1. Which objective of network security focuses on ensuring systems and data are accessible when needed?
Availability
1/40
| Term | Definition |
|---|---|
1. Which objective of network security focuses on ensuring systems and data are accessible when needed? | Availability |
2. A control that makes attacking one organization less appealing than attacking another is best described as: | Deterrent |
3. Which phase of a hacking process typically includes reviewing public job postings and company websites? | Reconnaissance |
4. Which domain of IT infrastructure primarily includes databases and business applications? | System/Application Domain |
5. Which network device makes forwarding decisions using MAC addresses? | Switch |
6. Which OSI layer is responsible for logical addressing and routing decisions? | Network |
7. A star topology differs from a bus topology primarily because: | A single node failure impacts fewer devices |
8. Which topology exists in both full and partial forms? | Mesh |
9. VLANs primarily operate at which OSI layer? | Layer 2 |
10. Which IPv4 private address range supports the largest number of hosts? | 10.0.0.0/8 |
11. Which mechanism allows IPv4 and IPv6 to run simultaneously on the same device? | Dual-stack |
12. Which IPv6 feature is mandatory rather than optional? | IPSec |
13. A firewall rule set that blocks all traffic except explicitly allowed traffic is known as: | Deny by default |
14. Where should a firewall typically be placed in a secure network design? | At network gateway points |
15. Which attack type is not prevented by a properly configured firewall? | Social engineering |
16. A firewall that protects a single device is best described as a: | Host firewall |
17. Which firewall behavior is considered best practice? | Deny by default, allow by exception |
18. Which firewall limitation exists even when rules are correctly configured? | It cannot stop human deception |
19. Which term describes the combination of an IP address and a port number? | Socket |
20. Port forwarding primarily involves: | Reversing destination translation |
21. Which concept assumes attackers will eventually gain access? | Defense in depth |
22. Adding untested services to a production network most directly increases: | Attack surface |
23. Which security approach relies on hiding systems rather than protecting them? | Security through obscurity |
24. Which type of IDS/IPS analyzes traffic before it reaches the firewall? | Network-based |
25. Business continuity planning focuses primarily on: | Network-based |
26. Which hacker motivation is most associated with financial gain? | Professional |
27. Which hacking phase is typically the shortest? | Attacking |
28. Which malware type requires a host program to spread? | Virus |
29. Which control focuses on limiting user access to only what is required? | Least privilege |
30. Which network segment commonly hosts public-facing services? | DMZ |
31. The OSI model is a physical implementation used in network devices | False |
32. Switches may flood traffic when they do not know the destination MAC address. | True |
33. IPv6 eliminates the need for NAT in most environments. | True |
34. Firewalls can inspect traffic that never passes through their interfaces. | False |
35. Social engineering attacks rely primarily on technical vulnerabilities. | False |
36. Defense in depth assumes that no single security control is perfect. | True |
37. A DMZ is intended to fully trust internal systems | False |
38. Malware signatures can detect zero-day attacks reliably. | False |
39. VLANs can be used to create logical segmentation without changing physical cabling. | True |
40. Authentication and authorization serve the same function in access control | False |