Test : CCNA Cyber Ops - SECFND # 210-250

Which option is a purpose of port scanning?

Options are :

  • Identify the Internet Protocol of the target system.
  • Determine if the network is up or down.
  • Identify which ports and services are open on the target host. (Correct)
  • Identify legitimate users of a system.

Answer : Identify which ports and services are open on the target host.

Which two protocols are used for email? (Choose two.)

Options are :

  • NTP
  • DNS
  • HTTP
  • IMAP (Correct)
  • SMTP (Correct)

Answer : IMAP SMTP

Mock : CCNA Cyber Ops - SECOPS # 210-255

Which definition of the virtual address space for a Windows process is true?

Options are :

  • actual physical location of an object in memory
  • set of virtual memory addresses that it can use (Correct)
  • set of pages that are currently resident in physical memory
  • system-level memory protection feature that is built into the operating system

Answer : set of virtual memory addresses that it can use

Which of the following is not a valid access control model?

Options are :

  • Imparted (Correct)
  • Discretionary
  • Mandatory
  • Role-based

Answer : Imparted

Mock : CCNA Cyber Ops - SECOPS # 210-255

The concept that users should have only the access needed is known as which of the following?

Options are :

  • Need to know
  • Principle of least privilege (Correct)
  • Authorization and authentication policy
  • Denial of information

Answer : Principle of least privilege

Which of the following are examples of commercial vulnerability scanners?

Options are :

  • Nessus, Retina, AVG, AppScan, Symantec
  • Nessus, Retina, Nexpose, AppScan, AVDS (Correct)
  • Nessus, PalmScan, Nexpose, AppTrue, AVDS
  • Nmap, Retina, AVG, AppScan, Avast

Answer : Nessus, Retina, Nexpose, AppScan, AVDS

Which of the following are commercially available Security Incident and Event Management (SIEM) systems?

Options are :

  • HP ArcSight, Log Rhythm, NetIQ, IBM QRadar, Splunk (Correct)
  • BlackStratus, EiQ Networks, Avast, Trojan, Hawk Network Defense
  • Trustwave, IBM QRadar, Splunk, Hawk Network Defense, Stux
  • NetApp, Cisco Prime, Log Rhythm, NetIQ, Google Chromium

Answer : HP ArcSight, Log Rhythm, NetIQ, IBM QRadar, Splunk

CCNA ICND1 Practice

To maximize the effectiveness of penetration testing, what type of test should be prescribed?

Options are :

  • Black box
  • White box (Correct)
  • Gray box
  • Zero-knowledge

Answer : White box

A deliberate or accidental release of what category of classified data can lead to: grave damage to the national security?

Options are :

  • Secret
  • Classified
  • Top secret (Correct)
  • Confidential

Answer : Top secret

What methods or protocols may be leveraged to protect data in transit?

Options are :

  • TLS, SSL, IPsec (Correct)
  • FTP, SSH, TLS
  • SSH, TLS, HTTP
  • AES, VPN, SMTP

Answer : TLS, SSL, IPsec

CCNA ICND1 Certification

Nonrepudiation can be achieved through which of the following? (Choose three.)

Options are :

  • Digital signatures (Correct)
  • Digital certificates (Correct)
  • Message Authentication Codes (MACs) (Correct)
  • Antivirus software

Answer : Digital signatures Digital certificates Message Authentication Codes (MACs)

A certificate must be revoked and never be used again due to a suspected system breach. Which of the following can be used to revoke a certificate?

Options are :

  • CA
  • CSR
  • CRL (Correct)
  • PKI-root

Answer : CRL

What type of encryption is typically used for data at rest?

Options are :

  • Asymmetric encryption
  • Symmetric encryption (Correct)
  • Algorithmic encryption
  • IPsec

Answer : Symmetric encryption

QA : CCNA Cyber Ops - SECOPS # 210-255

A building being protected by security guards implies what type of access control? 

Options are :

  • Compensating
  • Detective
  • Deterrent (Correct)
  • Preventive

Answer : Deterrent

What type of penetration testing begins the attack with public information only (in the absence of no external or trusted information)? 

Options are :

  • Full knowledge
  • White box
  • Gray box
  • Zero knowledge (Correct)

Answer : Zero knowledge

Which of the following is based on a client/server protocol aimed to allow network access servers to authenticate remote and local users by sending access request messages to a central server?

Options are :

  • Kerberos
  • EAP
  • RADIUS (Correct)
  • OAuth

Answer : RADIUS

QA : CCNA Cyber Ops - SECOPS # 210-255

What type of technology is possibly involved when an organization needs to deliver authentication and authorization affirmations to their cloud partner?

Options are :

  • Active Directory
  • SAML (Correct)
  • RADIUS
  • SPML

Answer : SAML

An organization wants to set up the wireless network using Cisco gear. The IT director wants to leverage the existing database for authenticating internal users. Which authentication mechanisms can be used to set up secure authentication and allow leveraging Single Sign-On (SSO) for a wireless network? (Choose two.)

Options are :

  • LDAP (Correct)
  • WPA2-PSK
  • RADIUS (Correct)
  • WEP

Answer : LDAP RADIUS

Digital signatures are used to provide authentication and integrity. Which of the following statements is true regarding the use of digital signatures from a sender (owner and originator of information) point of view?

Options are :

  • The sender encrypts the hash of the message with a public key.
  • The sender encrypts the message with a public key.
  • The sender encrypts the hash of the message with a private key. (Correct)
  • The sender encrypts the message with a private key.

Answer : The sender encrypts the hash of the message with a private key.

Test : CCNA Cyber Ops - SECOPS # 210-255

Which one of the following defines standards for encrypting and decrypting messages and disseminating certificates under a PKI?

Options are :

  • PKCS #10
  • PKCS #7 (Correct)
  • PKCS #3
  • PKCS #1

Answer : PKCS #7

An organization promotes a decentralized key management system. In such a system, the user is responsible for which of the following functions?

Options are :

  • Creation of public key
  • Creation of private and public keys (Correct)
  • Creation of digital certificates
  • Creation of private key

Answer : Creation of private and public keys

What are the valid trust models available with PKI? (Choose three.)

Options are :

  • Hierarchical (Correct)
  • Mesh (Correct)
  • Hybrid (Correct)
  • Circular

Answer : Hierarchical Mesh Hybrid

CCNA ICND1 Practice

What encryption algorithm would provide strong protection for data stored on a USB solid state drive (SSD) or a hard disk drive (HDD)?

Options are :

  • TLS
  • SHA1
  • AES (Correct)
  • DES

Answer : AES

If a host fails to get an IP address from a DHCP server, which of the following may be true?

Options are :

  • There is no ARP entry for the default gateway.
  • The DHCP server’s IP address configuration on the host’s network adapter is incorrect.
  • The DNS is not working.
  • All available IP addresses on the DHCP server are already leased out. (Correct)

Answer : All available IP addresses on the DHCP server are already leased out.

A lack of validation of the ARP replies can allow an attacker to successfully execute what type of attack?

Options are :

  • man in the middle (Correct)
  • rogue DHCP server
  • DNS spoofing
  • replay

Answer : man in the middle

CCNA ICND1 Test

Which one of the following options best describes the function of the root bridge in a spanning tree protocol?

Options are :

  • the farthest reachable point
  • a reference point, the logical center (Correct)
  • the device that facilitates the blocking or discarding port
  • a redundant switch

Answer : a reference point, the logical center

Which one of the following statements best describes the purpose of a default route?

Options are :

  • A default route sets the preferred path for multicast packets.
  • A default route is an optional entry that is used when no explicit path to a destination is found in the routing table. (Correct)
  • A default route will flood the packet out of all connected ports.
  • A default route is just a placeholder in the route table until a new route is found.

Answer : A default route is an optional entry that is used when no explicit path to a destination is found in the routing table.

Which one of the following options is the routing protocol that is used between the major ISPs?

Options are :

  • BGP (Correct)
  • OSPF
  • IS-IS
  • EIGRP
  • OSPF or IS-IS

Answer : BGP

Practice : CCNA Cyber Ops - SECOPS # 210-255

Which two of the following statements are true regarding the CAM and TCAM tables? (Choose two.)

Options are :

  • A CAM table is primarily used to make Layer 2 forwarding decisions. (Correct)
  • A CAM table contains the MAC-to-IP address mappings.
  • A TCAM table stores ACL, QoS, and other information that is generally associated with upper-layer processing. (Correct)
  • TCAM is a specialized CAM that enables a Layer 2 switch to perform wire speed switching.
  • The CAM and TCAM tables are populated using a routing protocol.

Answer : A CAM table is primarily used to make Layer 2 forwarding decisions. A TCAM table stores ACL, QoS, and other information that is generally associated with upper-layer processing.

What best describes an amplification attack?

Options are :

  • A low volume of bad music is played progressively louder to the point that it becomes unbearable for people to listen to it.
  • A small forged packet elicits a large reply from the reflectors. (Correct)
  • A small radio signal is initially weak and eventually increases the signal strength so that wireless devices will attach to it instead of the legitimate AP.
  • There is no such attack that is called an amplification attack.

Answer : A small forged packet elicits a large reply from the reflectors.

What best describes a DoS attack?

Options are :

  • attempts to consume all of a critical computer or network resource in order to make it unavailable for valid use (Correct)
  • poses as legitimate software or email attachment in order to launch a malicious attack when opened
  • can steal data such as user names and passwords without the user realizing that they have been compromised
  • rarely seen because DoS attacks are extremely difficult to engineer and almost impossible to deliver

Answer : attempts to consume all of a critical computer or network resource in order to make it unavailable for valid use

CCNA Cyber Ops - SECFND # 210-250

What type of attack occurs when the attacker spoofs the IP address of the victim, sending a continuous stream of small requests, which produce a continuous stream of much larger replies that are to be sent to the victim's IP address?

Options are :

  • reflection attack
  • amplification attack (Correct)
  • MITM attack
  • Trojan virus

Answer : amplification attack

If a client connected to a server using SSHv1 previously, how should the client be able to authenticate the server?

Options are :

  • The same encryption algorithm will be used each time and will be in the client cache.
  • The server willautofill the stored password for the client upon connection.
  • The client will receive the same public key that it had stored for the server. (Correct)
  • The server will not use any asymmetric encryption, and jump right to symmetric encryption.

Answer : The client will receive the same public key that it had stored for the server.

What is the reason that a digital signature can be used to provide the authenticity of digitally signed data?

Options are :

  • Both the signer and the recipient must first agree on a shared secret key that is only known to both parties.
  • Both the signer and the recipient must first agree on the public/private key pair that is only known to both parties.
  • Only the signer has sole possession of the private key. (Correct)
  • Only the recipient has a copy of the private key to decrypt the signature

Answer : Only the signer has sole possession of the private key.

CCNA ICND1 Test

What does a digital certificate certify about an entity?

Options are :

  • A digital certificate certifies the ownership of the public key of the named subject of the certificate. (Correct)
  • A digital certificate certifies the ownership of the private key of the named subject of the certificate.
  • A digital certificate certifies the ownership of the symmetric key of the named subject of the certificate.
  • A digital certificate certifies the ownership of the bulk encryption key of the named subject of the certificate.

Answer : A digital certificate certifies the ownership of the public key of the named subject of the certificate.

Which one of the following is the PKI operation that would likely cause out-of-band communication over the phone?

Options are :

  • The client checks with the CA to determine whether a certificate has been revoked.
  • The client validates with the CA to determine if the peer that they are communicating with is the entity that is identified in a certificate.
  • A new signed certificate is received by the certificate applicant from the CA.
  • The CA administrator contacts the certificate applicant to verify enrollment data before the request can be approved. (Correct)

Answer : The CA administrator contacts the certificate applicant to verify enrollment data before the request can be approved.

Which three of the following options does the client validate on inspection of a server certificate? (Choose three.)

Options are :

  • The subject matches the URL that is being visited. (Correct)
  • The website was already in the browser’s cache.
  • A root DNS server provided the IP address for the URL.
  • The current time is within the certificate’s validity date. (Correct)
  • The signature of the CA that is in the certificate is valid. (Correct)
  • The client already has a session key for the URL.

Answer : The subject matches the URL that is being visited. The current time is within the certificate’s validity date. The signature of the CA that is in the certificate is valid.

Practice : CCNA Cyber Ops - SECOPS # 210-255

What SQL command is used by attackers to exfiltrate sensitive data?

Options are :

  • alter
  • drop
  • select (Correct)
  • get
  • post

Answer : select

What are two main goals of SQL injection attacks? (Choose two.)

Options are :

  • data modification (Correct)
  • denial of service
  • theft or extraction of data (Correct)
  • timed execution of malware

Answer : data modification theft or extraction of data

Which statement is correct?

Options are :

  • The mail user agent is also called the SMTP daemon.
  • The DNS A record is used to locate the FQDN of the mail server for a domain.
  • POP is used by the groupware server to send emails to the MTA.
  • Microsoft Exchange is the groupware server and Microsoft Outlook is the mail user agent. (Correct)

Answer : Microsoft Exchange is the groupware server and Microsoft Outlook is the mail user agent.

Practice : CCNA Cyber Ops - SECOPS # 210-255

Which best describes a fast flux service network?

Options are :

  • uses DNS servers to resolve many different IP addresses over short span of time (Correct)
  • a high-bandwidth network
  • a low latency network
  • a network that generates large number of random domain names

Answer : uses DNS servers to resolve many different IP addresses over short span of time

Which two statements are true about malvertisements? (Choose two.)

Options are :

  • Malvertisements are sometimes set up to affect all visitors to a site only during a specific period of time. (Correct)
  • Malvertisements’ malicious code remains forever.
  • Malvertisements affect both trustworthy and untrustworthy sites. (Correct)
  • Infection only occurs when the victim clicks a malvertisement.

Answer : Malvertisements are sometimes set up to affect all visitors to a site only during a specific period of time. Malvertisements affect both trustworthy and untrustworthy sites.

Which Windows registry hive would be used to track the history of USB storage devices?

Options are :

  • HKEY_LOCAL_MACHINE (HKLM) (Correct)
  • HKEY_CURRENT_USER (HKCU)
  • HKEY_CLASSES_ROOT (HKCR)
  • HKEY_CURRENT_CONFIG (HKCC)

Answer : HKEY_LOCAL_MACHINE (HKLM)

CCNA ICND1 Mock

Which one of the following best describes the output that the netstat command displays?

Options are :

  • all the active mapped network drives
  • all the active connected users on the device
  • all the active TCP connections, ports on which the computer is listening (Correct)
  • all the TCPdump statistics

Answer : all the active TCP connections, ports on which the computer is listening

On an infected Windows host, what command can be used to verify if the host has an established HTTP connection to the command and control server?

Options are :

  • tracert
  • netstat (Correct)
  • net
  • packet-capture
  • route

Answer : netstat

What are the two primary Linux processes that are used for managing services? (Choose two.)

Options are :

  • System V init (Correct)
  • Systemd (Correct)
  • Task Manager
  • Service Control Manager

Answer : System V init Systemd

Mock : CCNA Cyber Ops - SECFND # 210-250

What netstat command would best allow an administrator to determine the service responsible for a listening socket?

Options are :

  • sudonetstat -tn
  • sudonetstat -lnp (Correct)
  • netstat -tn
  • netstatlnp

Answer : sudonetstat -lnp

After attackers gain access to a system, what method can they use to expand their access to other systems without exploiting vulnerabilities on other systems in the network?

Options are :

  • change the network gateway address to the attacker’s command and control server
  • establish a Metasploit session to 127.0.0.1 and pass the user’s account hash to it
  • take advantage of domain trust to make connections to a partner network (Correct)
  • block employees from visiting social media web sites on the company network

Answer : take advantage of domain trust to make connections to a partner network

Why would an attacker use Mimikatz once they gained access to a system?

Options are :

  • to create a tunnel for covert communication channels back to the attacker network
  • to list the user accounts currently logged on to the machine
  • to create a new domain user account to log in to so regular users will not notice their activity
  • to extract passwords and hashes for user accounts that have logged on to the system (Correct)

Answer : to extract passwords and hashes for user accounts that have logged on to the system

CCNA ICND1 Certification

Which two statements about client-side web-based attacks are true? (Choose two.)

Options are :

  • Attackers use clear and plain text to access the resources they desire to access.
  • Attackers use obfuscation to hide a URL within a message so the user will not notice the true URL. (Correct)
  • Attackers rarely perform client-side web-based attacks because they have found easier and more effective ways to perform attacks.
  • Attackers use many tricks to fool the user into clicking on a URL link to a nefarious website. (Correct)

Answer : Attackers use obfuscation to hide a URL within a message so the user will not notice the true URL. Attackers use many tricks to fool the user into clicking on a URL link to a nefarious website.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions