Domain 1.2 Compare and contrast networking appliances, applications, and functions.

Question 1

Question: Which networking appliance is used to connect multiple devices within the same network and forward frames based on MAC addresses?
Answer Options:
A. Router
B. Switch
C. Firewall
D. Access Point

Answer 1

Correct Answer + Explanation:
Switches connect devices within the same network and forward frames based on MAC addresses stored in the MAC address table.
Practical Use:
Switches are used in LAN environments to connect PCs, printers, and other devices.
Why Others Are Incorrect:
A: Routers forward packets between networks based on IP addresses.
C: Firewalls control traffic flow based on security policies.
D: Access points provide wireless connectivity.
Exam Objective Reference:
Domain 1.2: Networking Appliances - Switch.
Follow-Up:
What is the difference between managed and unmanaged switches?

Question 2

Question: What is the primary function of a router in a network?
Answer Options:
A. Forwarding frames within the same network
B. Routing packets between different networks
C. Filtering traffic based on MAC addresses
D. Extending wireless network coverage

Answer 2

Correct Answer + Explanation:
Routers route packets between different networks using IP addresses and determine the best path for data.
Practical Use:
Routers are used to connect LANs to the internet or other LANs.
Why Others Are Incorrect:
A: Forwarding frames is a switch function.
C: Filtering traffic by MAC addresses is done by switches or firewalls.
D: Wireless access points extend wireless coverage.
Exam Objective Reference:
Domain 1.2: Networking Appliances - Router.
Follow-Up:
How does a router differ from a Layer 3 switch?

Question 3

Question: Which networking appliance combines routing, switching, and firewall features in a single device?
Answer Options:
A. Access Point
B. Unified Threat Management (UTM) Device
C. Load Balancer
D. Intrusion Prevention System (IPS)

Answer 3

Correct Answer + Explanation:
Unified Threat Management (UTM) devices combine routing, switching, firewall, and security features into a single solution.
Practical Use:
UTM devices are common in small to medium-sized businesses for simplified network management.
Why Others Are Incorrect:
A: Access points provide wireless connectivity.
C: Load balancers distribute traffic across servers.
D: IPS detects and prevents security threats.
Exam Objective Reference:
Domain 1.2: Networking Appliances - UTM.
Follow-Up:
What are the advantages of using a UTM over individual appliances?

Question 4

Question: What is the primary role of a load balancer in a network?
Answer Options:
A. Distributing traffic across multiple servers
B. Providing wireless connectivity
C. Monitoring network activity
D. Filtering incoming and outgoing traffic

Answer 4

Correct Answer + Explanation:
Load balancers distribute traffic across multiple servers to ensure high availability and performance.
Practical Use:
Load balancers are used in web hosting to handle user requests efficiently.
Why Others Are Incorrect:
B: Wireless connectivity is provided by access points.
C: Monitoring is typically done by network monitoring tools.
D: Filtering traffic is a firewall’s function.
Exam Objective Reference:
Domain 1.2: Networking Applications - Load Balancer.
Follow-Up:
What is the difference between Layer 4 and Layer 7 load balancers?

Question 5

Question: Which appliance is designed to detect and respond to security threats in real time?
Answer Options:
A. Switch
B. Router
C. Intrusion Prevention System (IPS)
D. Load Balancer

Answer 5

Correct Answer + Explanation:
An Intrusion Prevention System (IPS) detects and prevents security threats by analyzing network traffic.
Practical Use:
IPS devices block malicious traffic, such as SQL injection or DDoS attacks.
Why Others Are Incorrect:
A: Switches forward frames within the same network.
B: Routers route packets between networks.
D: Load balancers distribute traffic, not security threats.
Exam Objective Reference:
Domain 1.2: Networking Appliances - IPS.
Follow-Up:
How does an IPS differ from an IDS?

Question 6

Question: Which appliance is used to store and share files within a network?
Answer Options:
A. Firewall
B. Network-Attached Storage (NAS)
C. Load Balancer
D. Router

Answer 6

Correct Answer + Explanation:
Network-Attached Storage (NAS) provides a centralized location for file storage and sharing over a network.
Practical Use:
NAS devices are used in both home and business networks for efficient data storage.
Why Others Are Incorrect:
A: Firewalls filter traffic for security purposes.
C: Load balancers manage server traffic.
D: Routers connect different networks.
Exam Objective Reference:
Domain 1.2: Networking Applications - NAS.
Follow-Up:
What is the difference between NAS and SAN?

Question 7

Question: What is the primary function of a proxy server in a network?
Answer Options:
A. Monitor network traffic
B. Act as an intermediary for client requests
C. Securely connect remote users
D. Balance traffic between servers

Answer 7

Correct Answer + Explanation:
A proxy server acts as an intermediary between clients and servers, often providing anonymity or caching content.
Practical Use:
Proxy servers are used to filter internet traffic or cache frequently accessed websites.
Why Others Are Incorrect:
A: Monitoring traffic is done by network monitoring tools.
C: Secure connections are established via VPNs.
D: Load balancers manage server traffic.
Exam Objective Reference:
Domain 1.2: Networking Applications - Proxy Server.
Follow-Up:
What are the benefits of using a proxy server for web browsing?

Question 8

Question: Which function prioritizes certain types of network traffic to ensure optimal performance?
Answer Options:
A. Load Balancing
B. Quality of Service (QoS)
C. Virtual Private Network (VPN)
D. Intrusion Detection System (IDS)

Answer 8

Correct Answer + Explanation:
Quality of Service (QoS) prioritizes network traffic to ensure that critical applications, such as VoIP, have the necessary bandwidth.
Practical Use:
QoS is often used in environments requiring low-latency communication, like video conferencing.
Why Others Are Incorrect:
A: Load balancing distributes traffic across servers.
C: VPN provides secure remote access.
D: IDS detects but does not prioritize traffic.
Exam Objective Reference:
Domain 1.2: Networking Functions - QoS.
Follow-Up:
How is QoS configured on modern network devices?

Question 9

Question: Which networking appliance provides wireless connectivity to devices in a network?
Answer Options:
A. Switch
B. Access Point (AP)
C. Firewall
D. Load Balancer

Answer 9

Correct Answer + Explanation:
Access Points (APs) provide wireless connectivity to devices, enabling them to connect to the network wirelessly.
Practical Use:
APs are used in home, office, and public networks to extend wireless access.
Why Others Are Incorrect:
A: Switches handle wired connectivity.
C: Firewalls filter traffic.
D: Load balancers manage server traffic.
Exam Objective Reference:
Domain 1.2: Networking Appliances - Access Point.
Follow-Up:
What is the difference between autonomous and lightweight access points?

Question 10

Question: What is the role of a firewall in a network?
Answer Options:
A. Monitor bandwidth usage
B. Securely filter incoming and outgoing traffic
C. Extend network coverage
D. Store and share files

Answer 10

Correct Answer + Explanation:
A firewall filters incoming and outgoing traffic based on predefined security rules, protecting the network from unauthorized access.
Practical Use:
Firewalls prevent unauthorized access and can block malicious traffic.
Why Others Are Incorrect:
A: Bandwidth monitoring is done by network monitoring tools.
C: Extending coverage is done by access points.
D: File storage is provided by NAS or SAN devices.
Exam Objective Reference:
Domain 1.2: Networking Appliances - Firewall.
Follow-Up:
What are the differences between hardware and software firewalls?

Question 11

Question: In a high-traffic environment, a network administrator deploys a load balancer to improve performance. Which layer(s) of the OSI model can load balancers operate on?
Answer Options:
A. Layer 2 and Layer 3
B. Layer 3 and Layer 4
C. Layer 4 and Layer 7
D. Layer 5 and Layer 6

Answer 11

Correct Answer + Explanation:
Load balancers operate at Layer 4 (Transport) and Layer 7 (Application). At Layer 4, they manage traffic based on ports and protocols, while at Layer 7, they handle traffic based on application data.
Practical Use:
For example, a Layer 7 load balancer can route HTTP traffic to specific web servers based on URL paths.
Why Others Are Incorrect:
A: Layer 2 focuses on frame switching.
B: Layer 3 involves IP routing but lacks transport-level capabilities.
D: Layers 5 and 6 do not handle traffic distribution.
Exam Objective Reference:
Domain 1.2: Networking Applications - Load Balancer.
Follow-Up:
What are the advantages of using a Layer 7 load balancer over Layer 4?

Question 12

Question: A company wants to secure its internal web servers from external threats while allowing public access. Which appliance should be deployed to achieve this?
Answer Options:
A. Firewall
B. Proxy Server
C. Router
D. Load Balancer

Answer 12

Correct Answer + Explanation:
A firewall should be deployed to filter incoming and outgoing traffic based on predefined security rules, protecting internal web servers.
Practical Use:
A firewall can block unauthorized traffic while permitting public HTTP/HTTPS traffic to the servers.
Why Others Are Incorrect:
B: Proxy servers handle client requests but do not directly secure servers.
C: Routers forward packets but do not enforce security rules.
D: Load balancers distribute traffic, not secure it.
Exam Objective Reference:
Domain 1.2: Networking Appliances - Firewall.
Follow-Up:
What is the difference between stateful and stateless firewalls?

Question 13

Question: A network technician installs a Unified Threat Management (UTM) device. Which of the following functions is NOT typically included in a UTM appliance?
Answer Options:
A. Antivirus scanning
B. Email filtering
C. Wireless signal extension
D. Intrusion detection

Answer 13

Correct Answer + Explanation:
Wireless signal extension is not a typical UTM function. UTMs focus on security features such as antivirus scanning, email filtering, and intrusion detection/prevention.
Practical Use:
UTMs consolidate multiple security functions into one device, simplifying network management.
Why Others Are Incorrect:
A: Antivirus scanning is a standard UTM feature.
B: UTMs often include email filtering capabilities.
D: Intrusion detection is part of UTM security.
Exam Objective Reference:
Domain 1.2: Networking Appliances - UTM.
Follow-Up:
What are the benefits of using a UTM in small to medium-sized businesses?

Question 14

Question: A proxy server is configured in a corporate network. Which of the following is NOT a common use case for a proxy server?
Answer Options:
A. Caching frequently accessed web content
B. Filtering web requests based on content type
C. Extending wireless signal range
D. Anonymizing user requests

Answer 14

Correct Answer + Explanation:
Extending wireless signal range is not a function of a proxy server. Proxy servers are used for caching, filtering, and anonymizing traffic.
Practical Use:
Proxies improve performance by caching and enhance security by filtering requests.
Why Others Are Incorrect:
A: Caching reduces bandwidth usage and speeds up content delivery.
B: Filtering enhances network security and compliance.
D: Anonymizing helps protect user identities.
Exam Objective Reference:
Domain 1.2: Networking Applications - Proxy Server.
Follow-Up:
What are the differences between forward and reverse proxies?

Question 15

Question: Which networking appliance is most suitable for protecting against MAC flooding attacks?
Answer Options:
A. Router
B. Switch with port security enabled
C. Firewall
D. Access Point

Answer 15

Correct Answer + Explanation:
A switch with port security enabled is most suitable for mitigating MAC flooding attacks by limiting the number of MAC addresses allowed per port.
Practical Use:
Enabling port security prevents malicious users from overwhelming the MAC address table of a switch.
Why Others Are Incorrect:
A: Routers do not mitigate MAC-based attacks.
C: Firewalls focus on IP traffic, not MAC-level threats.
D: Access points provide wireless connectivity.
Exam Objective Reference:
Domain 1.2: Networking Appliances - Switch.
Follow-Up:
What additional steps can be taken to secure a switch against MAC flooding?

Question 16

Question: Which networking function allows remote users to securely access an organization’s internal resources?
Answer Options:
A. Quality of Service (QoS)
B. Virtual Private Network (VPN)
C. Load Balancer
D. Intrusion Prevention System (IPS)

Answer 16

Correct Answer + Explanation:
A Virtual Private Network (VPN) provides secure remote access by encrypting data between the user and the internal network.
Practical Use:
Remote employees use VPNs to securely access company files and applications.
Why Others Are Incorrect:
A: QoS prioritizes traffic but does not provide secure access.
C: Load balancers manage traffic distribution.
D: IPS focuses on detecting and preventing intrusions.
Exam Objective Reference:
Domain 1.2: Networking Functions - VPN.
Follow-Up:
What is the difference between site-to-site VPNs and client-to-site VPNs?

Question 17

Question: A small business installs a NAS device. Which protocol would most likely be used to enable file sharing on the NAS?
Answer Options:
A. SMB
B. RDP
C. HTTP
D. SNMP

Answer 17

Correct Answer + Explanation:
SMB (Server Message Block) is commonly used for file sharing on NAS devices, enabling users to access shared files over a network.
Practical Use:
NAS devices often use SMB for seamless file sharing between Windows devices.
Why Others Are Incorrect:
B: RDP is for remote desktop access.
C: HTTP is for web communication, not file sharing.
D: SNMP is used for network monitoring, not file sharing.
Exam Objective Reference:
Domain 1.2: Networking Applications - NAS.
Follow-Up:
What are alternative protocols for file sharing on NAS devices?

Question 18

Question: A network administrator deploys an IDS solution. What is the primary limitation of an IDS compared to an IPS?
Answer Options:
A. IDS cannot detect threats
B. IDS does not actively prevent attacks
C. IDS only works on wireless networks
D. IDS cannot analyze traffic logs

Answer 18

Correct Answer + Explanation:
An IDS (Intrusion Detection System) does not actively prevent attacks; it only detects and alerts administrators to potential threats.
Practical Use:
IDS solutions are ideal for monitoring traffic without impacting performance.
Why Others Are Incorrect:
A: IDS can detect threats.
C: IDS works on both wired and wireless networks.
D: IDS can analyze traffic logs.
Exam Objective Reference:
Domain 1.2: Networking Applications - IDS.
Follow-Up:
What scenarios might warrant the use of an IDS over an IPS?

Question 19

Question: Which appliance improves network performance by reducing redundant data transmission to the same destination?
Answer Options:
A. Proxy Server
B. Content Delivery Network (CDN)
C. Firewall
D. Switch

Answer 19

Correct Answer + Explanation:
A Content Delivery Network (CDN) improves performance by caching data closer to the user, reducing redundant data transmission.
Practical Use:
CDNs are widely used for faster delivery of web content like videos and images.
Why Others Are Incorrect:
A: Proxy servers cache data but lack the global optimization of CDNs.
C: Firewalls secure traffic but don’t optimize delivery.
D: Switches forward frames but don’t cache content.
Exam Objective Reference:
Domain 1.2: Networking Applications - CDN.
Follow-Up:
How do CDNs handle content updates across distributed locations?

Question 20

Question: A network administrator configures VLANs on a switch. What is the primary function of VLANs in a network?
Answer Options:
A. Extend wireless range
B. Securely segment network traffic
C. Balance traffic across servers
D. Detect and prevent intrusions

Answer 20

Correct Answer + Explanation:
VLANs are used to securely segment network traffic, isolating devices into different broadcast domains.
Practical Use:
VLANs are commonly used to separate guest traffic from internal network traffic.
Why Others Are Incorrect:
A: Wireless range extension is done by access points.
C: Traffic balancing is handled by load balancers.
D: Intrusion detection/prevention is done by IDS/IPS.
Exam Objective Reference:
Domain 1.2: Networking Functions - VLAN.
Follow-Up:
What protocols are used to manage VLAN tagging?

Question 21

Question: A company deploys a Layer 7 load balancer for its web servers. What additional functionality does this provide over a Layer 4 load balancer?
Answer Options:
A. Packet-level distribution based on IP addresses
B. Routing traffic based on URLs, cookies, or HTTP headers
C. Faster performance due to minimal inspection
D. Prioritizing traffic based on QoS policies

Answer 21

Correct Answer + Explanation:
Layer 7 load balancers can route traffic based on URLs, cookies, or HTTP headers, enabling application-specific routing decisions.
Practical Use:
Layer 7 load balancers optimize traffic distribution for web applications by directing users to specific content servers.
Why Others Are Incorrect:
A: Layer 4 operates at the packet level using IP addresses and ports.
C: Layer 7 incurs more processing overhead due to deep packet inspection.
D: QoS is typically managed at the Transport layer, not by load balancers.
Exam Objective Reference:
Domain 1.2: Networking Applications - Load Balancer.
Follow-Up:
How can SSL termination improve Layer 7 load balancer performance?

Question 22

Question: An enterprise deploys an IPS to protect its network. Which configuration ensures maximum protection while minimizing disruption to legitimate traffic?
Answer Options:
A. Detection-only mode
B. Inline blocking with strict policies
C. Inline blocking with custom policies tuned for the environment
D. Using an IDS instead of an IPS

Answer 22

Correct Answer + Explanation:
Inline blocking with custom policies tuned for the environment ensures maximum protection while reducing false positives and maintaining legitimate traffic flow.
Practical Use:
Tuning IPS rules reduces false positives and optimizes threat detection for specific network conditions.
Why Others Are Incorrect:
A: Detection-only mode does not block malicious traffic.
B: Strict policies may cause false positives and disrupt legitimate traffic.
D: An IDS cannot block threats; it only detects them.
Exam Objective Reference:
Domain 1.2: Networking Appliances - IPS.
Follow-Up:
What tools can assist in tuning IPS rules for high-traffic environments?

Question 23

Question: A business uses a CDN to distribute website content globally. What mechanism allows the CDN to ensure users are routed to the nearest server?
Answer Options:
A. DNS resolution with geolocation-based routing
B. Round-robin DNS
C. Proxy caching
D. Load balancing at Layer 3

Answer 23

Correct Answer + Explanation:
DNS resolution with geolocation-based routing ensures users are directed to the nearest CDN server, reducing latency and improving performance.
Practical Use:
CDNs like Cloudflare use this method to serve content quickly to users based on their geographical location.
Why Others Are Incorrect:
B: Round-robin DNS doesn’t consider geographic proximity.
C: Proxy caching doesn’t actively route users to specific servers.
D: Layer 3 load balancing focuses on routing, not geolocation.
Exam Objective Reference:
Domain 1.2: Networking Applications - CDN.
Follow-Up:
How does a CDN handle content synchronization across distributed servers?

Question 24

Question: A proxy server is configured to prevent employees from accessing social media websites during work hours. Which specific feature of the proxy enables this control?
Answer Options:
A. Traffic encryption
B. URL filtering
C. Content delivery
D. DNS caching

Answer 24

Correct Answer + Explanation:
URL filtering allows the proxy server to block access to specific websites, such as social media, based on their URLs.
Practical Use:
Organizations use URL filtering to enforce acceptable use policies and improve productivity.
Why Others Are Incorrect:
A: Traffic encryption secures data but doesn’t block websites.
C: Content delivery focuses on speeding up web access.
D: DNS caching resolves domain names but doesn’t block access.
Exam Objective Reference:
Domain 1.2: Networking Applications - Proxy Server.
Follow-Up:
What additional configurations can enhance a proxy server’s filtering capabilities?

Question 25

Question: Which networking appliance combines port-based switching with VLAN support and routing between VLANs?
Answer Options:
A. Router
B. Layer 2 Switch
C. Layer 3 Switch
D. Firewall

Answer 25

Correct Answer + Explanation:
A Layer 3 switch combines port-based switching (Layer 2) with inter-VLAN routing (Layer 3) functionality.
Practical Use:
Layer 3 switches are used in enterprise networks to reduce the need for separate routers for VLAN communication.
Why Others Are Incorrect:
A: Routers handle routing but lack port-based switching.
B: Layer 2 switches don’t support inter-VLAN routing.
D: Firewalls focus on security, not switching or VLAN routing.
Exam Objective Reference:
Domain 1.2: Networking Appliances - Layer 3 Switch.
Follow-Up:
What are the benefits of using a Layer 3 switch over a traditional router?

Question 26

Question: A small business implements a UTM appliance. Which scenario best demonstrates its advantage over separate appliances for each function?
Answer Options:
A. Replacing an old router with a high-performance one
B. Simplifying management by consolidating firewall, VPN, and IPS features
C. Increasing internet speed by caching frequently accessed websites
D. Improving wireless coverage across the office

Answer 26

Correct Answer + Explanation:
UTM appliances consolidate firewall, VPN, and IPS features, simplifying management and reducing costs.
Practical Use:
Small businesses often use UTMs to manage security and connectivity in a single device.
Why Others Are Incorrect:
A: Routers provide connectivity, not security consolidation.
C: Caching is handled by proxy servers or CDNs.
D: Wireless coverage is improved using access points.
Exam Objective Reference:
Domain 1.2: Networking Appliances - UTM.
Follow-Up:
What are the performance limitations of using a UTM for all security functions?

Question 27

Question: A NAS device is deployed with RAID 5 for data redundancy. What is the primary benefit of this configuration?
Answer Options:
A. Increased read/write performance without redundancy
B. Data redundancy with improved read performance
C. Maximum redundancy with significant storage overhead
D. Hot-swappable storage without redundancy

Answer 27

Correct Answer + Explanation:
RAID 5 provides data redundancy with improved read performance by striping data and parity across multiple drives.
Practical Use:
RAID 5 is commonly used in NAS devices to balance performance and fault tolerance.
Why Others Are Incorrect:
A: RAID 0 improves performance but lacks redundancy.
C: RAID 1 offers maximum redundancy but reduces available storage.
D: Hot-swappable storage is independent of RAID redundancy.
Exam Objective Reference:
Domain 1.2: Networking Applications - NAS.
Follow-Up:
How does RAID 5 handle drive failures during data recovery?

Question 28

Question: A security team deploys an IDS to monitor traffic. How does this differ from a SIEM solution in terms of functionality?
Answer Options:
A. IDS actively blocks malicious traffic, while SIEM analyzes logs.
B. IDS passively detects threats, while SIEM aggregates and correlates data.
C. IDS manages firewall rules, while SIEM provides network access control.
D. IDS performs DNS filtering, while SIEM monitors web traffic.

Answer 28

Correct Answer + Explanation:
IDS passively detects threats and alerts administrators, while SIEM aggregates and correlates log data from multiple sources for comprehensive analysis.
Practical Use:
A SIEM solution provides insights into security trends, while IDS focuses on live threat detection.
Why Others Are Incorrect:
A: IDS does not block traffic.
C: Neither solution directly manages firewall rules or access control.
D: DNS filtering is unrelated to IDS or SIEM functionality.
Exam Objective Reference:
Domain 1.2: Networking Applications - IDS and SIEM.
Follow-Up:
What benefits does integrating IDS data into a SIEM provide?

Question 29

Question: A VLAN-enabled switch is configured with multiple VLANs. What protocol ensures that VLAN tags are carried across trunk links?
Answer Options:
A. STP
B. 802.1Q
C. LACP
D. QoS

Answer 29

Correct Answer + Explanation:
802.1Q is the protocol used to tag VLAN traffic and ensure it is properly identified across trunk links.
Practical Use:
802.1Q allows devices in the same VLAN on different switches to communicate.
Why Others Are Incorrect:
A: STP prevents loops but doesn’t handle VLAN tagging.
C: LACP manages link aggregation, not VLANs.
D: QoS prioritizes traffic but doesn’t tag VLANs.
Exam Objective Reference:
Domain 1.2: Networking Functions - VLAN.
Follow-Up:
What considerations should be made when configuring native VLANs on a trunk link?

Question 30

Question: Which feature of a proxy server enhances user privacy by masking internal IP addresses from external servers?
Answer Options:
A. Reverse caching
B. Network Address Translation (NAT)
C. Anonymization
D. Port mirroring

Answer 30

Correct Answer + Explanation:
Anonymization ensures user privacy by masking internal IP addresses from external servers.
Practical Use:
Proxy servers use anonymization to protect sensitive user data during web browsing.
Why Others Are Incorrect:
A: Reverse caching stores server responses but doesn’t mask IPs.
B: NAT occurs at the router level, not in proxies.
D: Port mirroring is for traffic analysis, not privacy.
Exam Objective Reference:
Domain 1.2: Networking Applications - Proxy Server.
Follow-Up:
What are the potential drawbacks of relying solely on proxy servers for user anonymity?