Lesson 6: Supporting Network Services Flashcards
Flashcard:
A firewall filters applications based on their port number. If you want to configure a firewall on a mail server to allow clients to download email messages, which port(s) might you have to open?
Either TCP port 993 (IMAPS) or 995 (POP3S), depending on the mail access protocol in use (IMAP or POP). These are the default ports for secure connections. Unsecure default ports are TCP port 143 and TCP port 110. Port 25 (SMTP) is used to send mail between servers and not to access messages stored on a server. Port 587 is often used by a client to submit messages for delivery by an SMTP server.
Flashcard:
True or false? AAA allows switches and access points to hold directory information so that they can authenticate clients as they connect to the network.
False. One of the purposes of authentication, authorization, and accounting (AAA) is to authenticate clients as they connect to the network, but the directory information and credentials are not stored on or verified by switches and access points. These devices are configured as clients of an AAA server and act only to transit authentication data between the end user device (the supplicant) and the AAA server.
Flashcard:
You are configuring a network attached storage (NAS) appliance. What file sharing protocol(s) could you use to allow access to Windows, Linux, and Apple macOS clients?
Most clients should support Server Message Block (SMB).
Another option is to configure File Transfer Protocol (FTP)
Flashcard:
You are advising a company on configuring systems to provide better information about network device status. Why would you recommend the use of both SNMP and syslog?
The Simple Network Management Protocol (SNMP) provides a means for devices to report operational statistics to a management server and to send a trap if a threshold for some critical value is exceeded. Syslog provides a means for devices to send log entries to a remote server. Both of these types of information are required for effective monitoring.
Flashcard:
True or false? An HTTP application secured using the SSL/TLS protocol should use a different port to unencrypted HTTP.
True. By default, HTTPS uses port TCP/443. It is possible in theory to apply SSL/TLS to port TCP/80, but most browsers would not support this configuration.
Flashcard:
A network owner has configured three web servers to host a website. What device can be deployed to allow them to work together to service client requests more quickly?
A load balancer
Flashcard:
You are recommending that a small business owner replace separate firewall and antimalware appliances with a UTM. What is the principal advantage of doing this?
A unified threat management (UTM) appliance consolidates the configuration, monitoring, and reporting of multiple security functions to a single console or dashboard. You might also mention that the UTM might provide additional functionality not currently available, such as intrusion detection, spam filtering, or data loss prevention.
Flashcard:
You are writing an advisory to identify training requirements for support staff and have included OT networks as one area not currently covered. During the quality assurance (QA) review, the QA analyst states that OT does not exist and that it is a typo for IT. Is the QA analyst correct in their observation?
No. Operational technology (OT) refers to networks that connect embedded systems in industrial and process automation systems.
Flashcard:
You are auditing your network for the presence of legacy systems. Should you focus exclusively on identifying devices and software whose vendor has gone out of business?
No. While this can be one reason for products becoming unsupported, vendors can also deprecate use of products that they will no longer support by classifying them as end of life (EOL).
Flashcard:
You are advising a customer about replacing the basic network address translation (NAT) function performed by a SOHO router with a device that can work as a proxy. The customer understands the security advantages of this configuration. What other benefit can it have?
The proxy can be configured to cache data that is commonly requested by multiple clients, reducing bandwidth consumption and speeding up requests.
Flashcard:
A probe reports that the Internet connection has RTT latency of 200 ms. What is the likely impact on VoIP call quality?
Most vendors recommend that one-way latency should not exceed 150 ms. Round trip time (RTT) measures two-way latency, so 200 ms is within the recommended 300 ms tolerance. Call quality should not be severely impacted, but if latency is persistently that high, it might be worth investigating the cause.
Flashcard:
A user reports that a “Limited connectivity” desktop notification is displayed on their computer, and they cannot connect to the Internet. Will you need to replace the NIC in the computer?
No. Limited connectivity reported by the OS means that the link has been established, but the host has not been able to contact a DHCP server to obtain a lease for a valid configuration.
Flashcard:
You are trying to add a computer to a wireless network but cannot detect the network name. What possible causes should you consider?
The network name is configured as nonbroadcast and must be entered manually, the wireless standard supported by the adapter is not supported by the access point, the station is not in range, or there is some sort of interference.
Flashcard:
What readings would you expect to gather with a Wi-Fi analyzer? (2)
1) The signal strength of different Wi-Fi networks
2) Their channels that are operating within range of the analyzer.
Flashcard:
You are updating a support knowledge base article to help technicians identify port flapping. How can port flapping be identified?
Use the switch configuration interface to observe how long the port remains in an up state.
Port flapping means that the port transitions rapidly between up and down states.
Flashcard:
A user reports that the Internet is slow while hardwired for connectivity. What first step should you take to identify the problem?
Verify the link speed independently of user apps, such as web browsing, to determine if there is a cable or port problem.
