84 Chapter 4 ■ Communication and Network Security (Domain 4)
- If Chris wants to stop cross-site scripting attacks against the web server, what is the best
device for this purpose, and where should he put it?
A. A firewall, location A
B. An IDS, location A
C. An IPS, location B
D. A WAF, location C - Susan is deploying a routing protocol that maintains a list of destination networks with
metrics that include the distance in hops to them and the direction traffic should be sent to
them. What type of protocol is she using?
A. A link-state protocol
B. A link-distance protocol
C. A destination metric protocol
D. A distance-vector protocol - Ben has configured his network to not broadcast an SSID. Why might Ben disable SSID
broadcast, and how could his SSID be discovered?
A. Disabling SSID broadcast prevents attackers from discovering the encryption key. The
SSID can be recovered from decrypted packets.
B. Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can
be discovered using a wireless sniffer.
C. Disabling SSID broadcast prevents issues with beacon frames. The SSID can be recov-
ered by reconstructing the BSSID.
D. Disabling SSID broadcast helps avoid SSID conflicts. The SSID can be discovered by
attempting to connect to the network. - What network tool can be used to protect the identity of clients while providing Internet
access by accepting client requests, altering the source addresses of the requests, mapping
requests to clients, and sending the modified requests out to their destination?
A. A gateway
B. A proxy
C. A router
D. A firewall - During troubleshooting, Chris uses the nslookup command to check the IP address of a
host he is attempting to connect to. The IP he sees in the response is not the IP that should
resolve when the lookup is done. What type of attack has likely been conducted?
A. DNS spoofing
B. DNS poisoning