1. Which objective of network security focuses on ensuring systems and data are accessible when needed?
Availability
1/40
| Term | Definition |
|---|---|
| 1. Which objective of network security focuses on ensuring systems and data are accessible when needed? | Availability |
| 2. A control that makes attacking one organization less appealing than attacking another is best described as: | Deterrent |
| 3. Which phase of a hacking process typically includes reviewing public job postings and company websites? | Reconnaissance |
| 4. Which domain of IT infrastructure primarily includes databases and business applications? | System/Application Domain |
| 5. Which network device makes forwarding decisions using MAC addresses? | Switch |
| 6. Which OSI layer is responsible for logical addressing and routing decisions? | Network |
| 7. A star topology differs from a bus topology primarily because: | A single node failure impacts fewer devices |
| 8. Which topology exists in both full and partial forms? | Mesh |
| 9. VLANs primarily operate at which OSI layer? | Layer 2 |
| 10. Which IPv4 private address range supports the largest number of hosts? | 10.0.0.0/8 |
| 11. Which mechanism allows IPv4 and IPv6 to run simultaneously on the same device? | Dual-stack |
| 12. Which IPv6 feature is mandatory rather than optional? | IPSec |
| 13. A firewall rule set that blocks all traffic except explicitly allowed traffic is known as: | Deny by default |
| 14. Where should a firewall typically be placed in a secure network design? | At network gateway points |
| 15. Which attack type is not prevented by a properly configured firewall? | Social engineering |
| 16. A firewall that protects a single device is best described as a: | Host firewall |
| 17. Which firewall behavior is considered best practice? | Deny by default, allow by exception |
| 18. Which firewall limitation exists even when rules are correctly configured? | It cannot stop human deception |
| 19. Which term describes the combination of an IP address and a port number? | Socket |
| 20. Port forwarding primarily involves: | Reversing destination translation |
| 21. Which concept assumes attackers will eventually gain access? | Defense in depth |
| 22. Adding untested services to a production network most directly increases: | Attack surface |
| 23. Which security approach relies on hiding systems rather than protecting them? | Security through obscurity |
| 24. Which type of IDS/IPS analyzes traffic before it reaches the firewall? | Network-based |
| 25. Business continuity planning focuses primarily on: | Network-based |
| 26. Which hacker motivation is most associated with financial gain? | Professional |
| 27. Which hacking phase is typically the shortest? | Attacking |
| 28. Which malware type requires a host program to spread? | Virus |
| 29. Which control focuses on limiting user access to only what is required? | Least privilege |
| 30. Which network segment commonly hosts public-facing services? | DMZ |
| 31. The OSI model is a physical implementation used in network devices | False |
| 32. Switches may flood traffic when they do not know the destination MAC address. | True |
| 33. IPv6 eliminates the need for NAT in most environments. | True |
| 34. Firewalls can inspect traffic that never passes through their interfaces. | False |
| 35. Social engineering attacks rely primarily on technical vulnerabilities. | False |
| 36. Defense in depth assumes that no single security control is perfect. | True |
| 37. A DMZ is intended to fully trust internal systems | False |
| 38. Malware signatures can detect zero-day attacks reliably. | False |
| 39. VLANs can be used to create logical segmentation without changing physical cabling. | True |
| 40. Authentication and authorization serve the same function in access control | False |