Dion Flashcards

1
Q

Internal network users aren’t able to access external site but external users can. Website responds to ping from internal network + resolves to proper public address. What is the fix while causing internal users to route to website using internal IP address?

A

Implement split-horizon / split-view DNS

Separate DNS servers provided for security + privacy management for internal + external networks

Logical / physical separation of DNS information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

UPS malfunctioning because internal battery has died. To replace the server has to be shut down while UPS is replaced. What would BEST increase server’s availability over UPS replacement?

A

Add redundant power supply to server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Maximum amount of data, as measured in time, that an organization is willing to lose during an outage

A

RPO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Network device used to separate broadcast domains

A

Router (Layer 3 switch)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Theoretical maximum rate of data transfer from source to destination in a given amount of time under ideal conditions

A

Bandwidth

Throughput is actual measure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Used by agent to send complete set of key-pair values about a significant event / condition that is occurring in real-time by providing full list of variables + values for a given device to a manager

A

Verbose trap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Implement to require the least amount of configuration for Internet access over guest network

A

Enable SSID broadcast for guest wireless network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Administrator can ping fiber uplink interface but none of the workstations plugged into switch are responding to ICMP requests. What should be done next?

A

Determine if link lights are lit for the ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Remediation strategies MOST effective in reducing risk to an embedded ICS from network-based compromise

A

Segmentation

Disabling unused services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Best solution to sanitize / destroy data while ensuring computers will still be usable

A

Wiping (overwriting data on disk)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Tool to measure resistance of coaxial cable

A

Multimeter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Most likely reason SSID is not being displayed

A

Broadcast is disabled on wireless router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Encryption type used by WPA to improve upon WEP

A

TKIP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SDN layer that focuses on resource requests or information about the network

A

Application layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Method to protect DMZ from ping sweeps trying to discover network resources

A

Block all ICMP traffic to + from DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What to implement to correct issue if network equipment has been restarting at the same time every day

A

UPS

Simultaneous restart likely due to power outage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

BEST recommendation to add to BCP

A

Build redundant links between core devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Keep cabling infrastructure out of sight but still accessible to administrators (cost not an issue)

A

Install raised floor for cabling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Condition that occurs when copper conductors on several wires being exposed + coming in contact with each other

A

Short

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What happens when convergence on a routed network occurs?

A

All routers learn the route to all connected networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Protocol to be familiar with to troubleshoot router using label switching and label edge routers to forward traffic

A

MPLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Metric that would be most useful to determine why VoIP service is not presenting consistent pace when traversing network

A

Jitter

Big problem with real-time applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Antenna type with low profile

A

Patch antenna

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Uses well-written set of carefully developed + tested scripts to orchestrate runbooks + generate consistent server builds across an enterprise

A

SDN

25
Q

Open-source remote access tools that allows users to connect to their desktop remotely, see what is on their screen + control is with their mouse + keyboard

A

Virtual network computing (VNC)

26
Q

Configure routers to advertise failed routes with addition of infinite metric to prevent routing loops

A

Route poisoning

27
Q

Telecommunication link used to provide high-speed internet over system of coaxial / HFC cables

A

DOCSIS (Cable)

28
Q

IEEE specification that describes the use of LACP

A

802.3ad

29
Q

Technologies used by captive portal to perform user redirection

A

HTTP redirect

ICMP redirect

DNS redirect

30
Q

Needs to be added to allow network management tool to interpret new device + control it using SNMP

A

MIB

31
Q

Type of network attack in which attacker is blocking cellular devices from connecting to Internet within a building but device connects again after moving a distance from the building

A

Frequency jamming

32
Q

On-path attack in which attacker redirects any layer 2 traffic destined for gateway to attacker’s computer first

A

ARP poisoning

33
Q

Device that can prevent network traffic with non-default port numbers from bypassing security policies

A

Application-aware firewall

34
Q

Network documentation that would include labels to indicate which cables are connected to which switchports on an edge switch

A

Wiring diagram

35
Q

Not useful against zero-day threat

A

Patching

36
Q

Command to determine if interface is currently connected using OSPF / EIGRP on network device

A

show route

37
Q

Helps identify switches connected to each port quickly

A

Enable discovery protocol on network devices

38
Q

Command to display statistics for given switchport on Cisco switch

A

show interface

39
Q

Device connected to switch unable to obtain IP address but link light shows healthy connection

A

DHCP scope exhausted

DHCP not correctly configured

40
Q

Capability to monitor all traffic entering + leaving network default gateway in addition to blocking certain content types before it leaves network based on operational priorities

A

Install NIPs on internal router interface

Install firewall on external router

41
Q

Protocol to establish secure + encrypted VPN tunnel initiated through web browser

A

TLS/SSL

42
Q

Used to allow 1 node to communicate with many other nodes (DMVPN connections)

A

mGRE

43
Q

Technologies for internet connection when TV is already installed

A

DOCSIS modem

44
Q

Test open-source VoIP system before investing in associated hardware + phones

A

Create virtual PFX

Connect it to SIP phone application

45
Q

SDN layer that determines how to route data packet

A

Control layer

46
Q

User ran bandwidth speed test from laptop + received 33.3 Mbps upload + 10.2 Mbps download. BEST interpretation of results

A

Laptop received data at 33.3 Mbps + sent data at 10.2 Mbps

47
Q

Tool to use to measure signal power as it transmits over fiber optic cable

A

Fiber light meter

48
Q

Quickest option to configure replacement device with secure configuration

A

Image

49
Q

Type of attack in which attacker configures their machine to report itself as switch when connected to wired network.

A

VLAN hopping

50
Q

Wireless technology to use to transmit data files from 1 system to another in direct P2P connection over 2 - 3 meters

A

Bluetooth (up to 10 m)

NFC (4 cm / less)

51
Q

Switchport state with LEAST desirable path placed by STP when switch has multiple paths to reach root bridge

A

Blocking

Indicates there is a better path to root bridge + switchport itself is not root / designated port

52
Q

Deep packet firewall dropping portions of packet flow as it enters / leaves network. Network configured to use HSRP to load balance network traffic. What causes firewall to drop packets?

A

Asymmetric routing

Network packets leave via 1 path + return via different path

53
Q

Cellular technology comprised of HSPA+ & EV-DO to provide higher data speeds than previous cellular data protocols

A

3G

54
Q

Routing prefixes assigned in blocks by IANA + distributed by RIR

A

Autonomous system number

55
Q

Issue that can be prevented by configuring split-horizon options on network devices

A

Routing loops

56
Q

48-port switch just rebooted + all clients are not attempting to obtain new DHCP address. What may begin to occur?

A

Broadcast storm

All 48 clients trying to receive DHCP assignment simultaneously

57
Q

Configured a new interface on a router but client workstations don’t receive addressing information from new interface. What needs added / changed to resolve issue?

A

IP helper

Enables single DHCP server to provide IP addresses regardless of broadcast domains

58
Q

Simple solution for adding a shared drive that easily integrates into existing network, easy to configure, share files with clients over TCP/IP

A

NAS

59
Q

Command to check if DHCP snooping has been configured on network interface

A

show config