Devaki is an engineer who is designing network security for her company's infrastructure. She is incorporating protections for programming flaws, default settings, maximum values, processing capabilities, and memory capacities on devices, as well as malicious code and social engineering. What is this type of protection called?

a) Defense in depth

b) Divide and conquer

c) Security through obscurity

d) Single point of failure avoidance

The chief information officer (CIO) of a large company has been informed by the board of directors that their corporation is anticipating rapid growth over the next two years. She calculates the contingency of building additional capacity into the current network infrastructure. Based on the board's growth estimates, what percentage of additional capacity should she plan for?

a) 10 percent

b) 20 percent

c) 30 percent

d) More than 50 percent

Dhruv is the lead network engineer for his three-year-old company. He is writing a proposal that recommends the network protocol to use in several branch offices. Based on the age of the networking equipment, what is his recommendation to the chief information officer (CIO)?

a) Continue to use IPv4

b) Upgrade to IPv6

c) Transition from Post Office Protocol (POP) to Simple Mail Transfer Protocol (SMTP)

d) Transition to IPX/SPX

Thirty years ago, a major corporation purchased and still owns IP addresses within the IPv4 Class A range. The corporation uses these addresses to connect to the Internet. To which IPv4 address range do they belong?

a) 1.0.0.1 to 126.255.255.254

b) 10.0.0.0 to 10.255.255.255

c) 172.16.0.0 to 172.31.255.255

d) 192.168.0.0 to 192.168.255.255

The network engineer of a mid-size company needs to have all servers, network printers, and other online resources possess the same IPv6 address over time. The engineer does not want to perform manual address assignments on all of these resources. Additionally, she wants to prevent any rogue device from having an IPv4 address dynamically assigned just by making the request. What is her solution?

a) Dynamic Host Configuration Protocol (DHCP)

b) Dynamic Host Configuration Protocol (DHCP) reservation

c) Static addressing of the most vital network resources

d) Using static addressing and a hardware firewall

Although it is not recommended, a company chief information officer (CIO) wants to configure and use the ff02::1 group on his new IPv6 network to send traffic to every node in the infrastructure. What group must he enable?

a) Anycast

b) Multicast

c) Multicast to the all-nodes group

d) Unicast

A hacker is attempting to access a company's router using false Internet Control Message Protocol (ICMP) type 5 redirect messages. What is the hacker's goal?

a) To spoof or manipulate routing data

b) To add false entries into the router's access control list

c) To bypass the firewall

d) To delete all of the device's routing protocols

Nicolau is a network engineer for a large online retailer. He is concerned about the security of his company's network connections to its customers, vendors, and partners. Although all of these sources are generally trusted, he knows they can be hacked by malicious parties and used to steal confidential company data. Which network-based solution should he choose to detect unauthorized user activity and attacks that is also capable of taking action to prevent a breach?

a) Router anti-tampering

b) Intrusion detection system/intrusion prevention system (IDS/IPS)

c) Firewall

d) Data encryption

The chief information officer (CIO) is working with the chief financial officer (CFO) on next year's budget for new networking equipment. The CIO is explaining that lowest-cost equipment is not the sole deciding factor. The hardware must conform to high security standards to prevent a malicious person from hacking into the network and accessing valuable company data. Which of the following considerations does not specifically require a hacker to have physical access to the equipment?

a) Portability

b) Remote connection

c) Removable case

d) Reset button

Gino is an ethical hacker hired as a consultant to test the security of a mid-sized company's network. As part of his assignment, he has been given physical access to the system. He has built a dictionary of hashed passwords from the hard drive of the device. Which type of attack is he planning to launch?

a) Brute force

b) Dictionary

c) Hybrid

d) Rainbow

Every morning when James logs into his computer and attempts to access Microsoft 365, he is asked to enter his password. After that, he is sent a text on his mobile phone with a six-digit code he must enter. In terms of multifactor authentication, his password is something he knows. What is the text message?

a) Something he knows

b) Something he has

c) Something he is or does

d) Something he types

Santiago is a new network engineer for a mid-sized company. It is his responsibility to ensure that all employees working from home are able to connect to the office network in an efficient and secure manner. He must provide a service that allows communications between out-of-office staff and network resources to be encrypted at the protocol level and to be performed by either client or server software. The solution must also ensure that even if protocol encryption fails, the data is safe by its own encryption. What solution does he select?

a) Authentication, authorization, and accounting (AAA)

b) Implementation of a demilitarized zone (DMZ)

c) Identity and access management (IAM)

d) Virtual private network (VPN)

Location-aware anti-theft software will periodically upload its location to a centralized site in the event that the mobile device is lost or stolen. What can defeat this?

a) If the mobile device is taken more than five miles away from its original location

b) If the thief uploads an anti-malware program onto the mobile device

c) If the thief reformats the mobile device's drive

d) If the thief disables Wi-Fi

Nahla is a network engineer charged with maintaining the routine operations of equipment in her company's server room. She is aware that fluctuations in electrical power flow can damage delicate circuitry. While configuring redundancy into a number of systems, which component does she choose that offers both redundancy and power conditioning?

a) Intrusion detection system (IDS)

b) Intrusion prevention system (IPS)

c) Redundant array of inexpensive disks (RAID)

d) Uninterruptable power supply (UPS)