15 Flashcards

1
Q

In computer security, a mechanism for safe execution of untested code or untrusted applications is referred to as:

A

Sandboxing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In active-active mode, load balancers distribute network traffic across:

A

All servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

In active-passive mode, load balancers distribute network traffic across:

A

Servers marked as active

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In a round-robin load balancing method, each consecutive request is handled by: (Select best answer)

A

Next server in a cluster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In a weighted round-robin load balancing method, each consecutive request is handled in a rotational fashion, but servers with higher specs are designated to process more workload.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An IP address that doesn’t correspond to any actual physical network interface is called a virtual IP address (VIP/VIPA).

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What type of IP address would be assigned to a software-based load balancer to handle an Internet site hosted on several web servers, each with its own private IP address?

A

Virtual IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the terms listed below refers to a method that ignores the load balancing algorithm by consistently passing requests from a given client to the same server?

A

Session affinity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain regardless of their physical location is known as:

A

VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following answers refers to network traffic within a data center, a.k.a. server-to-server traffic?

A

East-west

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A private network’s segment made available for a trusted third party is an example of:

A

Extranet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A type of private network for a corporation or organization accessible only to its employees or authorized members is referred to as:

A

Intranet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The term “Zero Trust” in the context of network security means that none of the devices operating within the boundaries of a given network can be trusted by default even if they were previously verified.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the answers listed below refers to a dedicated device for managing encrypted connections established over an untrusted network, such as the Internet?

A

VPN concentrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The term “Always-on VPN” refers to a type of persistent VPN connection the starts automatically as soon as the computer detects a network link.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the terms listed below describes a type of VPN that alleviates bottlenecks and conserves bandwidth by enabling utilization of both the VPN and public network links?

A

Split tunnel

17
Q

Which VPN type is used for connecting computers to a network? (Select all that apply)

A
  • Remote access
  • Client-to-site
18
Q

Which type of VPN enables connectivity between two networks?

A

Site-to-site

19
Q

Examples of protocols used for implementing secure VPN tunnels include: (Select all that apply)

A
  • IPsec
  • TLS
  • L2TP
20
Q

Which of the following answers refers to a deprecated method for implementing Virtual Private Networks (VPNs)?

A
  • PPTP
21
Q

An HTML5 VPN portal is an example of clientless VPN implementation where an HTML5-compliant web browser along with TLS encryption can be used instead of a dedicated VPN client software.

A

True

22
Q

Network Access Control (NAC) defines a set of rules enforced in a network that the clients attempting to access the network must comply with. With NAC, policies can be enforced before (pre-admission NAC) and/or after end-stations gain access to the network (post-admission NAC). NAC can be implemented with the use of agent software which can be installed on the client machine permanently (this type of software is referred to as permanent agent) or used only temporarily during checks (this type of software is known as dissolvable agent). Another implementation option is agentless NAC, where checks are performed remotely without the need for any client software agents. In agentless NAC, the client machine is checked by external security device with the use of either passive or active network discovery methods.

A

True

23
Q

In computer networking, the term “Out-of-band management” refers to a network device management technique that enables device access through a dedicated communication channel separate from the network where a given device operates. Managing access can be established either locally by installing an out-of-band management card on the device, or remotely by establishing a dedicated connection to the device with the use of a modem or console router.

A

True

24
Q

In the context of implementing secure network designs, the term “Port security” may apply to:

A
  • Disabling physical ports on a device (e.g. RJ-45 device ports on a router, switch, or patch panel)
  • Implementing MAC filtering
  • Disabling unused logical ports (TCP/UDP)
  • Implementing Port-based Network Access Control (defined in the IEEE 802.1X standard)
    All of the above
25
Q

Which of the following protocols provide protection against broadcast storms and switching loops? (Select 2 answers)

A
  • STP
  • RSTP