Which security measure is typically found both inside and outside a data center facility?

o A user receives a phone call from a person who claims to represent IT services and then
Answer: Continuous video surveillance asks that user for confirmation of username and password for auditing purposes. Which
Which statement accurately characterizes the evolution of threats to network security? security threat does this phone call represent?
Answer: Internal threats can cause even greater damage than external threats. • Social engineering.
Which security technology is commonly used by a teleworker when accessing resources on 11. Which evasion method describes the situation where after gaining access to the
the main corporate office network? o Answer: VPN administrator password on a compromised host, a threat actor attempts to log in to another
A security intern is reviewing the corporate network topology diagrams before participating host using the same credentials?
in a security review. Which network topology would commonly have a large number of • Pivoting.
wired desktop computers? 12. In what type of attack is a cybercriminal attempting to prevent legitimate users from
Answer: CAN (Campus Area Network) accessing network services?
In the video that describes the anatomy of an attack, a threat actor was able to gain access • DoS (Denial-of-Service).
through a network device, download data, and destroy it. Which flaw allowed the threat
actor to do this? o Answer: A flat network with no subnets or VLANs
Which type of network commonly makes use of redundant air conditioning and a security
trap? o Answer: Data center
Which technology is used to secure, monitor, and manage mobile devices? o
Answer: MDM (Mobile Device Management)
When considering network security, what is the most valuable asset of an organization? o
Answer: Data
What is hyperjacking?
Answer: Taking over a virtual machine hypervisor as part of a data center attack

In what way are zombies used in security attacks?

They are infected machines that carry out a DDoS attack.
What is an example of a local exploit?
A threat actor tries to gain the user password of a remote host by using a keyboard capture
software installed on it by a Trojan.
Which two statements describe access attacks? (Choose two.)
Password attacks can be implemented by the use of brute-force attack methods, Trojan
horses, or packet sniffers.
Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid
data or to exploit systems to execute malicious code.
Why would a rootkit be used by a hacker?
To gain access to a device without being detected.
Which statement describes the term attack surface?
It is the total sum of vulnerabilities in a system that is accessible to an attacker.
Which risk management plan involves discontinuing an activity that creates a risk?
Risk avoidance.
What name is given to an amateur hacker?
Script kiddie.
What is the term used when a malicious party sends a fraudulent email disguised as
being from a legitimate, trusted source?
Phishing.
Which two characteristics describe a worm? (Choose two.)
Travels to new computers without any intervention or knowledge of the user.
Is self-replicating. What is the primary means for mitigating virus and Trojan horse attacks?
A user receives a phone call from a person who claims to represent IT services and then Antivirus software
asks that user for confirmation of username and password for auditing purposes. Which What three items are components of the CIA triad? (Choose three.)
security threat does this phone call represent? Confidentiality
Integrity
Social engineering.
Which evasion method describes the situation where, after gaining access to the Availability
administrator password on a compromised host, a threat actor attempts to log in to another Which security implementation will provide control plane protection for a network device?
host using the same credentials? Routing protocol authentication
Pivoting. What threat intelligence group provides blogs and podcasts to help network security
In what type of attack is a cybercriminal attempting to prevent legitimate users from professionals remain effective and up-to-date?
accessing network services? Talos
DoS (Denial of Service). Which section of a security policy is used to specify that only authorized individuals
should have access to enterprise data?
Identification and authentication policy
In what way are zombies used in security attacks? What worm mitigation phase involves actively disinfecting infected systems?
They are infected machines that carry out a DDoS attack. Treatment
What is an example of a local exploit? With the evolution of borderless networks, which vegetable is now used to describe a
A threat actor tries to gain the user password of a remote host by using a keyboard capture defense-in-depth approach?
software installed on it by a Trojan. Artichoke
Which two statements describe access attacks? (Choose two.) How does BYOD change the way in which businesses implement networks?
Password attacks can be implemented by the use of brute-force attack methods, Trojan BYOD provides flexibility in where and how users can access network resources.
horses, or packet sniffers. What functional area of the Cisco Network Foundation Protection framework uses
protocols such as Telnet and SSH to manage network devices?
Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid Management plane
data or to exploit systems to execute malicious code. What security tool allows a threat actor to hack into a wireless network and detect security
Why would a rootkit be used by a hacker? vulnerabilities?
To gain access to a device without being detected. KisMac
Which statement describes the term attack surface? What is the primary function of SANS?
It is the total sum of vulnerabilities in a system that is accessible to an attacker. To maintain the Internet Storm Center
Which risk management plan involves discontinuing an activity that creates a risk? What method can be used to mitigate ping sweeps?
Blocking ICMP echo and echo-replies at the network edge
Risk avoidance.
What name is given to an amateur hacker?
Script kiddie.
What is the term used when a malicious party sends a fraudulent email disguised as being
from a legitimate, trusted source?
Phishing.
Which two characteristics describe a worm? (Choose two.)
Travels to new computers without any intervention or knowledge of the user.

Is self-replicating.