61. What is the primary purpose of an IDS (Intrusion Detection System)?
- a) To monitor network traffic for suspicious activity
- b) To block all incoming traffic by default
- c) To encrypt sensitive data
- d) To assign IP addresses dynamically
Answer: A - IDS monitors and alerts on threats but doesn't block traffic (unlike IPS).
62. Which wireless standard operates at 2.4 GHz with a maximum speed of 54 Mbps?
- a) 802.11g
- b) 802.11a
- c) 802.11n
- d) 802.11ac
Answer: A - 802.11g improved 802.11b's speed while maintaining 2.4 GHz compatibility.
63. What type of attack floods a network with ICMP Echo Requests?
- a) Ping flood
- b) SYN flood
- c) Smurf attack
- d) DNS amplification
Answer: A - Ping floods overwhelm targets with ICMP packets (a type of DoS attack).
64. Which port does Telnet use by default?
Answer: A - Telnet (insecure remote access) uses port 23; SSH (port 22) is the secure alternative.
65. What is the purpose of RADIUS in network security?
- a) Centralized authentication for network access
- b) To filter malicious websites
- c) To encrypt VPN traffic
- d) To prevent ARP spoofing
Answer: A - RADIUS provides AAA services (Authentication, Authorization, Accounting).
66. Which encryption protocol is used by WPA2-Enterprise?
- a) AES-CCMP
- b) TKIP
- c) WEP
- d) DES
Answer: A - WPA2 uses AES (Advanced Encryption Standard) with CCMP for data encryption.
67. What does a blue cable typically indicate in networking?
- a) Fiber optic connection
- b) Crossover cable
- c) Power over Ethernet (PoE)
- d) Serial connection
Answer: A - Blue often denotes fiber optic cables (yellow is common for PoE).
68. Which tool would you use to test network connectivity?
- a) ping
- b) nslookup
- c) arp
- d) netstat
Answer: A - Ping tests reachability via ICMP Echo Requests/Replies.
69. What is the main vulnerability of WEP encryption?
- a) Weak IV (Initialization Vector) implementation
- b) No MAC address filtering
- c) Short password requirements
- d) Lack of NAT support
Answer: A - WEP's 24-bit IVs can be reused, allowing decryption via statistical attacks.
70. Which protocol is used for secure file transfer?
- a) SFTP
- b) FTP
- c) TFTP
- d) HTTP
Answer: A - SFTP (SSH File Transfer Protocol) encrypts files in transit (port 22).
71. What does a firewall's "implicit deny" rule do?
- a) Blocks all traffic unless explicitly allowed
- b) Allows all traffic unless explicitly blocked
- c) Logs all traffic without filtering
- d) Prioritizes VoIP traffic
Answer: A - Default-deny is a security best practice ("deny all, permit by exception").
72. Which attack intercepts communication between two parties?
- a) Man-in-the-Middle (MITM)
- b) DDoS
- c) Phishing
- d) SQL injection
Answer: A - MITM attacks secretly relay/alter communications (prevented by encryption).
73. What is the purpose of port security on a switch?
- a) To restrict access based on MAC addresses
- b) To encrypt all traffic on the port
- c) To block all inbound connections
- d) To prioritize VLAN traffic
Answer: A - Port security limits device access by whitelisting specific MAC addresses.
74. Which command displays ARP cache entries?
- a) arp -a
- b) ipconfig /all
- c) netstat -r
- d) tracert
Answer: A - arp -a lists IP-to-MAC address mappings on Windows/Linux.
75. What is the primary risk of an open Wi-Fi network?
- a) Unencrypted data transmission
- b) Slower connection speeds
- c) IP address conflicts
- d) VLAN hopping
Answer: A - Open networks expose all traffic to eavesdropping (use VPNs for protection).
76. Which protocol is vulnerable to "pass the hash" attacks?
- a) NTLM
- b) SSH
- c) HTTPS
- d) SNMPv3
Answer: A - NTLM (Windows authentication) allows reuse of hashed credentials.
77. What does "traceroute" use to map network paths?
- a) Incrementing TTL values
- b) DNS queries
- c) ARP requests
- d) MAC address tables
Answer: A - Traceroute sends packets with increasing TTLs to trigger "Time Exceeded" messages from each hop.
78. Which security feature prevents MAC flooding attacks?
- a) Port security
- b) VLAN tagging
- c) IPsec
- d) 802.1X
Answer: A - Port security limits MAC addresses per port, preventing switch table overflow.
79. What is the purpose of a DMZ in network architecture?
- a) To host public-facing services securely
- b) To store encrypted backups
- c) To isolate wireless networks
- d) To filter spam emails
Answer: A - DMZ (Demilitarized Zone) separates public servers (e.g., web/mail) from internal networks.
80. Which tool captures and analyzes network packets?
- a) Wireshark
- b) Netstat
- c) Tracert
- d) Nmap
Answer: A - Wireshark is a protocol analyzer for deep packet inspection.