Network Security & Database Vulnerabilities All Quiz Answer | Basics of IP Addressing and the OSI Model | Week 2

 Network Security & Database Vulnerabilities All Quiz Answer  Basics of IP Addressing and the OSI Model  Week 2



Basics of IP Addressing ( Practice Quiz )


Q1) The binary (base 2) number "0101" is how much in decimal (base 10) ?

  • 5


Q2) The IP address range goes from 0.0.0.0 to 255.255.255.255 and is known as the "four octets". Why are these 4 numbers called octets ?

  • The number 255 in decimal takes up 8 digits in binary.


Q3) How many octets are used to define the network portion of the IP address in a Class C network ?

  • 3


Q4) True or False: A routable protocol is a protocol whose packets may leave your network, pass through your router, and be delivered to a remote network.

  • True


Q5) True or False: The destination address is defined in the packet header but the source address is in the packet footer.

  • False


Q6) Which network mask belongs to a Class A network ?

  • 255.0.0.0


Q7) IPv6 changes the IP address from a 32 bit address used in IPv4 to a 128 bit address. This results in which of the following ?

  • Many billions of times as many possible IP addresses.


Q8) Which IPv4 addressing schema would you use to send a message to select group systems on the network ?

  • Multicast






TCP/IP Layer 4, Transport Layer Overview ( Practice Quiz )


Q1)  True or False: Utilities such as TFTP, DNS and SNMP utilize the UDP transport protocol.

True


Q2) True or False: The UDP transport protocol is faster than the TCP transport protocol.

True


Q3) Which four (4) of these are characteristic of the UDP transport protocol ?

  • Unreliable
  • Unordered data; duplicates possible
  • Connectionless
  • No flow control






TCP/IP Layer 5, Application Layer Overview ( Practice Quiz )


Q1) What is the primary function of DNS ?

  • To translate domain names to IP addresses and vice versa.


Q2) How does a new endpoint know the address of the DHCP server ?

  • The endpoint sends a DHCP Discover broadcast request to all endpoints on the local network.


Q3) Which Syslog layer contains the actual message contents ?

  • Syslog Content


Q4) True or False: Setting the correct Syslog Severity Level on systems helps keep the Syslog server from being flooded by the millions of messages that could be generated by these systems.

  • True


Q5) True or False: The Syslog message typically includes the severity level, facility code, originator process ID, a time stamp, and the hostname or IP address of the originator device.

  • True


Q6) Why is port mirroring used ?

  • To provide a stream of all data entering or leaving a specific port for debugging or analysis work.







Firewalls, Intrusion Detection and Intrusion Prevention Systems ( Practice Quiz )


Q1) What is the main difference between a Next Generation Firewall (NGFW) and a traditional firewall ?

  • NGFW use sessions.


Q2) True or False: Unlike traditional stateful firewalls, next-generation firewalls drill into traffic to identify the applications traversing the network.

  • True


Q3) What are the two (2) primary methods used by Intrusion Prevention Systems (IPS) to discover an exploit ?

  • Statistical anomaly-based detection.
  • Signature-based detection.


Q4) If your nontechnical manager told you that you must configure your traditional second-generation firewalls to block all users on your network from posting messages on Facebook from their office computers, how would you carry out this request ?

  • You would have to block any IP addresses used by Facebook.






Clustering and High Availability Systems ( Practice Quiz )


Q1) Which condition should apply in order to achieve effective clustering and failover among your firewalls ?

  • All of the above.






Basics of IP Addressing and the OSI Model ( Main Quiz )


Q1) How would you express 15 in binary (base 2) ?

  • 01111


Q2) How many octets are used to define the network portion of the IP address in a Class A network ?

  • 1


Q3) The device used to separate the network portion of an IP address from the host portion is called what ?

  • The subnet mask.


Q4) The IP header contains a time-to-live (TTL) value. How is this value expressed ?

  • The number of Layer 3 devices (hubs, routers, etc.) the packet is allowed to pass through before it is dropped.


Q5) Which is the host portion of this IP address 192.168.52.3/24 ?

  • 3


Q6) Which network mask belongs to a Class C network ?

  • 255.255.255.0


Q7) Which IPv4 addressing schema would you use to send a message to all systems on the network ?

  • Broadcast


Q8) Which three (3) of the following are legitimate IPv6 addressing schemas ?

  • Multicast
  • Unicast
  • Anycast


Q9) True or False: Utilities such as TFTP, DNS and SNMP utilize the TCP transport protocol.

  • False


Q10) Which two (2) of these fields are included in a UDP header ?

  • Source Port
  • Destination Port


Q11) Which four (4) of these are characteristic of the TCP transport protocol ?

  • Connection-oriented
  • Ordered data; duplicate detection
  • Reliable
  • Flow control


Q12) How does an endpoint know the address of the DNS server ?

  • It is manually configured in the network settings by the administrator or obtained from the DHCP server.


Q13) What is the primary function of DHCP ?

  • To automatically assign IP addresses to systems.


Q14) Which Syslog layer would handles the routing and storage of a Syslog message ?

  • Syslog Application


Q15) Which of the following flow data are gathered by utilities such as NetFlow ?

  • All of the above.


Q16) When a network interface card in operating in promiscuous mode, what action does it take ?

  • The NIC sends all packets to the CPU for processing instead of only those packets indicated for its MAC address.


Q17) If a packet is allowed to pass through a NGFW based upon the established firewall rules and a new session is established, how does the NGFW treat the next packet it encounters from the same session ?

  • Subsequent packets of the same session are automatically allowed.


Q18) If your nontechnical manager told you that you must configure your next generation firewalls (NGFW) to block all users on your network from posting messages on Facebook from their office computers, what would be the consequence of carrying out his order ?

  • No serious consequence, application-level inspection and blocking can be configured.


Q19) Monitoring network traffic and comparing it against an established baseline for normal use is an example of which form of intrusion detection ?

  • Statistical anomaly-based detection


Q20) Which are three (3) characteristics of a highly available system ?

  • Failover
  • Monitoring
  • Redundancy








Post a Comment

0 Comments