SANS SEC401 TEST PAPER EXAM QUESTIONS AND
SOLUTIONS MARKED A+
✔✔dhcp manipulation - ✔✔manipulation of configuration information such as IP
address, subset mask of network segment, IP address of default gateway (router), and
IP of server
✔✔STP - ✔✔spanning tree protocol
✔✔STP Manipulation - ✔✔Redirects traffic to attacker's computer.
✔✔VLAN - ✔✔Virtual Local Area Network
✔✔VLAN hopping - ✔✔The act of gaining access to traffic on other VLANs that would
not normally be accessible by jumping from one VLAN to another.
✔✔Network Segmentation - ✔✔A network arrangement in which some portions of the
network have been separated from the rest of the network in order to protect some
resources while granting access to other resources.
✔✔Topology - ✔✔The physical and logical design of a computer network; the physical
layout of the network devices and the cabling, and how all the components
communicate with each other
✔✔Physical Topology - ✔✔The actual layout of network devices, wires, and cables.
✔✔logical topology - ✔✔A network's access method or the way in which data is
communicated between nodes. ex binary language 1s and 0s
✔✔CSMA - ✔✔Carrier Sense Multiple Access
✔✔CD - ✔✔Collision Detection
✔✔Ethernet - ✔✔shared medium communication mechanism for networks
✔✔Carrier Sense - ✔✔The process of checking a communication medium, such as
cable, for a voltage level, signal transition, or light, indicating the presence of a data-
carrying signal (communication) .
✔✔CSMA/CD (Carrier Sense Multiple Access with Collision Detection) - ✔✔A network
access method specified for use by Ethernet networks. In CSMA/CD, each node waits
its turn before transmitting data to avoid interfering with other nodes' transmissions.
when 2 devices inadvertently transmit at the same time, a collision occurs. which is
detected (CD) then each device retransmits at a random time to avoid collision again
, ✔✔Segmentation - ✔✔separating pieces of a network with differing capabilities,
criticality and security risk:; assets should not be free to communicate unabated
✔✔principle of least privilege - ✔✔components should only have access necessary to
complete its function
✔✔uses for segmentation - ✔✔VLAN, IPsec, internal firewalls, and software-defined
networking (SDN). these are examples of logical controls
✔✔SDN - ✔✔Software Defined Network- considers networking from a virtualized
concept
✔✔benefits of understanding network architecture - ✔✔situational awareness,
prioritizing of effort, reduced cost of effort, timely detection of attacker, timely response,
reduction of damage
✔✔DiD - ✔✔defense in depth- the idea that no single failure of any single part will result
in catastrophic failure of the entirety of the environment
✔✔network sections - ✔✔public, semi-public (dmz), middleware, private
✔✔public network - ✔✔ex internet
✔✔semi-public network (dmz) - ✔✔ex web, email, despite servers
✔✔Middleware - ✔✔separates dmz from private, internal network
✔✔dns - ✔✔Domain Name Service- translates IP address
✔✔dmz - ✔✔Demilitarized Zone
✔✔proxy - ✔✔ex of middleware; separates two ends of a communication; a web server
sends a request to a back end database server. the proxy analyzes that request to
make sure its not malicious before sending it to back end database server. and vice
versa
✔✔private network - ✔✔internal network, internal systems
✔✔3 key rules for tiered network design - ✔✔1) any public system must reside on the
dmz and may NOT contain sensitive data
2) Any sensitive data must reside on the private (internal) network and must NOT be
accessible from the public network
3) dmz can only communicate to the private network via middleware tier (proxy)
SOLUTIONS MARKED A+
✔✔dhcp manipulation - ✔✔manipulation of configuration information such as IP
address, subset mask of network segment, IP address of default gateway (router), and
IP of server
✔✔STP - ✔✔spanning tree protocol
✔✔STP Manipulation - ✔✔Redirects traffic to attacker's computer.
✔✔VLAN - ✔✔Virtual Local Area Network
✔✔VLAN hopping - ✔✔The act of gaining access to traffic on other VLANs that would
not normally be accessible by jumping from one VLAN to another.
✔✔Network Segmentation - ✔✔A network arrangement in which some portions of the
network have been separated from the rest of the network in order to protect some
resources while granting access to other resources.
✔✔Topology - ✔✔The physical and logical design of a computer network; the physical
layout of the network devices and the cabling, and how all the components
communicate with each other
✔✔Physical Topology - ✔✔The actual layout of network devices, wires, and cables.
✔✔logical topology - ✔✔A network's access method or the way in which data is
communicated between nodes. ex binary language 1s and 0s
✔✔CSMA - ✔✔Carrier Sense Multiple Access
✔✔CD - ✔✔Collision Detection
✔✔Ethernet - ✔✔shared medium communication mechanism for networks
✔✔Carrier Sense - ✔✔The process of checking a communication medium, such as
cable, for a voltage level, signal transition, or light, indicating the presence of a data-
carrying signal (communication) .
✔✔CSMA/CD (Carrier Sense Multiple Access with Collision Detection) - ✔✔A network
access method specified for use by Ethernet networks. In CSMA/CD, each node waits
its turn before transmitting data to avoid interfering with other nodes' transmissions.
when 2 devices inadvertently transmit at the same time, a collision occurs. which is
detected (CD) then each device retransmits at a random time to avoid collision again
, ✔✔Segmentation - ✔✔separating pieces of a network with differing capabilities,
criticality and security risk:; assets should not be free to communicate unabated
✔✔principle of least privilege - ✔✔components should only have access necessary to
complete its function
✔✔uses for segmentation - ✔✔VLAN, IPsec, internal firewalls, and software-defined
networking (SDN). these are examples of logical controls
✔✔SDN - ✔✔Software Defined Network- considers networking from a virtualized
concept
✔✔benefits of understanding network architecture - ✔✔situational awareness,
prioritizing of effort, reduced cost of effort, timely detection of attacker, timely response,
reduction of damage
✔✔DiD - ✔✔defense in depth- the idea that no single failure of any single part will result
in catastrophic failure of the entirety of the environment
✔✔network sections - ✔✔public, semi-public (dmz), middleware, private
✔✔public network - ✔✔ex internet
✔✔semi-public network (dmz) - ✔✔ex web, email, despite servers
✔✔Middleware - ✔✔separates dmz from private, internal network
✔✔dns - ✔✔Domain Name Service- translates IP address
✔✔dmz - ✔✔Demilitarized Zone
✔✔proxy - ✔✔ex of middleware; separates two ends of a communication; a web server
sends a request to a back end database server. the proxy analyzes that request to
make sure its not malicious before sending it to back end database server. and vice
versa
✔✔private network - ✔✔internal network, internal systems
✔✔3 key rules for tiered network design - ✔✔1) any public system must reside on the
dmz and may NOT contain sensitive data
2) Any sensitive data must reside on the private (internal) network and must NOT be
accessible from the public network
3) dmz can only communicate to the private network via middleware tier (proxy)
