Chapt 8 Flashcards
Your company hosts its own web server, and it allows consumers to make purchases via the server. The help line has been getting complaints that users are unable to access the website. You open the site from an internal workstation and it seems fine. What is the most likely cause?
A) The firewall is blocking TCP port 23.
B) The firewall is blocking TCP port 443.
C) The security module of the web server is malfunctioning.
D) The web server is down.
The firewall is blocking TCP port 443.
For secure transactions, the web server will be using HTTPS, which uses port 443. If the website works from an internal workstation, then the server is fine. It’s most likely that the firewall is blocking inbound traffic on port 443. Port 23 is Telnet.
Your manager wants you to install a networked Internet appliance that prevents network traffic–based attacks and includes antimalware and antispam software. What should you install?
Spam gateway, Load balancer, UTM, Proxy server
UTM.
It sounds like the manager wants a unified threat management (UTM) device. They are designed to be one‐stop network protection devices. Spam gateways help with spam email but not with other malware. A load balancer spreads work around to multiple servers. A proxy server fulfills requests for clients.
You are installing a file server for the accounting department. Where should this file server be located on the network?
A) Outside of the firewall
B) In the screened subnet
C) In the secure network
D) On the router
In the secure network.
If the data on the server does not need to be accessed via the Internet, then the server should be in the most secure place possible, which is inside the firewall(s) in the secure network.
You have been asked to identify the right type of cloud service to help the team of developers to provide programming elements such as runtime environments. Which service do you recommend?
PaaS, IaaS, SaaS, DaaS
PaaS.
Platform as a service (PaaS) is probably the right level of service for the developer team. It provides infrastructure, like IaaS, and also supplies needed programming elements. Infrastructure as a service doesn’t provide runtime environments; think of it as hardware. Software as a service provides apps and is too high a service for what’s needed here. There is no current DaaS on the exam objectives.
Which of the following are services that a print server should provide? (Choose two.)
A) Accepting print jobs from clients
B) Turning off printers on demand
C) Providing clients with the appropriate printer driver during installation
D) Notifying users when the print job is complete
A) Accepting print jobs from clients
C) Providing clients with the appropriate printer driver during installation.
Print servers should make printers available to clients and accept print jobs. They also process print jobs and manage print priorities. Finally, they provide client computers with the right print drivers when the clients attempt to install the printer. They do not turn printers off on demand or provide notification that a job has printed.
You are setting up a cloud contract with a provider. Your team needs the ability to quickly increase capacity to meet peak demands. What do you request?
Rapid elasticity, High availability, Resource pooling, Metered utilization
Rapid elasticity.
The ability to expand services quickly means rapid elasticity. High availability guarantees uptime for services. All cloud services use resource pooling. Metered utilization is how many suppliers track usage and charge accordingly.
Which type of server is responsible for preventing users from accessing websites with objectionable content?
Proxy, Web, DHCP, DNS
Proxy.
A proxy server can be configured to block access to websites that contain potentially dangerous or inflammatory material. Web servers host web pages, some of which may have objectionable content. DHCP servers provide clients with IP addresses, and DNS servers resolve hostnames to IP addresses.
Your company wants to move to a cloud provider to be able to scale resources quickly, but it is concerned about the security of confidential information. Which of the following types of cloud models might be the most appropriate for your company?
Public, Private, Community, Hybrid
Hybrid.
A hybrid cloud provides the best of public and private clouds. You get the scalability and cost effectiveness of a public cloud but also the security that you need for important files on the private portion of the cloud.
What does a DHCP server need to be configured with to operate properly?
DNS server, Scope, Range, DHCP relay agent
Scope.
Every DHCP server needs to have a scope, which is the range of addresses available to clients, as well as other options that it can give to client computers. A DHCP server can optionally provide clients with the address of a DNS server. There is no DHCP range. A DHCP relay agent is a system configured on a subnet with no DHCP server that relays DHCP requests to the DHCP server.
You have been asked to advise a group of several universities that want to combine research efforts and store data in the cloud. Which type of cloud solution might be best for them?
Public, Private, Community, Hybrid
Community.
When multiple organizations with similar objectives want to combine efforts in a cloud, the best choice is generally a community cloud. This allows for the flexibility and scalability normally found in a public cloud, but it also limits the number of users to a smaller, trusted group.
When configuring a DNS server, administrators must create which of the following?
Zone file, Hosts file, Scope file, DNS proxy
Zone file.
DNS server records are contained in the zone file, which must be configured by administrators. A hosts file is an alternative to using DNS (but that does not work well when scaling to the Internet). A scope is created on DHCP servers. There is no DNS proxy.
Your manager wants to use the cloud because everyone seems to be talking about it. What should you include when you are listing the benefits of using the cloud? (Choose all that apply.)
Increased security, Increased scalability, Lower cost, Improved reliability
Increased scalability, Lower cost, Improved reliability.
Cloud solutions are great for enhancing scalability and reliability while generally lowering costs. Security could be an issue with cloud computing, depending on your organization’s needs, because the resources aren’t locally controlled and managed.
You are configuring two email servers on your company’s network. Which network protocol do the servers use to transfer mail to each other?
POP3, IMAP4, SNMP, SMTP
SMTP.
Simple Mail Transfer Protocol (SMTP) is used to transfer (send) email between servers. POP3 and IMAP4 are used to download (receive) email. SNMP is Simple Network Management Protocol and not related to email.
You have been asked to configure a client-side virtualization solution with three guest OSs. Each one needs Internet access. How should you configure the solution in the most cost-effective way?
A) Three physical NICs
B) One physical NIC, three virtual NICs, and one virtual switch
C) One physical NIC, one virtual NIC, and three virtual switches
D) One physical NIC, three virtual NIC, and three virtual switches
B. Each virtual machine will use its own virtual NIC, so you need three virtual NICs. The virtual NICs will communicate with one virtual switch managed by the hypervisor. The virtual switch will communicate with one physical NIC on the host system.
You have five web servers that manage requests for online purchases. An administrator notices that one of the servers is always busy while another is idle, and the company is getting some online complaints about the slow website. Which of the following servers will help fix this?
DNS, DHCP, Proxy, Load balancer
Load balancer.
A load balancer can spread the work around to multiple servers. It accepts the inbound request and then sends it to the most appropriate web server. DNS resolves hostnames to IP addresses. DHCP provides IP configuration information. A proxy makes requests (usually outbound) on behalf of clients.
you have been asked to install Linux in a VM on a Windows 10 client. The Windows 10 client needs 4 GB of RAM, and Linux needs 2 GB of RAM. How much RAM does the system need at a minimum?
4 GB, 6 GB, 8 GB, Unable to determine from the question
6 GB.
There needs to be enough RAM to support both OSs, so the answer is 6 GB. More is better, though!
A computer using which of the following would be considered a legacy device? (Choose all that apply.)
A) A 386 processor
B) The IPX/SPX protocol
C) An application developed in 1983
D) 1 GB of RAM
A, B, C. Legacy systems are ones that use older hardware, software, or network protocols that are not commonly used today. A system with only 1 GB of RAM might be woefully underpowered, but that in and of itself does not make it a legacy system.
You have been asked to set up client-side virtualization on an office computer. The host OS is Windows 10, and there will be three Windows 10 guest OSs. Which of the following is true about the need for antivirus security?
A) The host OS needs an antivirus program, but virtual machines can’t be affected by viruses.
B) The host OS antivirus software will also protect the guest OSs on the VMs.
C) Installing antivirus software on the virtual switch will protect all guest OSs.
D) The host OS and each guest OS need their own antivirus software installed.
D. Each instance of the OS you are running requires its own security software.
You need to set up a temporary operating system environment to quickly test a piece of software your manager wants to install on the network. Which should you use?
AAA server, Sandbox, SCADA, Application virtualization
Sandbox.
A sandbox is a temporary operating system environment, kind of like a “lite” version of a virtual machine. It’s ideal for testing software such as this. An AAA server is for authentication, authorization, and accounting of security. SCADA is a legacy hardware and/or software environment used to control industrial systems. Application virtualization is used for legacy apps or cross‐platform virtualization.
You have been asked to set up client-side virtualization on a computer at work. The manager asks for a Type 2 hypervisor. What is the disadvantage of using that type of hypervisor?
A) The guest OS will compete for resources with the host OS.
B) The guest OS will be forced to a lower priortity with the CPU than the host OS.
C) The guest OS will be forced to use less RAM than the host OS.
D) The virtual guest OS will not be able to get on the physical network.
A.
A Type 2 hypervisor sits on top of an existing OS, meaning that OSs installed in VMs will compete for resources with the host OS. The amount of resources available to a guest OS can be configured. Virtual OSs can get on the physical network if configured properly.
a demilitarized zone [DMZ] is also called a ?
screened subnet = demilitarized zone [DMZ]
? servers resolve hostnames to IP addresses
DNS
Each DNS server has a database, called a _____, which maintains records of hostname to IP address mappings.
zone file
DHCP servers are configured with a _____, which contains the information that the server can provide to clients
scope
a ____ is a device primarily used for storage on a network
fileshare (or FileServer)
what is a configured range of available IP addresses on a DHCP (Dynamic Host Configuration Protocol) server called?
scope
DNS (domain name system) server records for IPv4 and IPv6 hosts are ___ and ____
A, AAAA (authentication, authorization, accounting and auditing)
DHCP (dynamic host configuration protocol uses ports _____ and _____
UDP 67 and UDP 68
a _____ server can block objectionable content from users
proxy
a RADIUS (Remote Authentication Dial-in User Service) server is an example of what type of server?
authentication
a device that combines firewall, IPS (intrusion prevention system) and anti malware software in one is called what ?
UTM (Unified Threat Management)
what is a name for a legacy system that manages industrial processes such as manufacturing or HVAC?
SCADA (supervisory control and data acquisition)
a ________ server receives print jobs and manages printers on a network
a server that manages and audits security on a network is a _____ server
AAA (authentication, authorization and accounting)
what type of server examines user credentials and grants them access to network resources?
authentication
mail servers use which protocol and port to transfer mail between themselves?
SMTP 25
what type of internet appliance helps spread out the work for web servers?
load balancer
