Endpoint Security
What attack encrypts the data on hosts to extract a monetary payment from the victim?
Ransomware
What AAA component is responsible for determining what the user can access?
Authorization
What OSI Layer is said to be the weakest link in a network system?
Layer 2
What mitigation technique must be implemented to prevent MAC address overflow attacks?
Port Security
A threat actor changes the MAC address of the threat actor’s device to the MAC address of the default gateway. What type of attack is this?
Address Spoofing
What are 3 devices specifically designed for network security?
VPN-enabled router
NGFW
NAC
In the 802.1X standard, the client attempting to access the network is referred to as ______?
Supplicant
What security mitigation technique prevents many types of attacks including MAC address table overflow and DHCP starvation attacks?
Port Security
What is a network attack tool that a threat actor may use to overflow a MAC address table?
macof
What is the end goal of an STP attack for a threat actor?
The attacker can become the root bridge and capture a variety of frames.
What is a device that monitors SMTP traffic to block threats and encrypt outgoing messages to prevent data loss?
Email Security Appliance
In an 802.1X implementation, what device is responsible for relaying responses?
Authenticator
What mitigation technique prevents MAC and IP address spoofing?
IP Source Guard (IPSG)
What mitigation plan is best for negating a DoS attack that is creating a MAC address table overflow?
Enable Port Security
A threat actor sends a message that causes all other devices to believe the MAC address of the threat actor’s device is the default gateway. What type of attack is this?
ARP spoofing
What device monitors HTTP traffice to block access to risky sites and encrypt outgoing messages?
Web Security Appliance
What 2 protocols are supported on Cisco devices for AAA communications?
RADIUS
TACACS+
Which Layer 2 attack will result in legitimate users not getting valid IP addresses?
DHCP starvation
What would be the primary reason a threat actor would launch a MAC address overflow attack?
So that the threat actor can see frames that are destined for other devices.
How do you disable LLDP on an interface?
no lldp transmit
no lldp receive
What service is enabled on a Cisco router by default that can reveal significant information about the router and could make it more vulnerable to attack?
Cisco Discovery Protocol
What are some limitations of a local database?
User accounts must be manually preconfigured
What are 3 mitigation techniques that are used to protect Layer 3 through Layer 7 of the OSI Model?
VPN
Firewalls
IPS devices
What is the behavior of a switch as a result of a successful MAC address table attack?
The switch will forward all received frames to all other ports within the VLAN.
What happens in an IP address spoofing attack?
A legitimate network IP address is hijacked by a rogue node