StudyXY
RegisterLog in
Back to AI Flashcard MakerInformation Technology /CompTIA Network+ N10-008 CH19 - Course Quiz

CompTIA Network+ N10-008 CH19 - Course Quiz

Information Technology61 CardsCreated 2 months ago

This flashcard set covers CompTIA Network+ N10-008 Chapter 19, focusing on Access Control Lists (ACLs) and their role in network security. It explains that ACLs are stateless, unlike firewalls that can be stateful, helping reinforce key security distinctions.

PrintEmbedImportReport

A basic ACL can be thought of as a stateful firewall?

True
False

False

Explanation:
ACL can be considered Stateless.

Tap or swipe ↕ to flip
Swipe ←→Navigate
1/61

Key Terms

Term
Definition

A basic ACL can be thought of as a stateful firewall?

True
False

False

Explanation:
ACL can be considered Stateless.

Which type of malware looks or pretends to do one thing while, at the same time, doing something evil?

macro
rootkit
worm
Trojan

Trojan


Which term refers to any form of potential attack against your Network?

threat
contingency
vulnerability
risk

threat

Which type of firwall packet inspection examines each packet fresh, with no regard to the state of the packet’s relation to any other packet?

port
stateless
stateful
filtered

stateless

Even with the best anti-malware tools, there are times when malware still manages to strike your computer?

True
False

True

A group of computers under the control of one operator is called a zombie?

True
False

False

Log in to view all terms

Related Flashcard Decks

Information Technology

Operating System Theory and Structures

This deck covers key concepts of operating systems, including their functions, structures, services, and design methodologies. It explores the components, system calls, and different architectural approaches to OS design.

10 cards
View Deck
Information Technology

Operating System Typologies and Architectures

This deck covers the typologies of operating systems, focusing on mono-processor and multi-processor systems, including clustered and real-time embedded systems.

10 cards
View Deck
Information Technology

A Level Computer Science Paper 1: 1.3.4 Web Technologies Part 2

Web indexing involves recording and organizing information about online resources. Web crawlers automatically scan and catalogue web pages, while meta tags within HTML help describe page content to improve search visibility.

21 cards
View Deck
Information Technology

A Level Computer Science Paper 1: 1.3.4 Web Technologies

HTML is the standard language used to build and structure web pages. It uses tagged elements to define content, with headers indicating importance and paragraphs used to separate blocks of text.

29 cards
View Deck
Information Technology

A Level Computer Science Paper 1: 1.3.2 Databases Part 2

Normalisation is the process of structuring a database to reduce redundancy and improve data integrity. It involves organizing data into tables that meet specific rules—starting with First Normal Form (1NF) and Second Normal Form (2NF)—to ensure each field depends fully on the primary key and that data is stored efficiently.

21 cards
View Deck
Information Technology

A Level Computer Science Paper 1: 1.3.2 Databases

A database is an organised system for storing and managing data efficiently. It ensures data accuracy, accessibility, and security, with information structured in tables containing fields that define specific data attributes.

33 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
CompTIA Network+ N10-008 CH19 - Course Quiz
TermDefinition

A basic ACL can be thought of as a stateful firewall?

True
False

False

Explanation:
ACL can be considered Stateless.

Which type of malware looks or pretends to do one thing while, at the same time, doing something evil?

macro
rootkit
worm
Trojan

Trojan


Which term refers to any form of potential attack against your Network?

threat
contingency
vulnerability
risk

threat

Which type of firwall packet inspection examines each packet fresh, with no regard to the state of the packet’s relation to any other packet?

port
stateless
stateful
filtered

stateless

Even with the best anti-malware tools, there are times when malware still manages to strike your computer?

True
False

True

A group of computers under the control of one operator is called a zombie?

True
False

False

Which term refers to the administrative account native to Linux?

supervisor
administrator
admin
root

root

A Trojan can appear as a game, like poker?

True
False

True

The first and last bastion of defense for an entire infrastructure’s security is at the individual ____________?

user accounts
hosts
ports
NICs

hosts

Firewalls consider traffic as either ______________?

private or public
encrypted or unencrypted
inbound or outbound
persistent or non-persistent

inbound or outbound


______________ can run on a single computer or within a virtual machine and can look like a simple network or a vast installation?

Demilitarized Zones
Honeynets
Posture Assessments
Access Control Lists

Honeynets

A worm has to wait for someone to use a removable drive to replicate?

True
False

False

What are the most common symptoms of malware on a compromised system?

general sluggishness and random crashes
dropping the Internet connection and intermittent blank screens
random messages and a blank screen
general sluggishness and random messages

general sluggishness and random crashes

One of the first techniquest that malicious users try to probe hosts to identify any ___________ ports?

closed
blocked
locked
open

open

Which type of firewall packet inspection is aware of the packet’s state, as it relates to other packets?

port
filtered
stateful
stateless

stateful

Which term refers to a single computer under the control of an operator?

smurf attack
DDoS
zombie
phishing

zombie

Honeynets can run on a single computer or within a virtual machine?

True
False

True

Which type of attack is a form of social engineering?

denial of service
zombie
logic bomb
phishing

phishing

Which type of malware replicates exclusively through Networks?

Trojan
rootkit
macro
worm

worm

Which term refers to a program that monitors the types of Web Sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows?

Trojan Horse
macro
Spyware
Adware

Adware

Explanation:
Key Word - “…to generate targeted advertisements”

Adware is a program that monitors the types of Web Sites you frequent and uses that information to generate targeted advertisements, usually pop-up windows.

Spyware is a function of any program that sends information about your system or your actions over the Internet. Browsing History, Keystrokes, Email Contacts, etc…

A _____________ host is simply a machine that is fully exposed to the Internet?

external
stateless
bastion
open

bastion

Trojan horses do NOT replicate?

True
False

True

A deauthentication (deauth) attack is a form of ________________ attack?

RF emanation
DoS
DHCP Snooping
Social Engineering

DoS (Denial of Service)

You can use a brute force attack to search for open ports?

True
False

True

Which type of attack involves the attacker tapping into communications between two systems?

malware
phishing
leeching
on-path

on-path


Cisco uses ___ as one of its tools to implement network access control?

stateless inspection
botnets
persistent queries
posture assessment

posture assessment


What series of standards developed by the US National Security Agency (NSA) defines how to shield symptoms and manifests in a number of different products, such as coverings for individual systems, wall coverings, and special window coating?

leeching
DMZ
HTTPS
TEMPEST

TEMPEST

Social engineering attacks are considered an example of classic hacking?

True
False

False

Some adware actually installs a virus when you click on the ad?

True
False

True

Which term refers to a system with very high network output?

top talker
host
demilitarized zone
honeypot

top talker


Viruses need human action to spread?

True
False

True

ARP poisoning is a common method for attacks?

phishing
DDoS
smurf
man-in-the-middle

man-in-the-middle

Most legacy systems need to be regularly patched on a monthly basis?

True
False

False

Anti-malware programs can operate as _ that passively monitors a computer's activity, checking for viruses only when certain events occur, such as a program executing or a file being downloaded?

virus shield

In the context of a DDoS attack, a group of computers under the control of one operator is called a ?

botnet

___ access calls for using a unique physical characteristic of a person to permit access to a controlled IT resource?

Biometric

ACLs have a ___ deny any, or will automatically deny any packets that don't match a rule?


implicit

ARP cache ____ attacks target the ARP caches on hosts and MAC address tables on Switches?


poisoning


A _ tries to intercept a valid computer session to get authentication information?


Session Hijacking

Explanation:
Keywords "….to get authentication information"
Session Hacking is a type of man-in-the-middle with the sole purpose of gaining Authentication Information.

A _ is an IT specific weakness, like a problem with hardware, software, or a configuration, that a threat takes advantage of to work?


vulnerability


The aspect of a DoS Attack that focuses on sending small requests that trigger large responses reflected at your target is called _?


amplification


inspection firewalls did not consider the state of a packet in relation to any other packets?


Stateless

A ___ functions at multiple layers of the OSI Model to tackle traffic no traditional firewall can filter alone?


next-generation firewall


A is the code pattern of a known virus?


signature

When any form of malware makes you pay to get the malware to go away, we call that malware ?


ransomware


The two jobs of a ___ are to replicate and to activate?


virus


A considerable percentage of attacks against your Network fall under the heading of - the process of using or manipulating people inside the Networking environment to gain access to the network from the outside?

social engineering


What should an administrator look for when researching unencrypted channels on a Network?

Using Telnet instead of SSH for Remote Terminal Connections.

Using HTTP instead of HTTPS on Web Sites

Using insecure remote desktops like VNC.

Using any insecure protocol in the clear. Run them through a VPN!

Describe one drawback to physical door access controls?


The access is generally governed by something that is in the possession of someone who has authorization to enter a locked place, like a Key, Badge, Key Fob, or some other Physical Token. These items can be given or taken away, and if not reported in a timely fashion, a huge security gap exists.

Compare Session Hijacking to a Man-in-the-Middle Attack?


Similar to Man-in-the-Middle Attacks, Session Hijacking tries to intercept valid computer sessions, but only for the purpose of trying to grab authentication information, NOT to listen in for any other additional information.

Describe an on-path attack?


Know as Man-in-the-Middle Attack, where an attacker taps into communications between two systems, covertly intercepting traffic throught to only be between those systems, reading or in some cases even changing the data and then sending the data on.

Describe Spyware?


The function of a program that sends information about your system or your actions on that system over the Internet, like browsing history, keystrokes, or even the contacts in your email among other things.

Briefly define malware and identify several examples?


Describes any program or code that's designed to do something on a system or network that you don't want to happen.
Comes in many forms: Viruses, Worms, Macros, Trojan Horses, Rootkits, Adware, Spyware.

Discuss how biometric access handles physical access control?


Calls for using a unique physical characteristic of a person to permit access to a controlled resource - Fingerprints, Facial Recognition, Voice Analyzers, Retinal Scanners, and others.

Describe an Unintentional DoS Attack?


When a system is brought down unintentionally - simply a super busy Server, an organization's infrastructure isn't powerful enough to keep up with legitimate demand.

Explain how a security guard can assist in physical security?


They get to know everyone's faces.
They are there to protect assets and can lend a helping hand to the overloaded, but authorized, persons who needs in.
They are multipurpose in that they can secure building access, secure individual rooms/offices and perform facility patrols.

Briefly describe a persistent agent used in posture assessment?


Persistent Agent is a small scanning program that, once installed on the computer, stays installed and runs everytime the computer boots up. They are composed of modules that perform a thorough inventory of each security-oriented element in the computer.

Describe an Access Control List (ACL)?


It's a clearly defined list of permissions that specifies what an authenticated user may perform on a shared resource.

Define the term Services in the context of a Networked computer's Operating System?


Services are programs running in the background of an Operating System.
They are the behind-the-scenes and do the grunt work that users don't need to see or interact with, such as Wireless Network Clients and DHCP Clients, among many others.

What type of Network Threats exist beyond Internet Attacks?


A threat can be a person sneaking into your offices and stealing passwords, or an ignorant employee deleting files they should not have access to in the first place. Natural disasters, like earthquakes, fires, floods, and crazed squirrels, are also threats.

Briefly describe Protocol Abuse?


Anytime you do things with a Protocol that it wasn't meant to do and that abuse ends up creating a Threat.