Exam (elaborations)
Network Pro Exam 2024|Questions & Answers Verified 100% Correct
- Course
- Institution
Network Pro Exam 2024|Questions & Answers Verified 100% Correct
[Show more]
Content preview
Network Pro Exam 2024|Questions & AnswersVerified 100% Correct
What is the primary benefit of CCTV? - ✔✔Expands the area visible to security guards.
Which of the following CCTV types would you use in areas with little or no light? -
✔✔Infrared
Match each physical security control on the left with an appropriate example of that control on
the right. Each security control may be used once, more than once, or not at all. -
✔✔Hardened carrier - Protected cable distribution
Biometric authentication - Door locks
Barricades - Perimeter barrier
Emergency escape plans- Safety
Alarmed carrier - Protected cable distribution
Anti-passback system - Physical access control
Emergency lighting - Safety
Exterior floodlights - Perimeter barrier
You want to use CCTV as a preventative security measure. Which of the following is a
requirement for your plan? - ✔✔Security guards
Which of the following is the MOST important way to prevent console access to a network
switch? - ✔✔Keep the switch in a room that is locked by a keypad.
,Which of the following controls is an example of a physical access control method? -
✔✔Locks on doors
Which of the following can you use to stop piggybacking from occurring at a front entrance
where employees swipe smart cards to gain entry? - ✔✔Deploy a mantrap.
You are an IT consultant and are visiting a new client's site to become familiar with their
network. As you walk around their facility, you note the following: - ✔✔Control access to the
work area with locking doors and card readers.
Relocate the switch to the locked server closet.
Which of the following is a secure doorway that can be used with a mantrap to allow an easy
exit but actively prevents re-entrance through the exit portal? - ✔✔Turnstiles
An organization's receptionist received a phone call from an individual claiming to be a partner
in a high-level project and requesting sensitive information. Which type of social engineering is
this individual engaging in? - ✔✔Authority
What is the primary countermeasure to social engineering? - ✔✔Awareness
Match each social engineering description on the left with the appropriate attack type on the
right. - ✔✔Phishing - An attacker sends an email pretending to be from a trusted
organization, asking users to access a website to verify personal information.
Whaling- An attacker gathers personal information about the target individual, who is a CEO.
Spear phishing - An attacker gathers personal information about the target individual in an
organization.
,Dumpster diving - An attacker searches through an organization's trash for sensitive
information.
Piggybacking - An attacker enters a secure building by following an authorized employee
through a secure door without providing identification.
Vishing - An attacker uses a telephone to convince target individuals to reveal their credit card
information.
What is the definition of any attack involving human interaction of some kind? - ✔✔Social
engineering
Dumpster diving is a low-tech way of gathering information that may be useful for gaining
unauthorized access or as a starting point for more advanced attacks. How can a company
reduce the risk associated with dumpster diving? - ✔✔Establish and enforce a document
destruction policy.
You have just received a generic-looking email that is addressed as coming from the
administrator of your company. The email says that as part of a system upgrade, you need
enter your username and password in a new website so you can manage your email and spam
using the new service.
What should you do? - ✔✔Verify that the email was sent by the administrator and that this
new service is legitimate.
Which of the following is a common social engineering attack? - ✔✔Hoax virus information
emails.
On your way into the back entrance of your work building one morning, a man dressed as a
plumber asks you to let him in so he can fix the restroom. What should you do? - ✔✔Direct
him to the front entrance and instruct him to check in with the receptionist.
, Which of the following are examples of social engineering attacks? (Select two.) -
✔✔Shoulder surfing
Dumpster diving
A senior executive reports that she received a suspicious email concerning a sensitive internal
project that is behind production. The email was sent from someone she doesn't know, and he
is asking for immediate clarification on several of the project's details so the project can get
back on schedule.
Which type of attack BEST describes the scenario? - ✔✔Whaling
You are the IT security administrator for a small corporate network. You have received a zip file
that contains sensitive password-protected files. You need to access these files. The zip file is
located in the home directory.
In this lab, your task is to use John the Ripper to:
Crack the root password on Support.
Crack the password of the protected.zip file in the home directory on IT-Laptop. - ✔✔Crack
the root password on Support.
From the Favorites bar, select Terminal.
At the prompt, type cd /usr/share/john and press Enter to change directories to the folder
containing the John the Ripper password file.
Type ls and press Enter to list the files in the directory.
Type cat password.lst and press Enter to view the password list. This is an abbreviated list.
Type cd and press Enter to go back to root.
Type john /etc/shadow and press Enter to crack the Linux passwords.
Notice that the root password of 1worm4b8 was cracked.
Type john /etc/shadow and press Enter to attempt to crack the Linux passwords again.
Notice that it does not attempt to crack the password again. The cracked password is already
stored in the john.pot file.
Type cat ./.john/john.pot and press Enter to view the contents of the john.pot file.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Examsplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.24. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
81113 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now
