryption fails, the data is safe by its
