2.3-2.5 Flashcards
A new network configuration includes the ability to inspect packets at the application layer to identify potential threats. Which of the following choices uses the new configuration?
Load balancer
Content Filter
Proxy Server
NGFW
NGFW
A next generation firewall is capable of parsing application layer protocol headers and data, such as hypertext transfer protocol (HTTP), so that sophisticated, content-sensitive access control lists (ACL) can be developed.
A user remotely connects to a company firewall to gain network access while traveling. What purpose does a RADIUS server provide for the connection?
Proxy
VPN Concentrator
Load balancer
AAA
AAA
An authentication, authorization, and accounting (AAA) device provides object identification, relevant permissions, and then creates an audit trail. AAA can be deployed by using a RADIUS (Remote Authentication Dial-in User Service) server.
An engineer plans to configure a device as transparent, rather than nontransparent, at an organization. Which device does the engineer configure?
VPN concentrator
Proxy server
Content filter
Load balancer
Proxy server
A proxy server is used as a middle-man for Internet access. A transparent proxy is configured on an inline device, while a nontransparent proxy is configured on a client machine.
A user states that phone calls external to the organization do not work. The engineer tests a phone and can only make internal calls. Which component needs troubleshooting?
VoIP gateway
VoIP PBX
UTM appliance
AAA/RADIUS server
VoIP gateway
A Voice over Internet Protocol (VoIP) gateway is a component in a VoIP phone system. This gateway, which can be software or hardware, is used to interface with a traditional analog phone system.
The CIO asks an IT systems administrator to configure a passive threat management solution. IT utilizes which type of technology?
Multilayer switch
IDS
VPN concentrator
IPS
IDS
An Intrusion Detection System (IDS) is a system that scans, audits, and monitors the security infrastructure for signs of attacks in progress. An IDS uses a passive approach to threat management.
A vendor visits an organization to demo a network management device. As part of the hands-on demonstration, an IT engineer can see and manage an extended service set (ESS) on the network. Based on the engineer’s experience with the device, what is the vendor demonstrating?
Wireless controller
Multilayer switch
RADIUS server
UTM appliance
Wireless controller
A wireless controller is a hardware device or software application which can centralize the management function of a wireless network. An extended service set is defined in a wireless network.
At the request of management, a senior server engineer deploys a proxy server for all users in the organization. The proxy provides many benefits for a uniform user experience and for IT management. Of the choices, which statements describe features the proxy provides? (Select two)
Content filtering
Load balancing
VPN access
Caching of web content
Most web proxy servers provide caching engines, which retain frequently requested web pages, negating the need to re-fetch those pages for subsequent requests.
Caching of web content
Content filtering
A network engineer configures a secondary wide area network (WAN) interface on a firewall for a large company. With the new configuration, each WAN interface will now handle specific network traffic. Evaluate the new configuration and determine its purpose.
Load balancer
RADIUS server
Content filter
Proxy server
Load balancer
A load balancer can switch traffic to alternative nodes, reduce bottlenecks, and allow for failover services. In this case, certain traffic is being redirected to take advantage of available bandwidth.
A systems administrator deploys a proxy server for an organization. The administrator chooses to use a transparent approach to the configuration. Considering how the systems administrator deploys the proxy server, what does this configuration type utilize?
Client port configuration
Inline network appliance
Content filtering
Web content caching
Inline network appliance
A transparent proxy intercepts client traffic without the client being configured. A transparent proxy must be implemented on a switch or router or other inline network appliance.
A company’s sales team functions as a completely remote workforce. To support the team, IT implements a solution for access to internal company files and assets. Which two technologies does the IT department implement to provide this access? (Select two)
UTM appliance
VPN concentrator
RADIUS server
Proxy server
VPN concentrator
RADIUS server
When Virtual Private Network (VPN) access is part of a dedicated appliance it is known as a VPN concentrator. For example, a firewall can be used as a VPN connection point that authenticates users via a Remote Authentication Dial-in User Service (RADIUS) server.
Remote Authentication Dial-in User Service (RADIUS) is a standard protocol that can be used to manage a remote access authentication infrastructure.
A company uses multiple internet providers to maintain a reliable network. The wide area network (WAN) interfaces on a firewall handles the traffic with policies. Considering the approach to Internet access, what does this company utilize?
Content filter
Proxy server
Load balancer
RADIUS server
Load balancer
A load balancer can switch traffic to alternative nodes, reduce bottlenecks, and allow for failover services. In this case, certain traffic is being redirected to take advantage of available bandwidth.
An IT engineer implements a SonicWall firewall and a Windows server for connectivity and authentication purposes. Which of the following roles does the IT engineer configure for this implementation? (Select two)
Proxy server
VPN concentrator
RADIUS server
UTM appliance
VPN concentrator
RADIUS server
When Virtual Private Network (VPN) access is part of a dedicated appliance it is known as a VPN concentrator. For example, a firewall can be used as a VPN connection point that authenticates users via a Remote Authentication Dial-in User Service (RADIUS) server.
Remote Authentication Dial-in User Service (RADIUS) is a standard protocol that can be used to manage a remote access, authentication, and infrastructure.
In a virtualized environment, guest machines can communicate with physical systems, even with those on a different subnet. The guests, however, cannot communicate with wireless printers. Which configuration is causing the issue?
Virtual NIC
Virtual router
Virtual switch
Virtual firewall
Virtual firewall
A virtual firewall can deploy in kernel or hypervisor mode. A firewall can block communications based on ports and other criteria. The firewall should be checked to ensure communication is not blocked.
A network implementation experiences a severe bottleneck. IT personnel suggest implementing which technology to allow increased data throughput?
Virtual switch
Jumbo frame
InfiniBand
iSCSI
Jumbo frame
A jumbo frame is a frame that supports a data payload of up to 9,000 bytes and is used to overcome limits of 1,500 bytes. This in turn reduces the number of transmitted frames.
A shared storage solution uses a file-level method for data storage and sharing. Which solution is in place?
NAS
InfiniBand
FCoE
SAN
NAS
A Network Attached Storage (NAS) appliance is a hard drive, (or RAID array— redundant array of independent/inexpensive disks) that provides file-level network access via various file sharing protocols, such as NFS (network file system).
Users at a company complain to IT about slow network speeds. An engineer determines that traffic is overwhelming a network switch. After some research, the engineer looks to implement which of the following solutions to remedy the issue.
InfiniBand
Hypervisor
Jumbo frame
iSCSI
Jumbo frame
A jumbo frame is a frame that supports a data payload of up to 9,000 bytes and is used to overcome limits of 1,500 bytes. This reduces the number of transmitted frames on a network. Fewer frames means less processing a switch needs to do.
A systems administrator configures a new network storage device. The administrator discovers that an intended host system does not have a host channel adapter (HCA). The project is on hold as there are no budget funds left to purchase the adapter. Based on the requirements of the implementation, the administrator plans to use which technology?
Jumbo frame
InfiniBand
iSCSI
Hypervisor
InfiniBand
InfiniBand is a high-speed switching fabric used in storage area networks (SAN) and data center networks. It uses Host Channel Adapters (HCA) and Target Channel Adapters (TCA).
An engineer determines that a network switch is currently overwhelmed. Of the choices, which technology can improve the switch’s performance?
Jumbo frame
InfiniBand
FCOE
Hypervisor
Jumbo frame
A jumbo frame is a frame that supports a data payload of up to 9,000 bytes and is used to overcome limits of 1,500 bytes. This, in turn, reduces the number of transmitted frames.
A guest operating system is not able to access a switch in a virtualized environment. What does a technician need to configure for a successful connection?
Virtual firewall
Virtual router
Virtual NIC
Hypervisor
Virtual NIC
In a virtual machine (VM), a virtual network interface (NIC) is a software-based representation of a network adapter that functions and is configurable in the same way as a physical network adapter.
A systems administrator moves a database from an old server to a new device that uses a host bus adapter (HBA) for connectivity to the network. The administrator places the device on the network, hoping for much better performance and quicker access for clients. With the implementation in mind, what has the administrator deployed for users?
Hypervisor
InfiniBand
NAS
SAN
SAN
In a storage area network (SAN), shared access is provided to clients at block level. A SAN uses an initiator (a host bus adapter) in the storage device.
IT adds a new storage device to the network. The purpose of the device is to house all user shares, which are accessible by clients via the network file system (NFS) protocol. Consider the properties and features of the following choices and determine which type of storage device the network is using.
SAN
NAS
FCoE
Fibre Channel
NAS
A Network Attached Storage (NAS) appliance is a hard drive, (or RAID array— redundant array of independent/inexpensive disks) with a cut-down server board that provides network access via various file sharing protocols, such asNFS (network file system).
A new virtual environment in an organization is not functioning properly. Engineers conclude that a virtual switch is corrupt. Evaluate the function choices and determine which function the misconfigured switch is directly impacting.
Access to different subnets
Subnet content filtering
Dynamic address assignment
Subnet host communication
Subnet host communication
In a virtual environment, a software-based switch functions as a layer 2 physical switch. A switch is required for hosts within a subnet to communicate with one another.
A company uses a network-based storage device for file shares. The implementation of the device uses an Internet protocol (IP) tunneling protocol and standard ethernet network adapters. Based on these technology features, which of the following provides connectivity to the device?
Jumbo frame
InfiBand
Fibre Channel
iSCSI
iSCSI
Allows computers to access networked hard drives and access the files as though the harddrive was physically connected to the PC. The OS doesn’t distinguish between physical connected drives and drives connected via iSCSI.
A company retires a network connection that utilizes cell switching technology and individual connections called virtual channels. Based on the provided characteristics, the company discontinues using which of the following technologies?
ISDN
ATM
Frame RElay
PPPoE
ATM
Asynchronous Transfer Mode (ATM) is a transport mechanism using cell switching technology. An ATM switch makes virtual connections with other switches to provide a data path from endpoint to endpoint.
Internet access options for a small remote office are not robust. At minimum, IT looks for an “always on” connection. Which options are appropriate for this solution? (Select two)
PPoE
ISDN
DSL
ATM
PPoE
DSL
Digital subscriber line (DSL) transfers data over voice-grade telephone lines. DSL uses the higher frequencies available in a copper telephone line as a communications channel.
When a broadband service connects to an ISP, the service will often use Ethernet as the Data Link protocol. Point-to-Point Protocol over Ethernet (PPPoE) is simply a means of creating PPP connections over an Ethernet link.
A leased line experiences performance issues. The telco perfoms a self-test to check for issues with the line. Which component allows for self-testing?
Demarcation point
Copper
CSU/DSU
Smart Jack
Smart jack
A T1 line is usually terminated at a smart jack or Network Interface Unit (NIU) which contains line testing facilities (loopback) for the telco to use. This allows the service provider to test the line remotely.
An IT engineer cleans a network rack and removes unused equipment. The engineer finds an old device used with a leased line install. Which device did the engineer find and remove as its functionality is obsolete?
PRI
SIP trunk
CSU/DSU
MPLS
CSU/DSU
Digital leased lines use devices called Channel Service Units (CSUs) or Data Service Units (DSUs), instead of traditional modems that are used for analog systems/lines.
A new company renovates an older office space. Part of the renovation includes replacing all data cabling, such as exchanging RG-59 cable with RG-6 cable. Considering the purpose of these cable types, which service benefits from the replacement?
DSL
Metropoiltan Ethernet
ATM
Cable broadband
Cable broadband
Coaxial cables are categorized using the radio grade (RG) standard. RG-6 and RG-59 are commonly used in cable access tv and broadband cable modems. (probably need to know all the RG cable standards)
A company implements a network connection that utilizes cell switching technology and individual connections called virtual channels. The connection will handle both voice and video. Based on the provided characteristics, which technology does the company implement?
Frame Relay
ATM
ISDN
PPPoE
ATM
Asynchronous Transfer Mode (ATM) is a transport mechanism using cell switching technology. An ATM switch makes virtual connections with other switches to provide a data path from endpoint to endpoint.
An engineer configures constraint-based routing by using congestion and quality of service settings. Considering this approach, which technology is the engineer working with?
MPLS
PPP
DMVPN
PPoE
MPLS
Multiprotocol Label Switching (MPLS) was developed by Cisco from ATM, as a means of providing traffic engineering, Class of Service (CoS), and Quality of Service (QoS), within a packet-switched network, rather than a circuit-switched network.
A company reports that phones are not working. What is likely causing the problem?
Dial-up
PPP
PPoE
SIP Trunk
SIP trunk
A Session Initiation Protocol (SIP) service from a provider identifies the use of the Internet access channel for voice. It is not uncommon for a SIP trunk to be down.
An organization has a location with limited Internet access options. Which option allows for on-demand connectivity?
DSL
PPP
ISDN
PRI
ISDN
The integrated services digital network (ISDN) is a fully digital version of the local loop. ISDN is a digital circuit switched technology for voice, video, and data. ISDN connections are made as needed.
A company is cleaning their facility and discarding anything considered unusable. An employee finds a spool of RG-59 cable. IT informs the employee that the cable is outdated. Determine the type of technology used with the cable.
Metropolitan Ethernet
PRI
Cable broadband
Dial-up
Cable broadband
A cable broadband Internet connection is usually available along with Cable Access TV (CATV). This type of service uses coaxial cable (RG-6 or RG-59).
An organization plans to move a data closet from one end of a building to another. As a result, IT rewires certain areas of the building. In doing so, IT uses RG-6 cabling. Considering cable types and functionality, which solution should use RG-6?
ATM
DSL
Cable broadband
Metropolitan Ethernet
Cable broadband
Coaxial cables are categorized using the radio grade (RG) standard. RG-6 and RG-59 are commonly used in cable access tv and broadband cable modems.
A technician installs a cable modem for business grade internet access at a small remote office. Connecting the modem requires using RG rated cabling. Evaluate the media options. Which type satisfies the requirement for connecting the modem?
FIber
DSL
Twisted pair
Coaxial
Coaxial
Coaxial cables are categorized using the radio grade (RG) standard. The categories do not prescribe the quality of coax cabling, but categorize it by the thickness of the core conductor and the cable’s characteristic impedance. RG-6 and RG-59 are commonly used in cable access tv and broadband cable modems.
An engineer runs RG-6 cable through a crawl space. Which type of service does this type of cabling support?
PPP
Cable broadband
PPPoE
Dial-up
Cable broadband
A cable broadband Internet connection is usually available along with Cable Access TV (CATV). This type of service uses coaxial cable (RG-6 or RG-59).
What is Frame Relay speed
56kbps-1.544 MBps
What is T1 speed
1.544 MBPS
What is T3 speed
44.736 MBPS
What is E1 speed
2.08 mbps
What is E3 speed
34.4 mbps
What is ATM speed
155 mbps - 622 mbps
What is SONET speed
51.84 Mbps - 159.25 Gbps