Certiport Network Security Study Guide UPDATED ACTUAL Questions and
CORRECT Answers
A VPN encapsulates and encrypts data to provide a True
secure connection.
Which controls are looked at as technical Controls IDs & Firewall
A) IDs 2 multiple choice options
B) Training manual
C) Firewall
D) AUP
Which type of injection attack uses keywords such as SQL injection
select and update to manipulate data through a web form
An end user calls the help desk complaining about a Clear out the cache
webpage not loading the most current date for the page
unless the user refreshes the page. What should the help
desk agent have the user do first?
When one suspects a device has been affected by disconnect the device from the network
malware what is the first step that should be taken to
remediate the device?
A good audit plan may collect both successful and failed True
events,
Audit events take up computer resources and personnel True
time so you should be selective about the events to audit
You should always audit log on successes False, track failed logon attempts instead
_________________ redirects internet traffic from one website to Spoofing
an identical-looking site to trick the user into entering
their username and password into their database
What must take place for someone trying to enter a Authentication
physical area of a building before access control takes
place
What is true about networks 1) WPA, and WPA2 can require authentication servers
2) WEP has been cracked and should no longer be in use
3) MAc filtering is best used for small wireless networks as MAC addresses need
to be added to a MAC filtering table manually
, One of the layers of defence in the anti-phishing and Smartscreen filter
malware protection strategies developed by Microsoft
is?
One of the ways you can protect your computer from Windows firewall
hackers and malicious software to use ____ ?
What is considered the minimum length of a good 8 Characters
password
______________________ allows multiple computers on an internal NAT (Network Address translation)
network to share one public address?
Which type of VPN will often have a user connect SSL
through a web browser?
Which type of VPN connection usually connects two site-to-site
business entities?
What email filtering technique uses a list of verified DNS SPF (Sender policy framework)
domains to verify that an email is coming from a trusted
IP address?
Application-level firewalls can provide content filtering True
and virus protection
Application-level firewall support caching True
Application-level firewalls tend to be less resource- False
intensive than that of a traditional firewall
Application-level firewalls tend to be less resource True
intensive than that of a traditional firewall when they
process application-level queries
Which if the following are NTFS permissions Read,
Write,
Modify,
List folder contents,
Read & execute,
Full control
Which protocols are considered unsecured and should PAP, telnet
be avoided in a server environment?
1. PAP
2. SSH
3. CHAP
4. telnet
5. SFTP
CORRECT Answers
A VPN encapsulates and encrypts data to provide a True
secure connection.
Which controls are looked at as technical Controls IDs & Firewall
A) IDs 2 multiple choice options
B) Training manual
C) Firewall
D) AUP
Which type of injection attack uses keywords such as SQL injection
select and update to manipulate data through a web form
An end user calls the help desk complaining about a Clear out the cache
webpage not loading the most current date for the page
unless the user refreshes the page. What should the help
desk agent have the user do first?
When one suspects a device has been affected by disconnect the device from the network
malware what is the first step that should be taken to
remediate the device?
A good audit plan may collect both successful and failed True
events,
Audit events take up computer resources and personnel True
time so you should be selective about the events to audit
You should always audit log on successes False, track failed logon attempts instead
_________________ redirects internet traffic from one website to Spoofing
an identical-looking site to trick the user into entering
their username and password into their database
What must take place for someone trying to enter a Authentication
physical area of a building before access control takes
place
What is true about networks 1) WPA, and WPA2 can require authentication servers
2) WEP has been cracked and should no longer be in use
3) MAc filtering is best used for small wireless networks as MAC addresses need
to be added to a MAC filtering table manually
, One of the layers of defence in the anti-phishing and Smartscreen filter
malware protection strategies developed by Microsoft
is?
One of the ways you can protect your computer from Windows firewall
hackers and malicious software to use ____ ?
What is considered the minimum length of a good 8 Characters
password
______________________ allows multiple computers on an internal NAT (Network Address translation)
network to share one public address?
Which type of VPN will often have a user connect SSL
through a web browser?
Which type of VPN connection usually connects two site-to-site
business entities?
What email filtering technique uses a list of verified DNS SPF (Sender policy framework)
domains to verify that an email is coming from a trusted
IP address?
Application-level firewalls can provide content filtering True
and virus protection
Application-level firewall support caching True
Application-level firewalls tend to be less resource- False
intensive than that of a traditional firewall
Application-level firewalls tend to be less resource True
intensive than that of a traditional firewall when they
process application-level queries
Which if the following are NTFS permissions Read,
Write,
Modify,
List folder contents,
Read & execute,
Full control
Which protocols are considered unsecured and should PAP, telnet
be avoided in a server environment?
1. PAP
2. SSH
3. CHAP
4. telnet
5. SFTP
