When Does Comptia Security+ 601 Expire
294 questions across 0 topics. Use the find bar or section chips to jump to what you need.
What type of certificate does a CA have?
Root Certificate; used to sign keys
If I am going to use a CA internally, what type of CA should I use?
Private CA
If I want to carry out a B2B activity with third-party companies or sell products on the web, what type of certificate should I use?
Public CA
Why would I make my CA offline when not in use?
Military, Security, or Banking Organizations; preventing data from being compromised.
Who signs X.509 certificates?
Central Authorities (CA)
Who builds the CA or intermediate authorities?
Architect
What can I use to prevent my CA from being compromised and fraudulent certificates being issued?
Certificate Pinning
If two entities what to set up a cross-certification, what must they set up first?
Root CAs using a bridge trust model
What type of trust model does PGP use?
Web of Trust
How can I tell if my certificate is valid?
Certificate Revocation List (CRL)
If the CRL is going slow, what should I implement?
Online Certification Status Protocol (OCSP)
Explain certificate stapling/OCSP stapling
Web servers use an OCSP for faster authentication bypassing the CRL
What is the process of obtaining a new certificate
Certificate Signing Request (CSR)
What is the purpose of key escrow?
Holds an provides access to 3rd party keys provided the need.
What is the purpose of Hardware Security Model (HSM)
Used by key escrow to store and manage keys
What is the purpose of DRA and what does it require in order to complete its role effectively?
When a users private key becomes corrupt, the DRA recovers data by obtaining a copy of the private key from the key escrow.
How can I identify each certificate
Object Identifier (OID) or the serial number
What format is a private certificate?
P12
What file extension is a private certificate?
.pfx extension
What format is a public certificate?
P7B
What file extension is a public certificate?
.cer extension
What format is a PEM certificate?
Base64
What type of certificate can be used on multiple servers in the same domain
Wildcard (denoted by a *)
What type of certificate can be used on multiple domains?
Subject Alternative Name (SAN)
What should I do with my software to verify that it is original and not a fake copy (verify integrity)?
Code Signing
What is the purpose of extended validation of an X.509 certificate?
Provides Financial institutions with a higher level of trust.
What is the purpose of DH?
Creates a secure tunnel; during a VPN connection (on port 500), used during IKE
What two things does digitally signing an email provide?
Integrity and Non-repudiation
What asymmetric encryption algorithm should I use to encrypt data on a smartphone?
ECC (Elliptic Curve Cryptography)
What shall I use to encrypt a military mobile phone?
AES-256
Name two key stretching algorithms
Bcrypt & PBKDF2
What is the purpose of key stretching?
To make weak passwords less volatile to brute-force attacks
What happens to Cipher Block Chaining (CBC) if I do not have all the blocks?
No decryption is possible
If I want to ensure integrity of data, what shall I use?
MD5 & SHA-1
What type of man-in-the-middle (MITM) attack is SSL 3.0 (CBC) vulnerable to?
POODLE
What is the usage of Diffie Hellman Ephemeral (DHE) and Elliptic Curve Diffie Hellman Ephemeral (ECDHE)
one time keys
What is the strongest method of encryption with an L2TP/IPSec VPN Tunnel
AES
What is the weakest method of encryption with an L2TP/IPSec VPN Tunnel
DES
What is the name of the key used to ensure the security of communication between a computer and a server or a computer to another computer?
Session key
What should I do to protect data at rest on a laptop?
Full Disk Encryption (FDE)
What should I do to protect data at rest on a tablet or smartphone?
Full Device Encryption (FDE)
What should I do to protect data at rest on a backend server?
Ensure database encryption
What should I do to protect data at rest on a removable device, such as a USB drive or external hard drive?
Data Loss Prevention (DLP) or FDE
What two protocols protect data in transit?
Transport Layer Security (TLS) or HTTPS
How can I protect data in use?
Full memory encryption
What is the purpose of obfuscation?
Provided source code is compromised the code will be obscure; using either XOR or ROT13.
What is the purpose of perfect forward secrecy?
There is no link between the server's session key and the private key.
What type of attack tries to find two has values that match?
Collision attack
What is the purpose of rainbow tables?
Maintain a precomputed table of hash values for words
Explain the purpose of password salting
ensures that duplicate passwords are never stored. increases the key size making it less vulnerable to brute-force attacks.
What is the most common form of authentication that is most likely to be entered incorrectly
password
When I purchase a new wireless access point, what should I do first?
Change default credintials
What is password history?
The number of passwords you can use before using the current password
How can I prevent someone from reusing the same password?
Adjusting the minimum password age
Explain what format a complex password takes.
Uses 3 of the following: 1. Uppercase 2. Lowercase 3. Number 4. Special Character
How can I prevent a hacker from inserting a password multiple times?
Account lockout - threshold
What type of factor authentication is a smart card?
Multi-factor or dual factor
What authentication method can be used by two third parties that participate in a joint venture?
federation
What is an XML-based authentication protocol
Security Assertion Markup Language (SAML)
What is Shibboleth?
Open source federation that uses SAML authentication
What protocol is used to store and search for Active Directory (AD) objects
LDAP
What authentication factor uses tickets, timestamps, and updated sequence numbers and is used to prevent replay attacks?
Kerberos
What is a Ticket Granting Ticket (TGT) session?
User sends there credentials (username and password) to a domain controller that authenticates and provides a receive ticket allowing user access to the session.
What is single sign-on? Give two examples?
Kerberos & Federation Services
How can I prevent a pass-the-hash attack?
Not enabling NTLM
Give an example of when you would use Open ID connect
When you need to access a device using 3rd party credentials (sign-in with google)
Name two AAA servers and the ports associated with them.
TACACS+ on port 49 RADIUS on port 1812
What is used for accounting in an AAA server?
RADIUS on port 1813
What is the purpose of a VPN solution?
Secure connection for a remote location
Why should we never use PAP authentication?
Passwords are transmitted in plain text
What is Type II in biometric authentication an why is it a security risk?
Failure acceptance rate
What is a time-limited password?
Password is only available for a limited amount of time
How many times can you use an HOTP password? Is there a time restriction?
One time; there is no time before it expires
How does a CAC differ from a smart card and who uses a CAC?
Military personal
What type of account is a service account?
An administrative account that allows for an application to run with higher privileges. (firewall)
How many accounts should a system administrator have?
Two accounts one for day-to-day and one for admin. task
What do I need to do when I purchase a baby monitor?
Change the default username and password
What is a privileged account?
Account with administrative rights
What is the drawback for security if the company uses shard accounts?
When auditing account the activity cannot be traced to a single user
The system administrator in a multinational corporation creates a user account using an employee's first name and last name. Why are they doing this time after time?
Standard naming conventions
What two actions do I need to complete when John Smith leaves the company?
Disable his account and reset the password
What is account recertification?
Audit of user account and privileges
What is the purpose of a user account review?
Ensures old accounts are deleted and current users have correct privileges
What can I implement to find out immediately when a user is placed in a group that may give them a hight level of privilege?
SIEM System
What will be the two possible outcomes if an auditor finds any working practices that do not confirm to the companies policy?
Either change of management or new policies
If a contractor brings in five consultants for two months of mail server migration, how should I set up their accounts?
Accounts should be set up to expire on or before the last day of the contract.
How can I ensure that users are only allowed access to the company network between the times of 9:00am - 5:00pm?
Rule-based access control that only allows for activity durning this time
If I have a company that has five consultants who work in different shift patterns, how can I set up their accounts so that each of them can only access the network during thier individual shift?
Time of day restrictions that align with their schedules
A brute-force attack cracks a password using all combinations of characters and will eventually crack a password. What can I do to prevent brute-force attacks?
Account lockout
The IT team have a global group called IT Admin; each member of the IT team are members of this group and therefore have full control access to the departmental data. Two new apprentices are joining the company and they need to have read access to the IT data. How can you achieve this with the minimum amount of administrative effort?
Create a group account with only the privileges required
I have different login details and passwords to access Airbnb, Twitter, Facebook, and Google but I keep getting them mixed up and have locked myself out of these accounts from time to time. What can I implement on my Windows 10 laptop to help me?
Credential Manager
I have moved departments, but the employees in my old department still use my old account for access; what should the company have done to prevent this from happening? What should their next action be?
Disable and lock out the account. The next action should be an account review.
What is the purpose of ssh-copy-id command
The purpose is to copy and install public keys on a SSH server, and add to the list of authorized keys.
When I log in to my Dropbox account from my phone, I get an email asking me to confirm that this was a legal login. What have I been subjected to?
Risky login
What is the purpose of a password valut and how secure is it?
The purpose is to store passwords and keys. It is only as secure as the master key.
What type of knowledge-based authentication would a bank normally use?
Dynamic KBA that asks questions that have not already been answered
What is a solution that helps protect privilege accounts?
Privileged access management stores privilege accounts in a bastion domain.
FAR
False Acceptance Rate
FRR
False rejection rate. Also called the false nonmatch rate. A rate that identifies the percentage of times a biometric authentication system incorrectly rejects a valid match.
Why do cloud providers adopt a zero-trust model?
They treat every login as unsafe to prevent unauthorized attempts at login
What authentication model gives access to computer system even though the wrong credentials are being used?
Biometric authentication
In a cloud environment what is elasticity?
Allows you to increase or decrease the cloud resources as you need
In which cloud environment would I install the software and then have to update the patches?
Infrastructure as a Service (IaaS)
What cloud model would I not be allowed to migrate to?
Software as a Service (SaaS)
What is the major benefit of using a public cloud?
No capital expenditures
What is a cloud single-tenant model?
Private cloud were you own and the infastructure
What is a cloud multitenant model?
Public Cloud
Describe how community cloud operates.
Where people from the same industry design and share the cost of a bespoke application and its hosting.
Who is responsible for disaster recovery of hardware in a cloud environment?
Cloud Service Provider (CSP)
What is a Cloud Access Security Broker (CASB)?
person who ensures that the policies between on-premise and the cloud are followed
What model is it if you own the premise and all of the IT infrastructures reside there?
On-premise
What is a hybrid cloud model?
Where a company uses a mix of on-premise and the cloud
What is distributive allocation?
Ensures that the load is spread evenly among resources. Ensuring that no one resource gets overloaded. Ex. load balancer.
What type of model deals with Identity and Access Management?
Security as a Service (SECaaS)
Where will a diskless virtual host access its storage?
Storage Area Network (SAN)
If you have a virtual switch that resides on a SAN, what connector will you use for a VLAN?
iSCSI
What type of disks does a SAN use?
Fast disk, SSDs
What is the machine that holds a number of VMs called?
Host; needs to have fast CPU, memory, and disk speed
What is a guest, and what can you use as a rollback option?
A guest is a Virtual Machine (VM); and you can use snapshots for roll backs.
In a virtual environment what is a sandbox and how does it relate to chroot jail?
A sandbox is a separation of the Virtual Machine from the rest of the environment. Chroot jail is the Linux version of a sandbox.
Which is faster for data recovery: a snapshot or a backup tape?
Snapshoot
What is a Type 1 Hypervisor?
Bare-metal hypervisor that doesn't need to be installed on an OS; examples include Hyper-V, ESX, Xen.
What is a Type 2 Hypervisor?
Must be installed on a OS; examples include VirtualBox
Why does HVAC produce availability for a data center?
HVAC supplies cold air and removes hot air
What do you call the cloud model where people from the same industry share resources and the cost of the cloud model?
Community Cloud
What is an example of cloud storage for a personal user?
iCloud, Google Drive, OneDrive, Dropbox
Explain the functionality of Fog Computing.
Is an intermediary between the device and the cloud. It allows the data to be processed closer to the device.
What is edge computing?
It allows data to be stored closer to the sensors rather than miles away in a data center
What are containers?
Allows for the isolation of the applications and its files and libraries so the application is independent
What is infrastructure as code?
This allows for the automation of your infrastructure
What are cloud resource policies?
The combination of business and IT functions into a single business solution
What is system sprawl, and what is a way to prevent it?
This is where a virtual machine or host has run out of resources. The best way to mitigate is to use thin provisioning.
What is the best way to protect against VM escape?
VM escape is where an attacker will use a vulnerable VM to attack the host of another VM. Best protection is to ensure the hypervisor and all VMs are fully patched.
What is a cloud region, and how can it provide redundancy?
A region consisting of multiple physical location called zones; data can be spread across multiple zones to provide redundancy.
What is secret management and why encryption levels protect the secret management key?
Uses a vault to store keys, passwords, tokens, and SSH keys used for privileged accounts. It uses RSA-2048 bit keys
Explain the main difference between LRS and ZRS. Which one is the cheapest?
LRS replicates three copies of your data in a physical location (the cheapest). ZRS replicates three copies of your data to three separate zones within your region.
Why would a VPC use private and public subnets?
It would be used as a form of network segmentation
What types of resources would be held on a public subnet?
Resources that need access to the internet for example, company web servers, a NAT gateway and an internet gateway.
What types of resources would be held on a private cloud?
Resources that should not have direct internet access, such as database servers, domain controllers, and email servers.
How would someone connect to a VPC?
A VPN connection using L2TP/IPSec
Where should a default route be pointing for a device within a private subnet, and what is its purpose?
The default route should be set to 0.0.0.0 pointing either to the NAT gateway or the internet gateway. The purpose is so that when traffic does not know where to go it has a last resort.
Why might a third-party cloud solution be better than a cloud-native solutions?
A third-party will offer more flexibility
Which pen tester would be given source code?
White box pen tester
Why would a shared account pose a problem to monitoring?
Prevents from monitoring an auditing of an individual
Which pen tester would be given no access prior to test but, at the last minute is given a diagram of the desktop?
Grey box pen tester
What needs to be established prior to a pen test commencing?
Rules of Engagement
While carrying out an unannounced pen test, how does the tester know if the internal security are on to him?
He would hold regular meetings with the client to determine if he has been detected.
What is the scope of rules of engagement?
The scope determines if the tester is black, grey, or white.
If the pen test has been announced to the IT team, what information should they provide regarding the test prior to the testing starting?
They should provide their IP address
At what phase of a pen test does the tester return the system back to the original state or inform the IT team of vulnerabilities that need patching?
Clean-up phase
What is OSINT? Is it legal?
Open Source Intelligence (OSINT) and yes it is legal
What is the purpose of red team?
They serve as the attackers
What is the purpose of blue team?
They serve as the defenders
What is the purpose of white team?
They judge and organize the cybersecurity events. Ensuring that reports are accurate & countermeasures are recommended.
What is the purpose of the purple team?
They play both attacker and defender; typically this is an auditor
When evaluating CVSS scores, which vulnerability should be addressed first?
Critical
Describe a false positive
When monitoring the network via the SIEM system and it alerts of an attack, but upon manual inspection there is none.
Describe a true positive
When the SIEM system and manual check agree
What is the difference between an intrusive and non-intrusive scan?
Intrusive scans attempt to do damage with vulnerabilities they find. Non-intrusive scans passively scan not causing damage.
What is regression testing and who will carry it out?
When a developer test the code written to ensure there are no flaws
When would dynamic analysis be carried out?
When you evaluate a program in real time
What is a syslog and what purpose does it server?
Syslog's collect data from the system and log important events. That data is then forwarded to the SIEM for further analysis.
Why does a SIEM server rely upon synchronized time clocks between all of the servers and devices that it collects data from?
Events are put in chronological order
What is the purpose of threat hunting?
A company does this to check if they have been subject to a cyber attack.
SSH
Secure remote access; port 22
SCP
Secure copy protocol; TCP port 22
SFTP
Secure (SSH) FTP download; TCP port 22
DNSSEC
Secure DNS traffic every DNS record is digitally signed with a RRSIG record; TCP/UDP port 53
Kerberos
Secure authentication; TCP port 88
SNMPv3
Simple Network Management Protocol version 3. A protocol used to monitor and manage network devices; UDP port 162
LDAPS
Secure LDAP; TCP 389
HTTPS
secure web browsing; TCP port 443
TLS
secure data in transit; TCP port 443
IPSec
secure session for VPN or between two host using Authenticated Header (AH) and Encapsulated Security Payload (ESP); UDP 500
SMTPS
Secure SMTP; TCP port 587
IMAP4
Secure IMAP4; TCP port 993
Secure POP3
TCP port 995
S/MIME
Encrypt or digitally sign email using PKI; TCP port 993
FTPS
File transfer protocol security; download large files securely; TCP port 989 data channel/990 control channel
Remote Desktop Protocol (RDP)
Microsoft remote access; TCP port 3389
Session Initiated Protocol (SIP)
connects internet-based calls; TCP port 5060/61
Secure Real-time Transport Protocol (SRTP)
secure voice traffic; TCP port 5061
File Transfer Protocol (FTP)
File transfer - passive FTP; TCP port 21
Telnet
Run commands on remote host; TCP port 23
Simple Mail Transfer Protocol (SMTP)
Transport mail between mail servers; TCP port 25
DNS
host name resolution, zone transfers, and name queries; TCP/UDP port 53
Dynamic Host Configuration Protocol (DHCP)
Automatic IP address allocation; UDP port 67/68
Trivial File Transfer Protocol (TFTP)
File transfer using UDP; UDP port 69
Hyper Text Transfer Protocol (HTTP)
Web browser; TCP port 80
POP3
Pull mail from mail server, no copy left on mail server; TCP port 110
Network Time Protocol (NTP)
time synchronization; TCP port 123
NETBIOS
network BIOS to IP address resolution; UDP port 137-139
SNMP (Simple Network Management Protocol)
notifies the status and creates reports on network devices; UDP port 161
LDAP
Stores x500 objects, searches directory services for users and groups and other information; TCP port 389
DNS Record Type A
IPv4 host
DNS Record Type AAAA
IPv6 host
DNS Record Type CNAME
Alias
DNS Record Type MX
Mail Server
DNS Record Type SRV Records
Finds Services such as a domain controller
MAC Flooding
where a switch is flooded with a high volume of MAC addresses; DDoS attack
What is the authentication protocol that uses tickets and prevents replay attacks?
Kerberos
Describe how IPSec tunnel mode works.
Typically used for external VPNs. Both the AH and ESP are encrypted
Describe how IPSec transport mode works.
Typically used internally between two servers were only the ESP is encrypted
If an IT administrator uses Telnet to run remote commands on a router, which secure protocol can it be replaced with?
SSH
What is the purpose of a router?
Connect external networks and route IP packets
What is the purpose of a switch?
Internal devices that connect computers in the same location
What type of service is Spotify?
subscription service
Explain how port security works.
Where a port on a switch is disable preventing the use of a the corresponding wall jack.
Describe how a managed switch with 802.1x works.
802.1x authenticates users and devices connecting to a switch. If the user does not have a certificate then they are unable to connect to the switch.
Which protocol can I use to prevent DNS poisoning?
DNSSEC
What are two reasons why a computer might not receive an IP address from a DHCP server?
Resource exhaustion or network connectivity
What type of server would both an SIEM server and Microsoft Domain Controller benefit from having installed on their network?
Kerberos server
If two companies rented offices on the same floor, what could the building administrator implement to isolate them from each other
VLANs
What is the purpose of STP?
Spanning Tree Protocol is used to prevent redundant network paths and looping that slows down performance.
If a network administrator wanted to collect the statuses and reports of network devices what secure protocol could they use?
SMTPv3
If a network administrator wants to set up a VPN, what is the most secure protocol that they can use?
AES-256 for L2TP/IPSec VPN
Which secure protocol can be used to prevent a pass-the-hash attack?
Kerberos
Which protocol protects data in transit?
TLS
Which protocol can be used to digitally sign email between two parties?
S/MIME
Which protocol can be used to secure video conferencing?
SRTP
Which protocol allows a user to put a Skype session on hold, speak to another person, and then come back to the first caller?
SIP
A system administrator is managing a directory service using a protocol that uses TCP port 389. What protocol are they using and which protocol can be used to carry out the same task securely?
LDAP on 389 can be replaced with LDAPS on port 636
What protocol can be used to transfer files remotely?
FTPS
Ping
used to test the connectivity to another host. Maximum Total Time to Live is 128 seconds
ping -t
is used for diagnostic testing; continuous ping
hping
used as a TCP/IP packet analyzer and assembler.
tracert/traceroute
shows the route taken from a computer to a website.
pathping
calculates the statistic of the trace, and shows the loss at each router
Netstat
shows the established connections and the listening ports
nslookup
diagnostic tool for verifying the IP address of a hostname in the DNS server database
dig
linux/unix version of nslookup
arp
is used to translate IP addresses to Mac addresses.
arp -a
command shows the arp cach
ipconfig/ifconfig
shows the ip configuration on windows and linux/unix uses both.
ipconfig /displaydns
displays all cached dns entries in a windows system
ipconfig /flushdns
Flush the DNS resolver cache
tcpdump
this is used by linux/unix as a packet sniffer command
tcpdump -i <interface name>
shows the packet traffic information on the interface
nmap
is an open source network mapper. It can create an inventory of all the devices on your network; can be used for banner grabbing
netcat
shows network connections in a linux/unix environment
netcat -z <port range>
allows you to see the statistic regarding the ports in the specified range
curl -s
is used to fetch remote banner information from web servers; this is silent mode
curl -I
fetches the HTTP headers
sfc /scannow
replaces corrupted files with a copy held in a compressed folder in system32
cat
allows for you to view and concatenate files
Class A private address range
10.0.0.0 - 10.255.255.255
Class B private address range
172.16.0.0 - 172.31.255.255
Class C private address range
192.168.0.0 - 192.168.255.255
What is the purpose of a web application firewall and where is it normally place?
Normally placed on a web server it protects web applications from attacks
What is implicit deny and which two devices does it affect?
Used by firewalls and routers implicit deny is when there is no rule for traffic thus it is just denied
What is the firewall that does content filtering, URL filtering, and malware inspection?
Unified Threat Management (UTM) Firewall
What network device connects two networks together?
Router (Layer 3)
What type of internal device connects users on the same network?
Switch
Which type of device hides the internal network from hackers on the internet?
Network Address Translation (NAT); private IP addresses are changed to a singular public address that is visible on the network
What is an inline NIPS?
Where the incoming traffic is screened by the Network IPS (NIPS)
What type of IPS protects virtual machines from attack?
Host-based IPS (HIPS)
Which type of IPS is placed behind the firewall as an additional layer of security?
NIPS
If I don't have a NIDS on my network, which device can passively monitor network traffic?
A passive NIPS can provide the same functionality
What is the difference between a signature and anomaly-based NIDS?
Signature based NIDS work only on a database of defined threats. Anomaly-based NIDS have a baseline database of threats but can detect threats outside of this baseline
What is the passive device that sits on your internal network?
NIDS
If I receive an alert that server1 has a virus and I inspect the server ad there are no viruses, what is this known as?
False Positive
How can I prevent someone from accessing a medical center's network by plugging their laptop into a port in the waiting room?
Enabling port security; this turns off selected ports on a switch
How can I prevent someone from plugging a rouge access point into my network?
Enabling 802.1x security on a managed switch. 802.1x relies on authentication of devices before allowing use to the desired port
How do 802.1x and port security differ? Which one gives more functionality
802.1x keeps ports active and disallows access if the device connecting cannot be authenticated. Port security disables ports entirely. 802.1x is more functional
What happens in the IKE phase of a VPN session?
DH uses UDP port 500 to establish a secure connection
What is the purpose of a VPN concentrator?
Sets up the secure session for a VPN
What is the most secure VPN tunneling protocol?
L2TP/IPSec using AES 256 to encrypt the ESP
What modes would you use in L2TP/IPSec tunnel over the internet and then internally?
External Tunnel = Tunnel mode Internal Tunnel = Transport mode
Which VPN session type would you use on a site-to-site VPN?
The session type should be switched to always-on mode.
What network device would be used to manage a high volume of web traffice?
Load balancer
What type of network is used by a virtual network so that the route requests are forwarded to a controller?
Software Designed Network (SDN)
What is the purpose of a screened subnet and what type of web server is located there?
It is a boundary layer that host an extranet server, this is also know as the extranet zone, or DMZ
If I want to find out what attack methods a potential hacker is using, what do I need to set up?
Honeypot
What is the purpose of network access control? Name two agents that it uses.
Ensures that devices that are connecting are fully patched. Ex. permanent and disposable
What type of device can be used to automate the collection of log files across many different devices?
SIEM server
If I wanted to back up data to a backup device but, at the same time, prevent someone from deleting the data, what device do I need to use?
Write-once-read-many (WORM)
Explain the port mirror process and name another device that could be used for the same process?
In this process data going to a port is copied and sent to another device for analysis. A tap is an example of another device
What type of records are created by DNSSEC?
A RRSIG record is created for every DNS host and a DNSKEY is used in signing KSK and ZSK
What are the two portions of an IPSec packet?
The authentication header (AH) using MD5 or SHA-1 encryption, and the ESP using DES, 3DES, or AES encryption
What type of IP address is 2001:123A:0000:0000:ABC0:0DCS:0023 and how can we simplify it?
This is an IPv6 address and it can be simplified into 2001:123A::ABC0:DCS:23
What is the benefit of HTML 5 VPN?
It requires no infrastructure to set up.
What mode is an L2TP/IPSec VPN if it encrypts both the header and the payload?
Tunnel
What is the purpose of a jump server?
It allows for remote SSH sessions on a screened subnet or cloud
What is load balancing persistence or affinity?
Where the host is sent to the same server for the session
What is the downside to using two load balancers in an active/active model?
They both balance loads near capacity; if one load balancer fails the network traffic is very slow
Three different groups of workers are in an open plan office and they are all connected to the same physical switch. What can be done to isolate them from each other?
VLANs
How does East-West traffic operate?
Laterally (internally) to other servers in a data center
What is a zero-trust model and where is it likely to be used?
No traffic is trusted and all traffic must be authenticated. This is commonly used in the cloud
Why would someone use Angry IP?
To scan a range of IP addresses to check if any of them are active or not
When would someone use the harvester tool?
To collect email addresses from a particular domain
How can an attacker find the DNS records from your domain?
Dnsenum
Why would I use the scanless tool?
So the scan usage cannot be traced to me
What is the purpose of DHCP snooping?
to prevent rogue DHCP severs
What are the two main reasons why I would receive an APIPA address of 169.254.1.1?
The DHCP server is experiencing resource exhuastion, or bad connectivity with the DHCP server.
Looking for a different version?
CBTs get updated every year. Search for the exact version you're taking (e.g. "cyber awareness 2025").
Search all study materials