CMGT 431 WEEK 3 LEARNING TEAM ASSIGNMENT CHAPTER 10
GROUP 5
1 The capacity of a DS-1 circuit is
a. 24 voice channels of 64 kbit/s each
b. 32 voice channels of 64 kbit/s each
c. 24 voice channels of 48 kbit/s each
d. 16 data channels of 64 kbit/s each
2. Which of the following statements is true about MPLS:
a. MPLS can be used to transport voice and data, and its traffic should be protected with encryption.
b. MPLS can be used to transport voice and data, and its traffic does not need to be protected with encryption.
c. MPLS is used for data only, and its traffic should be protected with encryption.
d. MPLS is used for voice only, and its traffic should be protected with encryption.
3. A network architect is designing a remote access solution for mobile workers with laptop computers and will use GPRS technology for over-the-air communications. Because workers access sensitive information, what protection is required to protect GPRS traffic?
a. GPRS- over-the-air encryption is sufficient and no VPN is needed.
b. GPRS- over-the-air encryption has been compromised and a VPN is needed.
c. GPRS has no over-the-air encryption and a VPN is needed.
d. GPRS is not suitable for Internet communications and should not be used.
4. A security manager is concerned about the security of its WEP-encrypted WiFi network.
How can security be improved to prevent eavesdroppers from viewing sensitive business information?
a. Require VPN for all users using the WiFi network
b. Require SSL VPN for all users using the WiFi network
c. Upgrade authentication to EAP
d. Upgrade authentication to PEAP
GROUP 6
5. What protection is needed for a banking organization- internal 802.3 network?
a. WEP
b. WPA
c. WPA-2
d. None
6. A security engineer is using a sniffer to determine the source of apparently hostile traffic on an organization- internal routed network. When the engineer examines individual frames, he sees that the source MAC address for the hostile packets matches the MAC address for the router on the local network. What is the best explanation for this?
a. The packets are encapsulated in a tunneling protocol such as PPTP.
b. The packets have a spoofed originating MAC address in order to make identification of the hostile node more difficult.
c. Frames carrying IP traffic originating on another network will have a MAC address for the local network- router.
d. The packets are IPX protocol, not IP.
7. What steps should be taken to lock down a WiFi network?
a. No SSID broadcast, non-default SSID, MAC access control, and WEP encryption
b. No SSID broadcast, non-default SSID, MAC access control, and WPA-PSK encryption
c. SSID broadcast, non-default SSID, MAC access control, and WPA-PSK encryption
d. SSID broadcast, non-default SSID, MAC access control, WEP encryption, and RADIUS authentication
8. The layers in the OSI model are:
a. Physical, Data link, Network/Internet, Transport, Session, Application
b. Physical, Data link, Network, Transport, Socket, Presentation, Application
c. Physical, Data link, Network/Internet, Transport, Application
d. Physical, Data link, Network, Transport, Session, Presentation, Application
GROUP 7
9. GPRS, ATM, FDDI, and SLIP are examples of:
a. Data link layer protocols
b. Physical layer protocols
c. Network layer protocols
d. Encryption protocols
10. A packet filter firewall is blocking ICMP protocols. This means that:
a. Pings cannot pass through the firewall
b. Pings and Traceroute cannot pass through the firewall
c. Traceroute cannot pass through the firewall
d. IS-IS cannot pass through the firewall
11. A requesting station sends a TCP SYN to a destination station. The destination station responds with a SYN-ACK. The requesting station responds with an ACK. What has occurred?
a. An attacker was launching a SYN attack that has failed.
b. A user is running Traceroute.
c. A TCP connection was established.
d. A TCP connection was torn down.
12. The purpose of the DHCP protocol is:
a. Assign IP address and subnet mask to a station
b. Assign default gateway address to a station
c. All of these
d. Assign DNS and WINS server addresses to a station
13. The rlogin protocol should no longer be used because:
a. SSH is more efficient
b. Its password encryption has been compromised
c. It cannot be routed on an IPv6 network
d. Credentials are passed in the clear
GROUP 9
14. PPP is a poor choice for an Internet-based remote access protocol because:
a. It does not utilize header compression
b. PPP traffic is not encrypted
c. PPP credentials are not encrypted
d. It is not routable over IPv6 networks
15. The best countermeasure for a SYN attack is:
a. Block SYN packets on border routers
b. Block SYN packets at the firewall
c. Increase the number of open SYN requests on the firewall
d. Increase the number of open SYN requests on servers