GSEC Exam Study Questions and Answers 2023;quiz bank graded A
4 views 0 purchase
Course
GSEC
Institution
GSEC
GSEC Exam Study Questions and Answers 2023;quiz bank graded A
What are the layers of the OSI Model from top to bottom?
Application, Presentation, Session, Transport, Network, Data Link and Physical
What are the layers of the TCP/IP Model from top to bottom?
Application, Transport, Internet an...
GSEC Exam Study Questions and Answers 2023;quiz bank
graded A
What are the layers of the OSI Model from top to bottom?
Application, Presentation, Session, Transport, Network, Data Link and Physical
What are the layers of the TCP/IP Model from top to bottom?
Application, Transport, Internet and Link Layer
What is the address space used for loopback addressing?
127.0.0.0 - 127.255.255.255
What is the address space used when a DHCP server is not available?
169.254.0.1 - 169.254.255.255
What are the private IP ranges?
10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, 192.168.0.0 - 192.168.255.255
What protocols are used in the Data Link Layer?
Ethernet, Point to Point Protocol (PPP) and ADCCP (Advanced Data Communication
Control Protocol)
What protocols is utilized in the Network Layer?
Internet Protocol (IP)
What protocols are utilized in the Transport Layer?
UDP and TCP
What protocols are utilized on the Session Layer?
NetBIOS
What types of formats are used at the presentation layer?
XML and JPEG
What layer of the OSI model does encrypting and decrypting take place?
Presentation Layer
What protocols are utilized at the Application Layer?
SMTP, IMAP, POP, NTP and HTTP
What protocols are utilized inside the Link Layer?
Ethernet
What layers does the Link layer correspond to in the OSI Model?
Physical and Data Link
What protocols are utilized inside the Internet layer?
Internet Protocol (IP)
What protocols are utilized inside the Transport layer of the TCP/IP Model??
TCP and UDP
What protocols are utilized within the Application Layer of the TCP/IP model?
Telnet, Simple Network Management Protocol (SNMP), HTML, LDAP, FTP, SSH
What layers of the OSI Model comprise the TCP/IP layers Application Layer?
Session, Presentation and Application
What protocol is a support protocol within the TCP/IP Suite?
Internet Control Message Protocol (ICMP)
What range is the Class A IP Range?
0.0.0.0-127.255.255.255
What range is the Class B IP Range?
,128.0.0.0-191.255.255.255
What range is the Class C IP Range?
192.0.0.0-223.255.255.255
What range is the Class D IP Range?
224.0.0.0-239.255.255.255
What range is the Class E IP Range?
240.0.0.0 - 254.255.255.255
Name some physical network topologies.
Bus, Star, Rings, Star-Bus Hybrid, Mesh
What network model uses a lot of cable because you need to use home runs back
to the switch or hub?
Star
In general peer-to-peer networks are often?
Mesh Networks
TOR is a peer-to-peer network that provides anonymity for its users by doing
what?
Masking the original source IP address from the destination
What makes a Full Mesh topology different than a Mesh topology?
A full mesh topology does not have have nodes that are minimally connected to the rest
of the network. In a full mesh topology every node is connected to every other node
A Token Ring network topology makes use of what device to make the network
behave like a ring in spite of being labeled like a star?
Multistation Access Unit (MAU)
What device allows messages to move around on layer 2 of the OSI model?
Switch
What messages are limited to the local area network only and would never be
used to look up information outside of the local network?
ARP
What "transfer mode" is utilized primarily in large-scale networks to facilitate
getting messages to destination quickly?
Asynchronous Transfer Mode (ATM)
What are the two types of virtual circuits?
Permanent Virtual Circuit (PVC) and Switched Virtual Circuit (SVC)
What makes PVC's different than SVC's?
Permanent Virtual Circuits (PVC's) are permanent and need to be configure manually,
while Switched Virtual Circuits (SVC's) are dynamic in nature and a device in the
network would have to request one to be configured
How do switches make packet sniffing harder?
You cannot plug into a switch port and see all of the traffic passing through it like you
can on a hub
What does the CIA triad stand for?
Confidentiality, Integrity and Availability
This router is often used to do a broad level of filtering of traffic that just
shouldn't be hitting your network, like that sourced from private addresses.
Border Router
What does a router base its routing decisions off of?
,Destination IP Address aka the Destination Address in the network or the layer 3 header
A first match firewall will perform the action specified based on what?
The rule that is matched first
A best match firewall will perform the action specified based on what?
It will find the best or most specific match in the rules to perform its action
What two modes does the File Transfer Protocol utilize?
Active and Passive
A firewall that does deep packet inspection is consider to be?
Protocol Aware
What are examples of Application Layer Gateways?
Proxy Server or Web Proxy
Firewalls often perform what function?
Network Address Translation (NAT)
What are some protocols Network Address Translation (NAT) can cause
problems for?
VoIP protocols like SIP and FTP
What is a true positive?
An alert that happens that is real and accurate
What is a True negative?
A case where an alert didn't get triggered because nothing happened
What is a False Positive?
A case where an alert happens that isn't real or accurate
What is a False Negative?
A case where an alert didn't happen but an intrusion did happen
IDS's cannot detect any malicious behavior on encrypted traffic without sitting in
the middle of what?
Encryption Session
What can cause problems for intrusion detection systems (IDS)?
Compression and Encryption
You are implementing a star topology on your local network. What cabling are
you most likely to use?
Fiber Optic
When you are deploying an intrusion prevention system on your network, what is
the most important criterion?
Low Latency
Your IDS sends an alert about an incident on your network. The alert indicated
that there was a packet that had the same source and destination. This might
normally indicate an attempt at a Land attack, which is a very old attack. After
investigating, you see that the source address is 0.0.0.0 and the destination is
224.0.0.1. What would you consider this alert to be?
False Positive
You have been asked to implement a security solution on your network to protect
against employees browsing facebook during the work day. What would you
implement?
Proxy Server
, You are seeing a lot of ARP responses with no corresponding ARP request. What
are you most likely seeing?
ARP Spoofing
You would implement an intrusion detection system to perform the following:
Detect Intrusions
A border router would implement the following security control?
Access control lists to block broad categories of traffic
This type of routing protocol uses the same algorithm as the navigation system in
your car.
Distance vector
A good example of a network using a mesh topology is?
The internet
These can be challenges for intrusion detection systems?
Compression and Encryption
Authentication is the act of?
Proving you are who you say you are
Lowering the false acceptance rate is a critical aspect of maintaining what form of
authentication?
Biometric systems
RADIUS is a way of performing?
Authentication across a network with a centralized approach
RADIUS uses what protocol to send authentication requests and responses
between the client and the server?
UDP
RADIUS uses what port and protocol for authentication?
1812 and UDP
RADIUS uses what port and protocol for accounting?
1813 and UDP
TACACS is a protocol that allows for what?
Authentication
TACACS+ is a newer protocol that allows for what?
Access control, authorization and authentication
Authorization ensures that you have the?
Appropriate rights and permissions to access a particular resource
The UNIX/Linux utility sudo is an example of the principle of least privilege
because?
You have to be authenticated and authorized to perform higher-level functions than
those granted to your user
How do phone systems, including VoIP or cell phones, determine billing?
Accounting
What files store the login information on Unix-like operating systems?
utmp and wtmp
Windows access control lists are an example of?
Discretionary Access Control
List-Based Access Control associates a list of users and their permissions with a
particular what?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller katoinyambi96. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.99. You're not tied to anything after your purchase.