ACLs should only permit special types of ICMP messages to enter an internal
network. Allowed ICMP traffic includes an ICMP reply, source quench, and any ICMP
unreachable messages. All other ICMP traffic types should be denied.
2. A company decides to purchase a device capable of managing load balancing so that traffic will be
distributed between their servers. What could be a potential problem using the new device on the
A. The traffic will require more bandwidth to send to multiple servers.
B. The LBM probe messages may appear as suspicious traffic.
C. It will cause extra traffic going to a server resource that is not available.
D. All links to redundant servers will require encrypted tunneling protocols.
Load balancing manager (LBM) devices distribute traffic between devices or
network paths to prevent overwhelming network resources. LBM devices may send probes to
different servers to detect that the servers are operating. These probes can appear to be suspicious
3. What method allows VPN traffic to remain confidential?
The Simple Mail Transfer Protocol (SMTP) is used to send email. The Post Office
Protocol (POP) and Internet Message Access Protocol (IMAP) are used to retrieve email. All
three protocols are application layer protocols.
7. Which network service synchronizes the time across all devices on the network?
There are two methods that can be used to set date and time settings on network
devices. Manual configuration and automatically using the Network Time Protocol (NTP). The
NTP keeps the time across all devices synchronized by using a hierarchical system of sources.
8. What port number would be used if a threat actor was using NTP to direct DDoS attacks?
SMTP is used to send data between mail servers and to send data from a host to a
mail server. The other two protocols that can be used for email are IMAP and POP3. IMAP and
POP3 are used to download email messages from a mail server.
10. How do cybercriminals make use of a malicious iFrame?
A. The attacker embeds malicious content in business appropriate files.
B. The attacker redirects traffic to an incorrect DNS server.
C. The iFrame allows the browser to load a web page from another source.
D. The iFrame allows multiple DNS subdomains to be used.