Domain 4: Review Questions Flashcards

1
Q

At which layer of the OSI model does the encapsulation process begin?

A. Transport
B. Application
C. Physical
D. Session

A

B. The Application layer (Layer 7) is the place where the encapsulation process begins.

This layer receives the raw data from the application in use and provides services such as file transfer and message exchange to the application (and thus the user).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which layers of the OSI model are equivalent to the Link layer of the TCP/IP model? (Choose two.)

A. Data Link
B. Physical
C. Session
D. Application
E. Presentation

A

A, B.

The Link layer of the TCP/IP model provides the services provided by both the Data Link and the Physical layers in the OSI model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following represents the range of port numbers that is referred to as “well-known” port numbers?

A. 49152–65535
B. 0–1023
C. 1024–49151
D. All above 500

A

B. The port numbers in the range 0 to 1023 are the well-known ports, or system ports. They are assigned by the IETF for standards-track protocols, as per RFC 6335.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the port number for Hypertext Transfer Protocol (HTTP)?

A. 23
B. 443
C. 80
D. 110

A

C. 80

The listed port numbers are as follows:

23—Telnet
443—HTTPS
80—HTTP
110—POP3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What protocol in the Transmission Control Protocol/Internet Protocol (TCP/IP) suite resolves IP addresses to MAC addresses?

A. ARP
B. TCP
C. IP
D. ICMP

A

A. Address Resolution Protocol (ARP) resolves IP addresses to MAC addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How many bits are contained in an IPv4 address?

A. 128
B. 48
C. 32
D. 64

A

C. IPv4 addresses are 32 bits in length and can be represented in either binary or in dotted-decimal format. IPv6 addresses are 128 bits in length and are composed of hexadecimal characters.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is a Class C IPv4 address?

A. 172.16.5.6
B. 192.168.5.54
C. 10.6.5.8
D. 224.6.6.6

A

B. The IP Class C range of addresses is from 192.0.0.0 to 192.168.0.0–192.168.255.255.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is a valid private IP address?

A. 10.2.6.6
B. 172.15.6.6
C. 191.6.6.6
D. 223.54.5.5

A

A. 10.2.6.6

Valid private IP address ranges are

Class A - 10.0.0.0 to 10.255.255.255
Class B - 172.16.0.0 to 172.31.255.255
Class C - 192.168.0.0 to 192.168.255.255

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which service converts private IP addresses to public IP addresses?

A. DHCP (Dynamic Host Configuration Protocol)
B. DNS (Domain Name System)
C. NAT (Network Address Translation)
D. WEP (Wired Equivalent Privacy)

A

C. Network Address Translation (NAT) is a service that can be supplied by a router or by a server. The device that provides the service stands between the local LAN and the Internet. When packets need to go to the Internet, the packets go through the NAT service first. The NAT service changes the private IP address to a public address that is routable on the Internet. When the response is returned from the Web, the NAT service receives it and translates the address back to the original private IP address and sends it back to the originator.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following transmission types uses stop and start bits in its communication?

A. Asynchronous
B. Unicast
C. Multicast
D. Synchronous

A

A. With asynchronous transmission, the systems use start and stop bits to communicate when each byte is starting and stopping. This method also uses what are called parity bits to be used for the purpose of ensuring that each byte has not changed or been corrupted en route. This introduces additional overhead to the transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which protocol encapsulates Fibre Channel frames over Ethernet networks?

A. MPLS (Multiprotocol Label Switching)
B. FCoE (Fibre Channel over Ethernet)
C. iSCSI (Internet Small Computer Systems Interface)
D. VoIP (Voice over Internet Protocol)

A

B. Fibre Channel over Ethernet (FCoE) encapsulates Fibre Channel frames over Ethernet networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which protocol uses port number 143?

A. Remote Desktop Protocol (RDP)
B. Apple Filing Protocol (AFP)
C. Internet Message Access Protocol (IMAP)
D. Secure Shell Protocol (SSH)

A

C. IMAP uses port 143. RDP uses port 3389. AFP (Apple Filing Protocol) uses port 548. SSH uses port 22.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following best describes NFS?

A. An email protocol
B. A directory query protocol that is based on X.500
C. An Application layer protocol that is used to retrieve information from network devices
D. A client/server file-sharing protocol used in Unix/Linux

A

D. NFS is a client/server file-sharing protocol used in Unix/Linux.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is a multilayer protocol that is used between components in process automation systems generally used in electric and water companies?

A. DNP3 (Distributed Network Protocol 3)
B. VoIP (Voice over Internet Protocol)
C. WPA (Wi-Fi Protected Access)
D. WPA2 (Wi-Fi Protected Access 2)

A

A. DNP3 is a multilayer protocol that is used between components in process automation systems in electric and water companies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which wireless communication standard includes multi-user, multiple input, multiple output (MU-MIMO)?

A. 802.11a
B. 802.11ac
C. 802.11g
D. 802.11n

A

B. 802.11ac includes multi-user multiple-input, multiple-output (MU MIMO).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is a service that goes beyond authentication of the user and examines the state of the computer that the user is introducing to the network when making a remote access or VPN (virtual private network) connection to the network?

A. NAC (network access control)
B. SNAT (stateful network address translation)
C. LDP (Label Distribution Protocol)
D. RARP (Reverse Address Resolution Protocol)

A

A. Network access control goes beyond authentication of the user and includes an examination of the state of the computer the user is introducing to the network when making a remote access or VPN connection to the network.

Stateful NAT (SNAT) implements two or more NAT devices to work together as a translation group. One member provides network translation of IP address information. The other member uses that information to create duplicate translation table entries. Label Distribution Protocol (LDP) allows routers capable of Multiprotocol Label Switching (MPLS) to exchange label mapping information. Reverse ARP (RARP) resolves MAC addresses to IP addresses.

17
Q

Which of the following assigns an IP address to a device if the device is unable to communicate with the DHCP server in a Windows-based network?

A. NFC (Near Field Communication)
B. Dynamic NAT (Network Address Translation)
C. APIPA (Automatic Private IP Addressing)
D. Mobile IPv6

A

C. Automatic Private IP Addressing (APIPA) assigns an IP address to a device if the device is unable to communicate with the DHCP server; APIPA is primarily implemented in Windows. The range of IP addresses assigned is 169.254.0.1 to 169.254.255.254 with a subnet mask of 255.255.0.0.

Near Field Communication (NFC) is a set of communication protocols that allow two electronic devices, one of which is usually a mobile device, to establish communication by bringing them within 2 inches of each other. With dynamic NAT, multiple internal private IP addresses are given access to multiple external public IP addresses. This is considered a many-to-many mapping. Mobile IPv6 (MIPv6) is an enhanced protocol supporting roaming for a mobile node so that it can move from one network to another without losing IP-layer connectivity (as defined in RFC 3775).

18
Q

Which of the following is a field of security that attempts to protect individual systems in a network by staying in constant contact with them from a central location?

A. IP convergence
B. Remote access
C. Static NAT
D. Endpoint security

A

D. Endpoint security is a field of security that attempts to protect individual systems in a network by staying in constant contact with these individual systems from a central location.

IP convergence involves carrying different types of traffic over one network. The traffic includes voice, video, data, and images. It is based on the Internet Protocol (IP) and supports multimedia applications. Remote access allows users to access an organization’s resources from a remote connection. These remote connections can be direct dial-in connections but more commonly use the Internet as the network over which the data is transmitted. With static NAT, an internal private IP address is mapped to a specific external public IP address. This is considered a one-to-one-mapping.

19
Q

Which of the following accelerates software deployment and delivery, thereby reducing IT costs through policy-enabled workflow automation?

A. Virtual storage-area network (VSAN)
B. Internet Group Management Protocol (IGMP)
C. Transport Layer Security/Secure Sockets Layer (TLS/SSL)
D. Software-defined networking (SDN)

A

D. Software-defined networking (SDN) accelerates software deployment and delivery, thereby reducing IT costs through policy-enabled workflow automation. It enables cloud architectures by providing automated, on-demand application delivery and mobility at scale.

A virtual storage-area network (VSAN) is a software-defined storage method that allows pooling of storage capabilities and instant and automatic provisioning of virtual machine storage. Internet Group Management Protocol (IGMP) provides multicasting capabilities to devices. Multicasting allows devices to transmit data to multiple recipients. IGMP is used by many gaming platforms. Transport Layer Security/Secure Sockets Layer (TLS/SSL) is used for creating secure connections to servers. It works at the Application layer of the OSI model. It is used mainly to protect HTTP traffic or web servers.

20
Q

Which of the following types of Extensible Authentication Protocol (EAP) is not recommended for WLAN implementations because it supports one-way authentication and may allow the user’s password to be derived?

A. EAP-Message Digest 5 (EAP-MD5)
B. EAP-Transport Layer Security (EAP-TLS)
C. EAP-Tunneled TLS (EAP-TTLS)
D. Protected EAP (PEAP)

A

a. EAP-Message Digest 5 (EAP-MD5) provides base-level EAP support using one-way authentication. This method is not recommended for WLAN implementations because it may allow the user’s password to be derived.

EAP-Transport Layer Security (EAP-TLS) uses certificates to provide mutual authentication of the client and the network. The certificates must be managed on both the client and server side. EAP-Tunneled TLS (EAP-TTLS) provides for certificate-based, mutual authentication of the client and network through an encrypted channel (or tunnel). It requires only server-side certificates. Protected EAP (PEAP) securely transports authentication data, including legacy password-based protocols, via 802.11 Wi-Fi networks using tunneling between PEAP clients and an authentication server (AS). It uses only server-side certificates.

21
Q

Which of the following is considered the wireless access point during the 802.1X authentication process?

A. Supplicant
B. Authenticator
C. Authentication server
D. Multimedia collaborator

A

B. Authenticator

There are three basic entities during 802.1X authentication:

Supplicant: A software client running on the Wi-Fi workstation
Authenticator: The wireless access point
Authentication server (AS): A server that contains an authentication database, usually a RADIUS server

22
Q

During a routine network security audit on a local network, you suspect the presence of several rogue wireless access points (WAPs). What should you do first to identify if and where any rogue WAPs have been deployed on the network?

A. Adjust the power levels on all valid WAPs to decrease the coverage radius.
B. Replace all valid WAP directional antennas with omnidirectional antennas.
C. Perform a wireless site survey.
D. Ensure that all valid WAPs are using WPA2.

A

C. Administrators perform a site survey prior to deploying a new wireless network to determine the standard and possible channels deployed. After a wireless network is deployed, site surveys are used to determine whether rogue access points have been deployed or to determine where new access points should be deployed to increase the range of the wireless network. Although adjusting all WAP power levels, replacing all antennas, and ensuring WPA2 is being used are all related to WAPs, they are not the best solution to the question presented.

23
Q

Which of the following would be considered a valid IPv6 address?

A. 192.72.103
B. 11011000.00000101.000011
C. 1.1.193.62
D. 2001:0db8:0055:0000:cd23:0000:0000:0205/48

A

D. 2001:0db8:0055:0000:cd23:0000:0000:0205/48 is a valid IPv6 address that can be compressed to 2001:db8:55:0:cd23::205/48.

24
Q

What type of attack occurs when more than one system or device floods the bandwidth of a targeted system or network?

A. Domain Name System Security Extensions (DNSSEC)
B. Domain grabbing
C. Cybersquatting
D. Distributed denial-of-service (DDoS)

A

D. A distributed denial-of-service (DDoS) attack occurs when more than one system or device floods the bandwidth of a targeted system or network.

A newer approach to preventing DNS attacks is a stronger authentication mechanism called Domain Name System Security Extensions (DNSSEC). Many current implementations of DNS software contain this functionality. It uses digital signatures to validate the source of all messages to ensure they are not spoofed. Domain grabbing occurs when individuals register a domain name of a well-known company before the company has the chance to do so. Then later the individuals hold the name hostage until the company becomes willing to pay to get the domain name. When domain names are registered with no intent to use them but with intent to hold them hostage, it is called cybersquatting.

25
Q

What type of attack is occurring when the attacker intercepts legitimate traffic between two entities?

A. Man-in-the-middle (MITM)
B. Smurf
C. Bluejacking
D. Bluesnarfing

A

A. A man-in-the-middle (MITM) attack intercepts legitimate traffic between two entities. The attacker can control information flow and can eliminate or alter the communication between the two parties.

A smurf attack is a denial-of-service (DoS) attack that uses a type of ping packet called an ICMP ECHO REQUEST. Bluejacking occurs when an unsolicited message is sent to a Bluetooth-enabled device, often for the purpose of adding a business card to the victim’s contact list. This attack can be prevented by placing the device in non-discoverable mode. Bluesnarfing is the unauthorized access to a device using the Bluetooth connection. In this case, the attacker is trying to access information on the device rather than send messages to the device.