Network Security mcq questions with answer – Set 2

Important Instructions:

• Total Number Of Questions : 10
• Passing Marks : 7
• Each Question Carry 1 Mark, No Negative Marking.
• Do Not Refresh The Page.
• This Is A FREE Online Test, DO NOT Pay Money To Anyone To Attend This Test.
• Best Of Luck…

Results

-

Congratulation…
You Have Passed The Test, You Should Try To The Next One…!!

Rate this post

You May Also Like :   Network Security mcq questions with answer - Set 4

Unfortunately…
You Did Not Pass. Why Not Try It Again?

Rate this post

You May Also Like :   Network Security mcq questions with answer - Set 4

#1. Which logs should be examined to determine if an intruder breached internal systems? (Choose all that apply).

Select all that apply:

Router

Router

Firewall

Firewall

IDS

IDS

Switch

Switch

#2. You find that the attack has come through the router and firewall to an unidentified desktop machine. You have the IP addresses but not the traffic content. What is likely your next step?

Disconnect the router from the Internet to prevent further attack progress.

Disconnect the router from the Internet to prevent further attack progress.

Use ACLs to drop the IP address the attack came from.

Use ACLs to drop the IP address the attack came from.

Use a protocol analyzer to see current attack traffic.

Use a protocol analyzer to see current attack traffic.

Turn the findings over to management.

Turn the findings over to management.

#3. From analyzing the network traffic, you have determined that the attack has compromised a desktop in the sales department and is now sending outbound spam e-mails. Which devices can be used to eliminate this traffic? (Choose all that apply).

Select all that apply:

Router

Router

Firewall

Firewall

Caching proxy

Caching proxy

Spam filter

Spam filter

#4. How would an intrusion detection system help you respond to this incident?

It would provide an earlier warning that the attack was happening.

It would provide an earlier warning that the attack was happening.

It would give more details about the attacker.

It would give more details about the attacker.

It would provide more complete logs than the current equipment in place.

It would provide more complete logs than the current equipment in place.

It would not help because it is not an intrusion prevention system.

It would not help because it is not an intrusion prevention system.

#5. Flood guard functionality might protect against which of the following attacks?

Smurf attack

Smurf attack

Address spoofing

Address spoofing

Brute force

Brute force

SQL injection

SQL injection

#6. When building an access control list under an explicit deny approach, where would you place a “deny all” statement?

At the beginning of the ACL entries

At the beginning of the ACL entries

Before any ACLs entries dealing with HTTP traffic

Before any ACLs entries dealing with HTTP traffic

At the end of the ACL entries

At the end of the ACL entries

On the ingress filter

On the ingress filter

#7. Which of the following protocols is not used in loop protection efforts?

Multiple Spanning Tree

Multiple Spanning Tree

Rapid Spanning Tree

Rapid Spanning Tree

Spanning Tree

Spanning Tree

Open Shortest Path First

Open Shortest Path First

#8. 802.1x defines the encapsulation of EAP. What is EAP?

Extensible Autonomous Protocol

Extensible Autonomous Protocol

Extensible Authentication Protocol

Extensible Authentication Protocol

Extended Authentication Protocol

Extended Authentication Protocol

Encapsulation Authentication Protocol

Encapsulation Authentication Protocol

#9. A management VLAN allows administrators to do which of the following?

Connect to the switch remotely

Connect to the switch remotely

Bundle VLANs based on traffic priority

Bundle VLANs based on traffic priority

Copy all packets passing through the switch

Copy all packets passing through the switch

Automatically reorder VLANs based on time of day

Automatically reorder VLANs based on time of day

#10. In ACLs, an implicit deny will apply to network traffic that:

Matches two or more rules in the ACL

Matches two or more rules in the ACL

Does not match any entry in the ACL

Does not match any entry in the ACL

Originates from inside the DMZ

Originates from inside the DMZ

Comes from a spoofed source address

Comes from a spoofed source address

CHECK ANSWER