March 27, 2025 • 18 mins
Cybersecurity professionals, alert! A dangerous Chrome zero-day vulnerability demands your immediate attention. In this action-packed episode, Sean Gerber breaks down CVE-25-2783, a critical security threat that allows attackers to execute remote code simply by having users click malicious links. Though initially targeting Russian organizations, this exploit threatens Chromium-based browsers worldwide—including Chrome, Edge, Brave, Opera, and Vivaldi. Don't wait—patch immediately!
The heart of this episode delivers 15 expertly-crafted CISSP practice questions focusing on Domain 4.2 network security concepts. Sean methodically explores essential topics including router load balancing capabilities, electromagnetic interference vulnerabilities, NAC implementation benefits, and optimal firewall configurations. Each question peels back another layer of network security knowledge, from identifying mesh topologies as offering superior fault tolerance to understanding how protocol analyzers diagnose VLAN performance issues.
Advanced concepts receive equal attention with clear explanations of UDP timeout values in stateful firewalls, proper NIPS deployment strategies, VPN protocol security comparisons, broadcast storm mitigation techniques, and wireless security standards. Sean's straightforward breakdown of why WPA3 Enterprise provides superior protection and how ARP poisoning facilitates man-in-the-middle attacks transforms complex technical material into accessible knowledge that sticks.
Whether you're actively studying for the CISSP exam or simply looking to strengthen your network security fundamentals, this episode delivers precision-targeted information in an engaging format. Visit CISSP Cyber Training for complete access to all practice questions covered and accelerate your certification journey today!
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Welcome to the CISSP Cyber Training Podcast, where we
provide you the training andtools you need to pass the CISSP
exam the first time.
Hi, my name is Sean Gerber andI'm your host for this
action-packed, informativepodcast.
Join me each week as I providethe information you need to pass
the CISSP exam and grow yourcybersecurity knowledge.
(00:20):
All right, let's get started.
Let's go.
Cybersecurity knowledge Allright let's get started.
Speaker 2 (00:31):
Hey, I'm Sean Gerber with CISSP Cyber Training, and
hope you all are having abeautifully blessed day today.
Today is CISSP QuestionThursday, and today we are going
to be talking about CISSPquestions associated with the
content that we had on Monday,and Monday was over domain 4.2
of the CISSP exam.
So we're going to get into thatin just a second, but before we
do, had an article that Iwanted to bring to all of your
(00:51):
attention related to a zero-dayalert that Google just released
a patch for.
So this is attacking theChromium browser, the Chrome
browser, and the ultimate pointof it is the CVE-25-2783.
Now, this release of this patch,the Zeroday that's out there
right now, has been targetingorganizations within Russia, and
(01:12):
this is the media, this is theeducational institutions and
government organizations, whereit basically targets them.
If you click on the link, youautomatically get infected, and
then some they don't really knowyet but there's also a remote
code execution that occurs witha second exploit, and they
haven't figured that one out yet.
So ultimately, they're able touse Chrome, gain access to these
(01:34):
systems, remote code executionagainst them, and now they can
have access to your device.
Now you say, well, this isRussia, so maybe you do or do
not care about that, but if it'stargeting a google chrome
instance within russia, it caneasily be manipulated against
anybody else around the globe.
So the ultimate point is isthat you need to get this
patched as soon as you possiblycan.
(01:54):
Uh, basically, an email goesout.
The email has links on it.
You click on it.
You're immediately infected.
So you definitely want to getthis resolved as quickly as you
possibly can.
Users with Chromium-basedbrowsers, such as Edge, brave,
opera and Vivaldi, are advisedto apply the fix when they can
do this.
And again, this is from HackerNews and it's from Kapursky Labs
(02:16):
who discovered this issue.
So I highly recommend that yougo out and get that addressed,
if not today within the nextcouple of days would probably be
a good idea, because you know,the bad guys and girls will
start using it in other placesbesides Russia.
Okay, so that's what we havethere.
Let's roll into our questionsfor the day.
Okay, so this is question.
(02:37):
This is group 10 of the CISSP.
So basically, if you go toCISSP Cyber Training, I have
questions that are set upspecifically for you over all of
the domains, and each domainhas a group of questions that
are there.
This is group 10 of questionsthat are in domain four, and
there are usually 15 to 20questions each, and they're set
(02:58):
up specifically for that domain,and this is group 10.
This is basically what.
If you go into cissp cybertraining, you can actually get
just click to the questions.
Once you get to the questions,you can go to domain 4 and then
you can gain access to thisactual question bank as well.
I'm also looking at a differentoption right now with questions
.
It looks really promising.
(03:19):
I'm trying to figure out thecost, if it's going to be
valuable or not for you all, butit's.
It looks pretty cool, so we'llsee how that plays out.
Okay, group 10 15 questionshere.
Let us get going.
All right, this is the overdomain 4.2.
Okay, question one a company isexperiencing slow network
performance, particularly duringpeak hours.
Which of the following networkdevices would most effectively
(03:42):
address this issue bydistributing traffic across
multiple paths?
Okay, again, what would be themost effective in addressing an
issue of distributing trafficacross multiple network paths?
A hub, b switch, c router withload balancing capabilities or D
a firewall with deep packetinspection and, again,
(04:03):
distributing your traffic acrossall network paths or multiple
network paths?
It would be A router withnetwork balancing capabilities.
Answer C, again, that's theultimate point you got.
Load balancing helps a lot withputting it across multiple
network paths.
Question two which of thefollowing transmission media is
most susceptible toelectromagnetic interference, or
commonly known as EMI?
(04:24):
Again, which of the followingtransmission media is most
susceptible to electromagneticinterference?
A fiber optic cables, b coaxialcables, b twisted pair cabling
or D wireless or Wi-Fi.
And the answer is D wireless orWi-Fi.
Again, emi can affect that,specifically because it's
(04:45):
transmissions over the air andif you have enough EMI, those
will go bye-bye.
So one thing we learned in theB-1 while I was flying B-1, is
they also have it set up for EMP, which is electromagnetic pulse
, that's when a nuke goes offand there's an EMP that occurs
and it fries all the electronicsin your whatever you're dealing
with.
So the bad thing is, if you'reflying a B-1 and a bomb goes off
(05:06):
, a nuke goes off, now yourplane, if they didn't have it
shielded, would be basicallybecoming a brick.
Now that's not a good thing.
So they've put things in placeto obviously fix those issues,
but all I can say is, if we havea nuke going off, we all have a
bad day.
Whether or not you're in anairplane or you're on the ground
doesn't really matter.
It's bad, real bad.
Question three A companyimplements a NAC solution that
(05:29):
quarantines endpoints that failsecurity checks.
Which of the following is aprimary benefit of this approach
?
Again, a company implements aNAC solution that quarantines
endpoints that fail securitychecks.
Which of the following is aprimary benefit of this approach
?
A the reduced risk of malwareinfections.
B the improved networkperformance.
(05:50):
C enhanced user experience or.
D simplified networkadministration.
Again, a company implements aNAC which is a primary benefit
of this approach?
And the answer is A reducedrisk of malware infections.
Again, by isolating oraffecting non-compliant devices,
the NAC will help preventspread of malware.
Obviously, because it puts itin a position where they can't
(06:10):
be used.
This is an automated typesolution.
It can be very, very valuable.
The downside, obviously, is ittakes some time to implement
this, but it could be veryhelpful, especially if you are a
targeted entity.
Question four which of thefollowing firewall rule sets
would be most effective inpreventing external access to
internal web servers whileallowing internal users access
to the internet A block allinbound traffic.
(06:31):
Allow all outbound traffic.
B block all outbound traffic.
Allow all inbound traffic.
C block all traffic, allowingspecific inbound and outbound
traffic.
Or D allow all traffic, blockspecific inbound and outbound
traffic.
Or D allow all traffic, blockspecific inbound and outbound
traffic.
And the answer would be A.
Now this could obviously godifferent ways, but the answer
is A block all inbound trafficand allow outbound traffic.
(06:53):
So the most effective way isagain, if you're wanting to stop
external access to an internalweb server, would be to block
all inbound traffic.
Now, that obviously probablyisn't the best solution for your
company, depending upon thesituation, but it is the most
effective because it willdefinitely limit people gaining
access to your internal webservers.
Question five a company isexperiencing a significant
(07:15):
increase in network traffic.
Which of the following networkdevices would most effectively
analyze network traffic patternsto identify potential threats
and anomalies.
Again, a significant increasein network traffic.
Which of the following deviceswould be most effective in
analyzing network trafficpatterns to identify potential
threats?
and anomalies A a hub, b aswitch, c a router or D an IDS
(07:39):
or intrusion detection system.
And yes, you guessed it, itwould be D, an IDS.
An IDS will do a deep packetinspection of all the traffic
coming in and out and it has theability to look for any sort of
malicious activities.
So an IDS of this questionwould be the right one to choose
.
Question six A company isimplementing a BYOD policy.
Which of the following securitymeasures is most critical for
(08:01):
ensuring security of companydata and employee-owned devices?
Again, they're doing BYOD.
Which of the following is mostcritical for ensuring security
of the company data andemployee-owned devices?
A device encryption, b remotewipe capability, c MDM software
or D all of the above.
Most critical would be all ofthe above.
(08:22):
Right, you want to have somelevel of access or protection in
on your BYOD Data encryption,remote wipe and MDM.
Those are all valid.
They might actually all bewrapped under the MDM software
itself, but they are animportant part if you're doing
any sort of BYOD within yourcompany.
Question seven which of thefollowing network topologies
offers the highest level offault tolerance?
(08:42):
A bus topology, c, b startopology, c mess topology or D
ring topology Not Lord of theRings, just the ring topology.
Which of the following networktopologies offers the highest
level of fault tolerance?
And the answer is C mesh rightMess technology.
Each device is connecteddirectly to multiple other
(09:03):
devices, so if something goesdown, you do have your best
level of redundancy related toyour devices and your network.
Question eight a company isexperiencing a slow network
performance on a specific VLANor virtual local area network.
Which of the following toolswould be most helpful in
identifying the source of theissue?
Again, you're having someperformance issues on your VLAN.
(09:26):
What would be the most helpfulin looking for the issue of the
source, the source issue?
Yeah, something like that.
English is not my firstlanguage.
I don't know what it isActually, it's probably baby
talk, all right.
A protocol analyzer, b networkscanner, c port scanner or D
vulnerability scanner?
And the answer would be A, aprotocol scanner.
(09:46):
This captures and analyzesnetwork traffic, allowing
administrators to identifyperformance bottlenecks and
network congestion.
The protocol analyzer will alsolook to make sure the protocols
are properly being utilized andyour connections, your
handshakes and all thosedifferent aspects are occurring
as they're expected.
Question nine a company isexperiencing a significant
increase in the number of denialof service attacks or DOSs.
(10:08):
Which of the following networkdevices would be most effective
in mitigating these attacks?
Okay, you have a denial ofservice attack.
Things are getting flooded.
What do you do?
A switch with VLAN segmentation.
B a firewall with intrusionprevention tech capabilities.
C a router with QoS or qualityof service QoS.
Or D a load balancer.
So if you're having a DDoSattack, which would be the most
(10:31):
effective in mitigating some ofthese attacks?
I mean, all of these probablyare a little bit squishy,
honestly, but the answer wouldbe B firewall with IPS
capabilities.
Now the IPS can set up to shuntor to block the DDoS type of
attacks and the firewall istypically right there on the
edge.
So it would be probably be yourbest solution.
I wouldn't even go with any ofthese.
I'd probably have a DDoSprotection capability that's out
(10:54):
in the cloud and that all yourtraffic is routed through.
But if you didn't have thatopportunity, a firewall with
some IPS or DDoS type ofmitigation techniques would be
probably your best choice inthese questions.
Question 10, a companyimplements a stateful firewall
and observes UDP packets arebeing dropped after a short
period of inactivity.
What is the most likely cause?
Okay, so we all know UDP isjust broadcast and it's being
(11:17):
dropped after a short period ofinactivity.
What does this mean?
A and it's being dropped aftera short period of inactivity.
What does this mean?
A incorrectly configured ACLsor access control lists.
B the firewall's timeout valuefor UDP sessions is too low.
C the firewall's SYN floodprotection is misconfigured.
Or?
D the firewall's implicit denyrule is blocking the packets
Again.
So we got a UDP packets, okay,broadcast, being dropped after a
(11:39):
short period of inactivity.
What would you think it wouldbe?
The answer is B right, thefirewall timeout value for UDP
sessions is too low.
So UDPs are connectionless, aswe all know.
So they're basically broadcastand these sessions are based on
your IP and your ports.
So if there's no activity in atimeout period, it drops them.
So your timeout is too low,it's dropping your packets.
(12:02):
So something to consider.
That's one way, one, one thing.
That could be the challenge.
Question 11 an organization isdeploying a network intrusion
prevention system I nips andwants to minimize the false
positives.
Which of the followingdeployment strategies is most
effective?
So your intrusion networkprevention system?
Which of these you want?
Don't have, don't want to havefalse positives, so which of
these is most effective?
(12:23):
A deploy the NIPS in a passivemonitoring mode.
B deploy the NIPS in line andstrict signature-based detection
.
C deploy the NIPS in line withanomaly-based detection and in a
tuning phase.
Or.
D deploy the NIPS out of bandand configure it to block all
traffic.
Okay, well, that one youdefinitely don't want to do,
right, because that would justyou just denied yourself any
(12:44):
sort of capability.
So that, yeah, that one, justthrow that one out, throw it out
, goodbye.
But the answer is C deploy theNIPS inline, anomaly-based
detection and a tuning phase.
Right.
So you need that anomaly-baseddetection kicked in, but you
also need to have some level oftuning allowing this system to
understand what's the baseline,what are the false positives.
It needs this capability, andso you want to deploy it inline,
(13:06):
but don't have any sort ofblocking capability set up.
You want it to start tuningitself and then you going in and
helping the situation.
Question 12, a company isimplementing a VPN solution for
remote access.
Yay, which of the followingprotocols provides the most
secure method for dataconfidentiality and integrity?
You're implementing VPN.
Which is the most secure methodfor data confidentiality and
(13:29):
integrity?
A PPTP and MPPE.
B SSL VPN with TLS 1.0.
C, ik, e version one, main mode, or D, l2tp with IPsec.
Okay, so if you don't know,you're like I don't know what
any of that acronym soup is.
What is that?
Well, so when you had to kindof have to know some of it, but
two TLS 1.0, you can throw thatone out right away.
(13:52):
Just throw it out, because it'sway beyond TLS 1.0 right now.
But you know that we've talkeda lot about in here about L2TP
and IPsec and IPsec, and both ofthose are very, very good for
what you're trying to accomplish.
Pptp and MPPE they have knownvulnerabilities as well, and so
those are ones that you mightwant to work.
If you don't know what IKEA is,well then you know what.
(14:13):
You can at least break it downto L2TP and IPsec.
So bottom line is L2TP providestunneling and IPSec provides a
strong encryption.
That's what goes over thetunnel.
So you know that for a fact.
So that would be your mostsecure method for securing
confidentiality and integrity.
Question 13.
A network administrator istroubleshooting slow network
performance and suspects abroadcast storm.
(14:36):
Which of the network deviceswould be most effective in
mitigating this issue?
A Hub B, a switch with VLANs.
C router with ACLs or D afirewall with an app, not an ant
, but an app.
A network address translationyes, too many, whatever those
are Acronyms.
Yes, ah, the networkadministrator is troubleshooting
(14:57):
a slow network performance andsuspect a broadcast storm.
Which network device would bemost effective in mitigating
this issue?
And the answer would be B aswitch with VLANs.
Right, so if you have a switchwith multiple VLANs, you can
have the segment has specificdomains, can have traffic to
specific groups, and you canswitch the VLANs to prevent the
broadcast storm from affectingthe entire network, so we
(15:18):
basically can shunt it off.
That's a great point.
Question 14, a company isimplementing a wireless network
and wants to ensure that thestrongest authentication and
encryption that it has.
That which standard will shouldthey use?
Okay, so a company's endingimplementing a wireless network
and wants to ensure thestrongest authentication
possible, what would they use?
A web B WPA 2 or 2, c WPA2 withpre-shared key, or D WPA3
(15:45):
Enterprise?
If you don't know, just pickthe biggest number right WPA3
Enterprise.
It does have strongerencryption, with 256 AES, and it
does require it.
Now, the one thing about it,though, is that it does require
a RADIUS server, which will giveyou some level of centralized
authentication.
Though, is that it does requirea RADIUS server which will give
you some level of centralizedauthentication.
But if you're going to want themost, again, the most strongest
(16:08):
standard, what would they use?
It would be WPA3 Enterprise.
Question 15.
A network security analyst isinvestigating a suspected
man-in-the-middle attack or MITMattack.
Which of the followingtechniques is most likely to be
used by the attacker A DNSspoofing, b SYN flooding, c ARP
poisoning or D the SMURF attack?
(16:30):
Again, you're dealing with aman-in-the-middle attack.
Which of the following is mostlikely to be used by the
attacker?
And the answer would be C ARPpoisoning.
So when you're dealing withARPs, that again it's your
address resolution protocol.
I'm pulling these things out ofmy cranium.
This is where you're dealingwith MAC addresses and IP
addresses, and so if you canspoof those right, then you can
obviously become a man in themiddle by giving them the.
(16:52):
If I had my computer, I'd giveyou my MAC address and then now
I'm part of the chain and it'sI'm good.
Life is golden.
But the art poisoning wouldprobably be the most likely way
that the attacker would try todo a man in the middle attack.
Okay, so that's all I have foryou today on the CISSP, cyber
training.
Again, if you want thesequestions, you want to get
access to all these questions,go to CISSP cyber training.
(17:14):
You can get access to all ofthis content.
Go, purchase the product itself.
It's amazing, you can get itand you know, know what?
You'll have access to all thesequestions immediately, as I'm
looking to roll out this newproduct.
Hopefully we'll see if it works.
Um, then you'll have access tothat as well.
So again, great time with youall today.
I hope you all are having abeautiful, blessed day today.
I really, truly do, and I willplan on catching you next week,
(17:37):
same time, same bat channel, uh,at cissp cyber training.
All right, we will catch youall.
Welcome to the CISSP Cyber Training Podcast, where we
provide you the training andtools you need to pass the CISSP
exam the first time.
Hi, my name is Sean Gerber andI'm your host for this
action-packed, informativepodcast.
Join me each week as I providethe information you need to pass
the CISSP exam and grow yourcybersecurity knowledge.
(00:20):
All right, let's get started.
Let's go.
Cybersecurity knowledge Allright let's get started.
Speaker 2 (00:31):
Hey, I'm Sean Gerber with CISSP Cyber Training, and
hope you all are having abeautifully blessed day today.
Today is CISSP QuestionThursday, and today we are going
to be talking about CISSPquestions associated with the
content that we had on Monday,and Monday was over domain 4.2
of the CISSP exam.
So we're going to get into thatin just a second, but before we
do, had an article that Iwanted to bring to all of your
(00:51):
attention related to a zero-dayalert that Google just released
a patch for.
So this is attacking theChromium browser, the Chrome
browser, and the ultimate pointof it is the CVE-25-2783.
Now, this release of this patch,the Zeroday that's out there
right now, has been targetingorganizations within Russia, and
(01:12):
this is the media, this is theeducational institutions and
government organizations, whereit basically targets them.
If you click on the link, youautomatically get infected, and
then some they don't really knowyet but there's also a remote
code execution that occurs witha second exploit, and they
haven't figured that one out yet.
So ultimately, they're able touse Chrome, gain access to these
(01:34):
systems, remote code executionagainst them, and now they can
have access to your device.
Now you say, well, this isRussia, so maybe you do or do
not care about that, but if it'stargeting a google chrome
instance within russia, it caneasily be manipulated against
anybody else around the globe.
So the ultimate point is isthat you need to get this
patched as soon as you possiblycan.
(01:54):
Uh, basically, an email goesout.
The email has links on it.
You click on it.
You're immediately infected.
So you definitely want to getthis resolved as quickly as you
possibly can.
Users with Chromium-basedbrowsers, such as Edge, brave,
opera and Vivaldi, are advisedto apply the fix when they can
do this.
And again, this is from HackerNews and it's from Kapursky Labs
(02:16):
who discovered this issue.
So I highly recommend that yougo out and get that addressed,
if not today within the nextcouple of days would probably be
a good idea, because you know,the bad guys and girls will
start using it in other placesbesides Russia.
Okay, so that's what we havethere.
Let's roll into our questionsfor the day.
Okay, so this is question.
(02:37):
This is group 10 of the CISSP.
So basically, if you go toCISSP Cyber Training, I have
questions that are set upspecifically for you over all of
the domains, and each domainhas a group of questions that
are there.
This is group 10 of questionsthat are in domain four, and
there are usually 15 to 20questions each, and they're set
(02:58):
up specifically for that domain,and this is group 10.
This is basically what.
If you go into cissp cybertraining, you can actually get
just click to the questions.
Once you get to the questions,you can go to domain 4 and then
you can gain access to thisactual question bank as well.
I'm also looking at a differentoption right now with questions
.
It looks really promising.
(03:19):
I'm trying to figure out thecost, if it's going to be
valuable or not for you all, butit's.
It looks pretty cool, so we'llsee how that plays out.
Okay, group 10 15 questionshere.
Let us get going.
All right, this is the overdomain 4.2.
Okay, question one a company isexperiencing slow network
performance, particularly duringpeak hours.
Which of the following networkdevices would most effectively
(03:42):
address this issue bydistributing traffic across
multiple paths?
Okay, again, what would be themost effective in addressing an
issue of distributing trafficacross multiple network paths?
A hub, b switch, c router withload balancing capabilities or D
a firewall with deep packetinspection and, again,
(04:03):
distributing your traffic acrossall network paths or multiple
network paths?
It would be A router withnetwork balancing capabilities.
Answer C, again, that's theultimate point you got.
Load balancing helps a lot withputting it across multiple
network paths.
Question two which of thefollowing transmission media is
most susceptible toelectromagnetic interference, or
commonly known as EMI?
(04:24):
Again, which of the followingtransmission media is most
susceptible to electromagneticinterference?
A fiber optic cables, b coaxialcables, b twisted pair cabling
or D wireless or Wi-Fi.
And the answer is D wireless orWi-Fi.
Again, emi can affect that,specifically because it's
(04:45):
transmissions over the air andif you have enough EMI, those
will go bye-bye.
So one thing we learned in theB-1 while I was flying B-1, is
they also have it set up for EMP, which is electromagnetic pulse
, that's when a nuke goes offand there's an EMP that occurs
and it fries all the electronicsin your whatever you're dealing
with.
So the bad thing is, if you'reflying a B-1 and a bomb goes off
(05:06):
, a nuke goes off, now yourplane, if they didn't have it
shielded, would be basicallybecoming a brick.
Now that's not a good thing.
So they've put things in placeto obviously fix those issues,
but all I can say is, if we havea nuke going off, we all have a
bad day.
Whether or not you're in anairplane or you're on the ground
doesn't really matter.
It's bad, real bad.
Question three A companyimplements a NAC solution that
(05:29):
quarantines endpoints that failsecurity checks.
Which of the following is aprimary benefit of this approach
?
Again, a company implements aNAC solution that quarantines
endpoints that fail securitychecks.
Which of the following is aprimary benefit of this approach
?
A the reduced risk of malwareinfections.
B the improved networkperformance.
(05:50):
C enhanced user experience or.
D simplified networkadministration.
Again, a company implements aNAC which is a primary benefit
of this approach?
And the answer is A reducedrisk of malware infections.
Again, by isolating oraffecting non-compliant devices,
the NAC will help preventspread of malware.
Obviously, because it puts itin a position where they can't
(06:10):
be used.
This is an automated typesolution.
It can be very, very valuable.
The downside, obviously, is ittakes some time to implement
this, but it could be veryhelpful, especially if you are a
targeted entity.
Question four which of thefollowing firewall rule sets
would be most effective inpreventing external access to
internal web servers whileallowing internal users access
to the internet A block allinbound traffic.
(06:31):
Allow all outbound traffic.
B block all outbound traffic.
Allow all inbound traffic.
C block all traffic, allowingspecific inbound and outbound
traffic.
Or D allow all traffic, blockspecific inbound and outbound
traffic.
Or D allow all traffic, blockspecific inbound and outbound
traffic.
And the answer would be A.
Now this could obviously godifferent ways, but the answer
is A block all inbound trafficand allow outbound traffic.
(06:53):
So the most effective way isagain, if you're wanting to stop
external access to an internalweb server, would be to block
all inbound traffic.
Now, that obviously probablyisn't the best solution for your
company, depending upon thesituation, but it is the most
effective because it willdefinitely limit people gaining
access to your internal webservers.
Question five a company isexperiencing a significant
(07:15):
increase in network traffic.
Which of the following networkdevices would most effectively
analyze network traffic patternsto identify potential threats
and anomalies.
Again, a significant increasein network traffic.
Which of the following deviceswould be most effective in
analyzing network trafficpatterns to identify potential
threats?
and anomalies A a hub, b aswitch, c a router or D an IDS
(07:39):
or intrusion detection system.
And yes, you guessed it, itwould be D, an IDS.
An IDS will do a deep packetinspection of all the traffic
coming in and out and it has theability to look for any sort of
malicious activities.
So an IDS of this questionwould be the right one to choose
.
Question six A company isimplementing a BYOD policy.
Which of the following securitymeasures is most critical for
(08:01):
ensuring security of companydata and employee-owned devices?
Again, they're doing BYOD.
Which of the following is mostcritical for ensuring security
of the company data andemployee-owned devices?
A device encryption, b remotewipe capability, c MDM software
or D all of the above.
Most critical would be all ofthe above.
(08:22):
Right, you want to have somelevel of access or protection in
on your BYOD Data encryption,remote wipe and MDM.
Those are all valid.
They might actually all bewrapped under the MDM software
itself, but they are animportant part if you're doing
any sort of BYOD within yourcompany.
Question seven which of thefollowing network topologies
offers the highest level offault tolerance?
(08:42):
A bus topology, c, b startopology, c mess topology or D
ring topology Not Lord of theRings, just the ring topology.
Which of the following networktopologies offers the highest
level of fault tolerance?
And the answer is C mesh rightMess technology.
Each device is connecteddirectly to multiple other
(09:03):
devices, so if something goesdown, you do have your best
level of redundancy related toyour devices and your network.
Question eight a company isexperiencing a slow network
performance on a specific VLANor virtual local area network.
Which of the following toolswould be most helpful in
identifying the source of theissue?
Again, you're having someperformance issues on your VLAN.
(09:26):
What would be the most helpfulin looking for the issue of the
source, the source issue?
Yeah, something like that.
English is not my firstlanguage.
I don't know what it isActually, it's probably baby
talk, all right.
A protocol analyzer, b networkscanner, c port scanner or D
vulnerability scanner?
And the answer would be A, aprotocol scanner.
(09:46):
This captures and analyzesnetwork traffic, allowing
administrators to identifyperformance bottlenecks and
network congestion.
The protocol analyzer will alsolook to make sure the protocols
are properly being utilized andyour connections, your
handshakes and all thosedifferent aspects are occurring
as they're expected.
Question nine a company isexperiencing a significant
increase in the number of denialof service attacks or DOSs.
(10:08):
Which of the following networkdevices would be most effective
in mitigating these attacks?
Okay, you have a denial ofservice attack.
Things are getting flooded.
What do you do?
A switch with VLAN segmentation.
B a firewall with intrusionprevention tech capabilities.
C a router with QoS or qualityof service QoS.
Or D a load balancer.
So if you're having a DDoSattack, which would be the most
(10:31):
effective in mitigating some ofthese attacks?
I mean, all of these probablyare a little bit squishy,
honestly, but the answer wouldbe B firewall with IPS
capabilities.
Now the IPS can set up to shuntor to block the DDoS type of
attacks and the firewall istypically right there on the
edge.
So it would be probably be yourbest solution.
I wouldn't even go with any ofthese.
I'd probably have a DDoSprotection capability that's out
(10:54):
in the cloud and that all yourtraffic is routed through.
But if you didn't have thatopportunity, a firewall with
some IPS or DDoS type ofmitigation techniques would be
probably your best choice inthese questions.
Question 10, a companyimplements a stateful firewall
and observes UDP packets arebeing dropped after a short
period of inactivity.
What is the most likely cause?
Okay, so we all know UDP isjust broadcast and it's being
(11:17):
dropped after a short period ofinactivity.
What does this mean?
A and it's being dropped aftera short period of inactivity.
What does this mean?
A incorrectly configured ACLsor access control lists.
B the firewall's timeout valuefor UDP sessions is too low.
C the firewall's SYN floodprotection is misconfigured.
Or?
D the firewall's implicit denyrule is blocking the packets
Again.
So we got a UDP packets, okay,broadcast, being dropped after a
(11:39):
short period of inactivity.
What would you think it wouldbe?
The answer is B right, thefirewall timeout value for UDP
sessions is too low.
So UDPs are connectionless, aswe all know.
So they're basically broadcastand these sessions are based on
your IP and your ports.
So if there's no activity in atimeout period, it drops them.
So your timeout is too low,it's dropping your packets.
(12:02):
So something to consider.
That's one way, one, one thing.
That could be the challenge.
Question 11 an organization isdeploying a network intrusion
prevention system I nips andwants to minimize the false
positives.
Which of the followingdeployment strategies is most
effective?
So your intrusion networkprevention system?
Which of these you want?
Don't have, don't want to havefalse positives, so which of
these is most effective?
(12:23):
A deploy the NIPS in a passivemonitoring mode.
B deploy the NIPS in line andstrict signature-based detection
.
C deploy the NIPS in line withanomaly-based detection and in a
tuning phase.
Or.
D deploy the NIPS out of bandand configure it to block all
traffic.
Okay, well, that one youdefinitely don't want to do,
right, because that would justyou just denied yourself any
(12:44):
sort of capability.
So that, yeah, that one, justthrow that one out, throw it out
, goodbye.
But the answer is C deploy theNIPS inline, anomaly-based
detection and a tuning phase.
Right.
So you need that anomaly-baseddetection kicked in, but you
also need to have some level oftuning allowing this system to
understand what's the baseline,what are the false positives.
It needs this capability, andso you want to deploy it inline,
(13:06):
but don't have any sort ofblocking capability set up.
You want it to start tuningitself and then you going in and
helping the situation.
Question 12, a company isimplementing a VPN solution for
remote access.
Yay, which of the followingprotocols provides the most
secure method for dataconfidentiality and integrity?
You're implementing VPN.
Which is the most secure methodfor data confidentiality and
(13:29):
integrity?
A PPTP and MPPE.
B SSL VPN with TLS 1.0.
C, ik, e version one, main mode, or D, l2tp with IPsec.
Okay, so if you don't know,you're like I don't know what
any of that acronym soup is.
What is that?
Well, so when you had to kindof have to know some of it, but
two TLS 1.0, you can throw thatone out right away.
(13:52):
Just throw it out, because it'sway beyond TLS 1.0 right now.
But you know that we've talkeda lot about in here about L2TP
and IPsec and IPsec, and both ofthose are very, very good for
what you're trying to accomplish.
Pptp and MPPE they have knownvulnerabilities as well, and so
those are ones that you mightwant to work.
If you don't know what IKEA is,well then you know what.
(14:13):
You can at least break it downto L2TP and IPsec.
So bottom line is L2TP providestunneling and IPSec provides a
strong encryption.
That's what goes over thetunnel.
So you know that for a fact.
So that would be your mostsecure method for securing
confidentiality and integrity.
Question 13.
A network administrator istroubleshooting slow network
performance and suspects abroadcast storm.
(14:36):
Which of the network deviceswould be most effective in
mitigating this issue?
A Hub B, a switch with VLANs.
C router with ACLs or D afirewall with an app, not an ant
, but an app.
A network address translationyes, too many, whatever those
are Acronyms.
Yes, ah, the networkadministrator is troubleshooting
(14:57):
a slow network performance andsuspect a broadcast storm.
Which network device would bemost effective in mitigating
this issue?
And the answer would be B aswitch with VLANs.
Right, so if you have a switchwith multiple VLANs, you can
have the segment has specificdomains, can have traffic to
specific groups, and you canswitch the VLANs to prevent the
broadcast storm from affectingthe entire network, so we
(15:18):
basically can shunt it off.
That's a great point.
Question 14, a company isimplementing a wireless network
and wants to ensure that thestrongest authentication and
encryption that it has.
That which standard will shouldthey use?
Okay, so a company's endingimplementing a wireless network
and wants to ensure thestrongest authentication
possible, what would they use?
A web B WPA 2 or 2, c WPA2 withpre-shared key, or D WPA3
(15:45):
Enterprise?
If you don't know, just pickthe biggest number right WPA3
Enterprise.
It does have strongerencryption, with 256 AES, and it
does require it.
Now, the one thing about it,though, is that it does require
a RADIUS server, which will giveyou some level of centralized
authentication.
Though, is that it does requirea RADIUS server which will give
you some level of centralizedauthentication.
But if you're going to want themost, again, the most strongest
(16:08):
standard, what would they use?
It would be WPA3 Enterprise.
Question 15.
A network security analyst isinvestigating a suspected
man-in-the-middle attack or MITMattack.
Which of the followingtechniques is most likely to be
used by the attacker A DNSspoofing, b SYN flooding, c ARP
poisoning or D the SMURF attack?
(16:30):
Again, you're dealing with aman-in-the-middle attack.
Which of the following is mostlikely to be used by the
attacker?
And the answer would be C ARPpoisoning.
So when you're dealing withARPs, that again it's your
address resolution protocol.
I'm pulling these things out ofmy cranium.
This is where you're dealingwith MAC addresses and IP
addresses, and so if you canspoof those right, then you can
obviously become a man in themiddle by giving them the.
(16:52):
If I had my computer, I'd giveyou my MAC address and then now
I'm part of the chain and it'sI'm good.
Life is golden.
But the art poisoning wouldprobably be the most likely way
that the attacker would try todo a man in the middle attack.
Okay, so that's all I have foryou today on the CISSP, cyber
training.
Again, if you want thesequestions, you want to get
access to all these questions,go to CISSP cyber training.
(17:14):
You can get access to all ofthis content.
Go, purchase the product itself.
It's amazing, you can get itand you know, know what?
You'll have access to all thesequestions immediately, as I'm
looking to roll out this newproduct.
Hopefully we'll see if it works.
Um, then you'll have access tothat as well.
So again, great time with youall today.
I hope you all are having abeautiful, blessed day today.
I really, truly do, and I willplan on catching you next week,
(17:37):
same time, same bat channel, uh,at cissp cyber training.
All right, we will catch youall.
Popular Podcasts
Las Culturistas with Matt Rogers and Bowen Yang
Ding dong! Join your culture consultants, Matt Rogers and Bowen Yang, on an unforgettable journey into the beating heart of CULTURE. Alongside sizzling special guests, they GET INTO the hottest pop-culture moments of the day and the formative cultural experiences that turned them into Culturistas. Produced by the Big Money Players Network and iHeartRadio.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com