Networking Academy CCNAv7

Check Your Understanding - Current State of Cybersecurity

1. Which security term is used to describe anything of value to the organization? It includes
people, equipment, resources, and data.
a. Vulnerability
b. Exploit
c. Asset
d. Risk
e. Threat

2. Which security term is used to describe a weakness in a system, or its design, that could be
exploited by a threat?
a. Vulnerability
b. Asset
c. Risk
d. Mitigation Threat

3. Which security term is used to describe a potential danger to a company’s assets, data, or
network functionality?
a. Vulnerability
b. Exploit
c. Threat
d. Risk

4. Which security term is used to describe a mechanism that takes advantage of a vulnerability?
a. Exploit
b. Threat
c. Risk
d. Mitigation

5. Which security term is used to describe the counter-measure for a potential threat or risk?
a. Vulnerability
b. Exploit
c. Asset
d. Mitigation

6. Which security term is used to describe the likelihood of a threat to exploit the vulnerability
of an asset, with the aim of negatively affecting an organization?
a. Vulnerability
b. Exploit
c. Threat
d. Risk
Check Your Understanding - Threat Actors

1. Which type of hacker is described in the scenario: After hacking into ATM machines
remotely using a laptop, I worked with ATM manufacturers to resolve the security
vulnerabilities that I discovered.
a. White Hat
b. Gray Hat
c. Black Hat

2. Which type of hacker is described in the scenario: From my laptop, I transferred $10 million
to my bank account using victim account numbers and PINs after viewing recordings of
victims entering the numbers.
a. White Hat
b. Gray Hat
c. Black Hat

3. Which type of hacker is described in the scenario: My job is to identify weaknesses in my company’s
network .
a. White Hat
b. Gray Hat
c. Black Hat

4. Which type of hacker is described in the scenario: I used malware to compromise several corporate
systems to steal credit card information. I then sold that information to the highest bidder.
a. White Hat
b. Gray Hat
c. Black Hat

5. Which type of hacker is described in the scenario: During my research for security exploits, I
stumbled across a security vulnerability on a corporate network that I am authorized to access.
a. White Hat
b. Gray Hat
c. Black Hat

6. Which type of hacker is described in the scenario It is my job to work with technology companies to
fix a flaw with DNS.
a. White Hat
b. Gray Hat
c. Black Hat

Check Your Understanding - Threat Actor Tools

1. Which penetration testing tool uses algorithm schemes to encode the data, which then
prevents access to the data?
a. Packet Sniffers
 b. Encryption Tools
c. Vulnerability Exploitation Tools
d. Forensic Tools
e. Debuggers

2. Which penetration testing tool is used by black hats to reverse engineer binary files when
writing exploits? They are also used by white hats when analyzing malware.
a. Packet Crafting Tools
b. Rootkit Detectors
c. Vulnerability Exploitation Tools
d. Forensic Tools
e. Debuggers

3. Which penetration testing tool is used to probe and test a firewall’s robustness?
a. Packet Crafting Tools
b. Encryption Tools
c. Rootkit Detectors
d. Forensic Tools
e. Debuggers

4. Which penetration testing tool is used by white hat hackers to sniff out any trace of evidence
existing in a computer?
a. Fuzzers to Search Vulnerabilities
b. Encryption Tools
c. Packet Sniffers
d. Forensic Tools
e. Debuggers

5. Which penetration testing tool identifies whether a remote host is susceptible to a security
attack?
a. Packet Sniffers
b. Encryption Tools
c. Vulnerability Exploitation Tools
d. Forensic Tools
e. Debuggers

Check Your Understanding - Malware

1. Which malware executes arbitrary code and installs copies of itself in the memory of the
infected computer? The main purpose of this malware is to automatically replicate from
system to system across the network.
a. Adware
b. Rootkit
c. Spyware
d. Virus
 e. Worm

2. Which malware is non-self-replicating type of malware? It often contains malicious code that is
designed to look like something else, such as a legitimate application or file. It attacks the device
from within.
a. Adware
b. Rootkit
c. Spyware
d. Trojan Horse
e. Worm

3. Which malware is used to gather information about a user and then, without the user's consent,
sends the information to another entity?
a. Adware
b. Rootkit
c. Spyware
d. Virus
e. Ransomware

4. Which malware typically displays annoying pop-ups to generate revenue for its author?
a. Adware
b. Rootkit
c. Spyware
d. Virus
e. Worm

5. Which malware attempts to convince people to divulge sensitive information?

a. Phishing
b. Rootkit
c. Spyware
d. Virus
e. Worm

6. Which malware is installed on a compromised system and provides privileged access to the
threat actor?
a. Adware
b. Virus
c. Spyware
d. Rootkit
e. Worm

7. Which malware denies access to the infected computer system and demands payment before
the restriction is removed?
a. Adware
b. Rootkit
c. Spyware
 d. Virus
e. Ransomware

Check Your Understanding - Common Network Attacks

1. What type of attack is tailgating?

a. Reconnaissance
b. Access
c. DoS
d. Social Engineering

2. What type of attack is a password attack?

a. Reconnaissance
b. Access
c. DoS
d. Social Engineering

3. What type of attack is port scanning?

a. Reconnaissance
b. Access
c. DoS
d. Social Engineering

4. What type of attack is man-in-the-middle?

a. Reconnaissance
b. Access
c. DoS
d. Social Engineering

5. What type of attack is address spoofing?

a. Reconnaissance
b. Access
c. DoS
d. Social Engineering

Check Your Understanding - IP Vulnerabilities and Threats

1. Which attack is being used when threat actors position themselves between a source and
destination to transparently monitor, capture, and control the communication?
a. Address Spofing Attack
b. Amplification and Reflection Attacks
c. ICMP Attack
d. MITM Attack
e. Session Hijacking
 2. Which attack is being used when threat actors gain access to the physical network, and then use
an MiTM attack to capture and manipulate a legitimate user’s traffic?
a. Address Spofing Attack
b. Amplification and Reflection Attacks
c. ICMP Attack
d. MITM Attack
e. Session Hijacking

3. Which attack is being used when threat actors initiate a simultaneous, coordinated attack from
multiple source machines?
a. Address Spofing Attack
b. Amplification and Reflection Attacks
c. ICMP Attack
d. MITM Attack
e. Session Hijacking

4. Which attack is being used when threat actors use pings to discover subnets and hosts on a
protected network, to generate flood attacks, and to alter host routing tables?
a. Address Spofing Attack
b. Amplification and Reflection Attacks
c. ICMP Attack
d. MITM Attack
e. Session Hijacking

5. Which attack being used is when a threat actor creates packets with false source IP address
information to either hide the identity of the sender, or to pose as another legitimate user?
a. Address Spoofing Attack
b. Amplification and Reflection Attacks
c. ICMP Attack
d. MITM Attack
e. Session Hijacking

Check Your Understanding - TCP and UDP Vulnerabilities

1. Which attack exploits the three-way handshake?

a. TCP reset attack
b. UDP flood attack
c. TCP SYN Flood attack
d. DoS attack
e. TCP session hijacking

2. Which attack uses a four-way exchange to close the connection using a pair of FIN and ACK
segments from each endpoint?
a. TCP reset attack
 b. UDP flood attack
c. TCP SYN Flood attack
d. DoS attack
e. TCP session hijacking

3. Which attack is being used when the threat actor spoofs the IP address of one host, predicts the
next sequence number, and sends an ACK to the other host?
a. TCP reset attack
b. UDP flood attack
c. TCP SYN Flood attack
d. DoS attack
e. TCP session hijacking

4. A program sweeps through all the known ports on a server and sends ICMP echo requests to
each closed port. This causes the server to reply with numerous ICMP port unreachable
messages. Which attack is this?
a. TCP reset attack
b. UDP flood attack
c. TCP SYN Flood attack
d. DoS attack
e. TCP session hijacking

Check Your Understanding - Network Security Best Practices

1. Which network security device ensures that internal traffic can go out and come back, but
external traffic cannot initiate connections to inside hosts?
a. VPN
b. ASA Firewall
c. IPS
d. ESA/WSA
e. AAA Server
2. Which network security device contains a secure database of who is authorized to access and
manage network devices?
a. VPN
b. ASA Firewall
c. IPS
d. ESA/WSA
e. AAA Server
3. Which network security device filters known and suspicious internet malware sites?
a. VPN
b. ASA Firewall
c. IPS
d. ESA/WSA
e. AAA Server
 4. Which network security device is used to provide secure services with corporate sites and
remote access support for remote users using secure encrypted tunnels?
a. VPN
b. ASA Firewall
c. IPS
d. ESA/WSA
e. AAA Server

5. Which network security device monitors incoming and outgoing traffic looking for malware,
network attack signatures, and if it recognizes a threat, it can immediately stop it?
a. VPN
b. ASA Firewall
c. IPS
d. ESA/WSA
e. AAA Server

Check Your Understanding – Cryptography

1. Which encryption method repeats an algorithm process three times and is considered very
trustworthy when implemented using very short key lifetimes?
a. Rivest Cipher
b. Triple DES
c. Block Cipher
d. Data Encryption Standard
e. Stream Cipher

2. Which encryption method encrypts plaintext one byte or one bit at a time?
a. Rivest Cipher
b. Block Cipher
c. Data Encryption Standard
d. Software Encryption algorithm
e. Stream Cipher

3. Which encryption method uses the same key to encrypt and decrypt data?
a. Triple DES
b. Symmetric
c. Block Cipher
d. Data Encryption Standard
e. Asymmetric

4. Which encryption method is a stream cipher and is used to secure web traffic in SSL and
TLS?
a. Rivest Cipher
b. Triple DES
c. Symmetric
 d. Block Cipher
e. Data Encryption Standard

Module I - Quiz - Network Security Concepts

1. The IT department is reporting that a company web server is receiving an abnormally

high number of web page requests from different locations simultaneously. Which type
of security attack is occurring?
a. Phishing
b. DDoS
c. Spyware
d. Social engineering
e. Adware

2. What causes a buffer overflow?

a. Attempting to write more data to a memory location than that location can hold
b. Sending repeated connections such as Telnet to a particular device, thus denying other
data sources
c. Sending too much information to two or more interfaces of the same device, thereby
causing dropped packets
d. Launching a security countermeasure to mitigate a Trojan horse
e. Downloading and installing too many software updates at one time

3. Which objective of secure communications is achieved by encrypting data?

a. Availability
b. Integrity
c. Confidentiality
d. Authentication

4. What type of malware has the primary objective of spreading across the network?
a. botnet
b. virus
c. worm
d. Trojan horse
5. Which algorithm can ensure data confidentiality?
a. MD5
b. AES
c. PKI
d. RSA
6. What three items are components of the CIA triad? (Choose three.)
a. Integrity
b. Access
c. Confidentiality
d. Scalability
e. Availability
 f. Intervention

7. Which cyber attack involves a coordinated attack from a botnet of zombie computers?
a. MITM
b. ICMP redirect
c. Address spoofing
d. DDoS

8. What specialized network device is responsible for enforcing access control policies
between networks?
a. Switch
b. Firewall
c. Bridge
d. IDS

9. To which category of security attacks does man-in-the-middle belong?

a. DoS
b. Reconnaissance
c. Social Engineering
d. Access

10. What is the role of an IPS?

a. To enforce access control policies based on packet content
b. To detect patterns of malicious traffic by the use of signature files
c. To filter traffic based on defined rules and connection context
d. To filter traffic based on Layer 7 information

11. Which type of DNS attack involves the cybercriminal compromising a parent domain and
creating multiple subdomains to be used during the attacks?
a. Amplification and reflection
b. Cache poisoning
c. Shadowing
d. Tunneling

12. Which two types of hackers are typically classified as grey hat hackers? (Choose two.)
a. Cyber criminals
b. Vulnerability brokers
c. State-sponsored hackers
d. Hacktivists
e. Script kiddies

13. What is a significant characteristic of virus malware?

a. A virus can execute independently of the host system
b. Once installed on a host system, a virus will automatically propagate itself to
other systems
c. A virus is triggered by an event on the host system
 d. Virus malware is only distributed over the Internet

14. A cleaner attempt to enter a computer lab but is denied entry by the receptionist because
there is no scheduled cleaning for that day. What type of attack was just prevented?
a. Social engineering
b. Trojan
c. Phishing
d. Shoulder surfing
e. War driving

Check Your Understanding - VPN Technology

1. Which VPN benefit allows an enterprise to easily add more users to the network?
a. Cost Saving
b. Security
c. Scalability
d. Compatibility

2. Which VPN benefit allows an enterprise to increase the bandwidth for remote sites
without necessarily adding more equipment or WAN links?
a. Cost Saving
b. Security
c. Scalability
d. Compatibility

3. Which VPN benefit uses advanced encryption and authentication protocols to protect
data from unauthorized access?
a. Cost Saving
b. Security
c. Scalability
d. Compatibility

4. Which type of VPN is used to connect a mobile user?

a. Site-to-site
b. Remote-access
c. GRE
d. IPsec

5. Which VPN solutions are typically managed by an enterprise? (Choose three)

a. MPLS Layer 2
b. MPLS Layer 3
c. IPsec
d. SSL
e. Frame Relay
f. DMVPN
Check Your Understanding - Types of VPNs

1. What type of VPN can be established with a web browser using HTTPS?
a. IPsec
b. Client-based VPN
c. Site-to-Site VPN
d. Clientless VPN

2. Which feature describes SSL VPNs?

a. All IP-based application are supported
b. Only requires a web browser on a host
c. Specific devices with specific configurations can connect
d. Uses two-way authentication with shared keys or digital certificates

3. What type of protocol is GRE?

a. Security protocol
b. Passenger protocol
c. Carrier protocol
d. Transport protocol

4. What type of VPN enables an enterprise to rapidly scale secure access across the
organization?
a. DMVPN
b. Remote-access VPN
c. Site-to-Site VPN
d. MPLS VPN

5. What type of VPN enables an enterprise to emulate an Ethernet multiaccess LAN with
remote sites?
a. DMVPN
b. Remote-access VPN
c. Site-to-Site VPN
d. MPLS VPN

Check Your Understanding – IPsec

1. IPsec can protect traffic in which OSI Layers? (Choose four.)

a. Layer 1
b. Layer 2
c. Layer 3
d. Layer 4
e. Layer 5
f. Layer 6
 g. Layer 7

2. Which IPsec function uses pre-shared passwords, digital certificates, or RSA certificates?
a. IPsec protocol
b. Confidentiality
c. Integrity
d. Authentication
e. Diffie-Hellman

3. True or False:
“The IPsec framework must be updated each time a new standard is developed.”
a. True
b. False

4. Which choices are available for the IPsec Protocol function in the IPsec framework?
(Choose two.)
a. AES
b. AH
c. DH24
d. ESP
e. PSK
f. RSA
g. SHA

5. Which choices are available for the Confidentiality function in the IPsec framework?
(Choose three.)
a. 3DES
b. AES
c. AH
d. DH24
e. PSK
f. SEAL
g. SHA

6. Which choices are available for the Integrity function in the IPsec framework? (Choose
two.)
a. AES
b. AH
c. DH24
d. MD5
e. PSK
f. SEAL
g. SHA

7. Which choices are available for the Authentication function in the IPsec framework?
(Choose two.)
 a. AES
b. AH
c. DH24
d. PSK
e. RSA
f. SEAL
g. SHA

8. Which Diffie-Hellman group choices are no longer recommended?

a. DH groups 1, 2, and 5
b. DH groups 14, 15, and 16
c. DH groups 19, 20, 21, and 24

Module II - Quiz - VPN and IPsec Concepts

1. Which two statements describe a remote access VPN? (Choose two.)

a. It connects entire networks to each other
b. It requires hosts to send TCP/IP traffic through a VPN gateway.
c. It may require VPN client software on hosts
d. It requires static configuration of the VPN tunnel
e. It is used to connect individual hosts securely to a company network over the
Internet

2. The use of 3DES within the IPsec framework is an example of which of the five IPsec
building blocks?
a. Confidentiality
b. Nonrepudiation
c. Integrity
d. Diffie-Hellman
e. Authentication

3. Which type of VPN may require the Cisco VPN Client software?
a. MPLS VPN
b. SSL VPN
c. Site-to-Site VPN
d. Remote-access VPN

4. Which technique is necessary to ensure a private transfer of data using a VPN?

a. Virtualization
b. Encryption
c. Authorization
d. Scalability

5. What are the two fundamental Dynamic Multipoint VPN tunnel types? (Choose two.)
a. Site-to-site
 b. Client-to-site
c. Spoke-to-spoke
d. Hub-to-spoke
e. Server-to-client

6. What are two reasons a company would use a VPN? (Choose two.)
a. To eliminate the need of having a gateway
b. To test network connections to remote users
c. To increase bandwidth to the network
d. To allow suppliers to access the network
e. To connect remote users to the network

7. True or False:
“All VPNs securely transmit clear text across the Internet.”
a. True
b. False

8. Which solution allows workers to telecommute effectively and securely?

a. Dial-up connection
b. DSL connection
c. Site-to-site VPN
d. Remote-access VPN

9. Which VPN type is a service provider managed VPN?

a. Site-to-Site VPN
b. Layer 3 MPLS VPN
c. Remote-access VPN
d. GRE over IPsec VPN

10. Which IPsec framework protocol provides data integrity and data authentication, but does
not provide data confidentiality?
a. ESP
b. IP protocol 50
c. AH
d. DH

11. What algorithm is used to provide data integrity of a message through the use of a
calculated hash value?
a. HMAC
b. RSA
c. DH
d. AES

12. Which statement describes the effect of key length in deterring an attacker from hacking
through an encryption key?
a. The shorter the key, the harder it is to break
 b. The length of a key will not vary between encryption algorithms
c. The length of a key does not affect the degree of security
d. The longer the key, the more key possibilities exist

13. What is a type of VPN that is generally transparent to the end user?
a. Public
b. Private
c. Remote-Access
d. Site-to-Site

Check Your Understanding - Data Formats

1) Which of the following data formats is typically used to display web pages?
a) HTML
b) XML
c) JSON
d) YAML

2) Which of the following describes a key/value pair?

a) A key is a string and a value is a list
b) A key/value pair is another name for an array
c) A key describes the data and the value is the data itself
d) A key/value pair is only used in JSON

3) TRUE or FALSE: White space in JSON format is significant and must be correctly
formatted.
a) True
b) False

4) This data format is a minimalist format that is very easy to read and is considered a superset
of another data format.
a) HTML
b) XML
c) JSON
d) YAML

5) This data format is self-descriptive through the use of the <tag>data</tag> structure.
a) HTML
b) XML
c) JSON
d) YAML

Check Your Understanding – APIs

1) True or False:
a) “An API is a set of rules describing how one application can interact with another, and
the instructions to allow the interaction to occur.”
b) True
c) False

2) Which of the following APIs would be used exclusively between Google and Cisco?
a) Open or Public API
b) Internal or Private API
c) Partner API

3) Which of the following APIs is used by Cisco to provide access to students to complete labs?
a) Open or Public API
b) Internal or Private API
c) Partner API

4) Which of the following APIs would be used exclusively between computing devices within
Cisco?
a) Open or Public API
b) Internal or Private API
c) Partner API

5) Which of the following APIs provides flexible formatting and is the most widely used?
a) SOAP
b) REST
c) XML-RPC
d) JSON-RPC

Check Your Understanding – REST

1) An API in considered RESTful if it has which of the following features? (Choose three.)
a) Stateful
b) Stateless
c) Cacheable
d) Cacheless
e) Client-Server
f) Server-Server

2) Which of the following is a URL?

a) [Link]
b) [Link]
c) [Link]/c/en/us/solutions/[Link]
d) #~all-guides

3) Which of the following is a URN?

 a) [Link]
b) [Link]
c) [Link]/c/en/us/solutions/[Link]
d) #~all-guides

4) Which of the following is a URI?

a) [Link]
b) [Link]
c) [Link]/c/en/us/solutions/[Link]
d) #~all-guides

5) Which of the following make up the query portion of a RESTful request? (Choose three.)
a) Key
b) Format
c) Parameters
d) Resources
e) API server

Check Your Understanding - Configuration Management

1) Which of the following are note typically used as configuration tools? (Choose two.)
a) API
b) Ansible
c) Chef
d) Puppet
e) SaltStack
f) SNMP

2) Identify the term for the following definition in relationship to configuration management
tools: Programmatically performing a task on system such as configuring an interface or
deploying a VLAN.
a) Version control
b) Automation
c) Orchestration
d) Network management

3) Identify the term for the following definition in relationship to configuration management
tools: The process of how all automated activities need to happen, such as the order they
must be done and what must be completed before another task is begun.
a) Version control
b) Automation
c) Orchestration
d) Network management

4) True or False:
 “Agentless means that the controller or master pushes the configuration to the controlled
device.”
a) True
b) False

5) Which of the following configuration management tools use Python? (Choose all that apply.)
a) Ansible
b) Chef
c) Puppet
d) SaltStack

Check Your Understanding - IBN and Cisco DNA Center

1) Which IBN feature is responsible for continuous validation and verification that the network
is meeting the expressed intent?
a) Translation
b) Activation
c) Assurance
d) Network Infrastructure

2) Which IBN feature enables the network administrator to express the expected networking
behavior that will best support the business intent?
a) Translation
b) Activation
c) Assurance
d) Network Infrastructure

3) Which IBN feature installs policies that capture intent into the physical and virtual network
infrastructure using networkwide automation?
a) Translation
b) Activation
c) Assurance
d) Network Infrastructure

4) True or False:
“The underlay limits the number of devices the network administrator must program. It also
provides services and alternative forwarding methods not controlled by the underlying
physical devices.”
a) True
b) False

Module Quiz - Network Automation

1. What is JSON?
 a. It is a scripting language
b. It is a compiled programming language
c. It is a database
d. It is a data format for scripting and transporting data

2. What is an architectural constraint to which a true RESTful API web service must
adhere?
a. It operates as a cloud service
b. It uses HTTPS to transport data
c. It runs as client/server model
d. It must support the XML data format

3. In the RESTful API request example, [Link]

[Link]/directions/v2/route?
outFormat=json&key=KEY&from=San+Jose,Ca&to=Monterey,Ca, which term
describes the component directions/v2/route?
a. API server
b. Parameters
c. Query
d. Resources

4. Which statement describes an API?

a. It is a set of rules that filter network traffic for web-based applications
b. It is a programming language for creating a web-based application
c. It is a set of functions and subroutines to be used in a comprehensive application
d. It is a set of functions and procedures that allows a client application to access the
data of the service application

5. Which term describes the process of managing configuration changes of network devices
in an orderly fashion?
a. Automation
b. Orchestration
c. Version control
d. Provisioning

6. Which web service API can use multiple data formats including JSON, XML, and
YAML?
a. REST
b. SOAP
c. XML-RPC
d. JSON-RPC

7. What are two reasons that most RESTful APIs require a key in the request? (Choose
two.)
a. To make sure that the query matches the service offered by the web application
b. To encrypt the query massage int the API request
 c. To gather information on the people using the API
d. To authenticate the requesting source
e. To specify the data format expected from the response

8. What is a difference between the XML and HTML data formats?

a. XML formats data in hexadecimal whereas HTML format data in binary
b. XML encloses data within a pair of tags whereas HTML uses a pair of quotation
marks to enclose data
c. XML requires indentation for each key/value pair whereas HTML does not
require indentation
d. XML uses a self-descriptive data structure but HTML uses a standard document
structure

9. A programmer is using Ansible as the configuration management tool. Which term is

used to describe a set of instructions for execution?
a. Manifest
b. Playbook
c. Pillar
d. Cookbook

10. Which term is used to describe a set of instructions for execution by the configuration
management tool Chef?
a. Manifest
b. Playbook
c. Pillar
d. Cookbook

11. Which two configuration management tools are developed using Python? (Choose two.)
a. NETCONF
b. SaltStack
c. Ansible
d. Chef
e. Puppet

12. Which function of the Cisco intent-based networking system (IBNS) enables network
operators to express the expected networking behavior that will best support the business
intent?
a. Translation
b. Activation
c. ACL analysis
d. Assurance

13. Which types of APIs are suitable for the data communication between a travel website
and a hotel chain inquiring about room availability data?
a. Internal APIs
b. Partner APIs
 c. Open APIs
d. Public APIs

14. Which characters are used to enclose a JSON key?

a. Square brackets
b. Quotation marks
c. Colons
d. Commas

15. Which character is used to separate JSON key/value pairs?

a. (dash) –
b. (semi colon) ;
c. (forward slash) /
d. (comma) ,