Network + Flash Cards

1
Q

The _____ command is used in a Windows environment to see how many
hops a packet takes to reach a destination

A

tracert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The communication between distance-vector routers is known as ____

A

Hops

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

the largest data unit that can be passed without fragmentation.

A

The Maximum Transmission Unit (MTU)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The process by which routers learn of a change in the network
topology is called

A

convergence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The second version of RIP dealt with the shortcomings of the
original design. Authentication was included to enable secure transmissions,
also, it changed from a networkwide broadcast discovery method
to a multicast method to reduce overall network traffic.

A

RoutingInformation Protocol or

RIPv2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The syntax for the route add command is:

A

route add 192.168.2.1

mask (255.255.255.0) 192.168.2.4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Three types of bridges are used in networks:

A

Transparent bridge
Source route bridge
Translational bridge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Unlike cut-through, in a _____ switching
environment, the entire packet is received and error-checked before
being forwarded. The upside of this method is that errors are not propagated
through the network. The downside is that the error-checking
process takes a relatively long time, and store-and-forward switching is
considerably slower as a result..

A

store-and-forward

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
used with network bridges and switches. With the help of Spanning
Tree Algorithm (STA), STP avoids or eliminates loops on a Layer 2 bridge.
A

Spanning Tree Protocol (STP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the methods of switching?

A

Cut-through
Store-and-forward
FragmentFree

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the two types of Link-state protocols?

A

Open Shortest Path First (OSPF)

Intermediate System-to-Intermediate System (IS-IS):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

WHat is one waya router that uses Link-state protocol differs fromone that uses distance-vector protocol

A

it builds a map of the entire network and then
holds that map in memory. ALso, On a network that uses a link-state protocol,
routers send link-state advertisements (LSAs) that contain information about
the networks to which they connect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What two issues must be considered when using bridges?

A

Bridge Placement and Eliminating bridging loops

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

With _____ communications, each router on the network
communicates all the routes it knows about to the routers to which it is
directly attached. In this way, routers communicate only with their router
neighbors and are unaware of other routers that may be on the network.

A

Distance-Vector Routing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

With eliminating bridging loops: Bridging loops can occur when more than
one bridge is implemented on the network. In this scenario, the bridges
can confuse each other by leading one another to believe that a device is
located on a certain segment when it is not. To combat the bridging

A

KNOW THIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

____enables administrators to monitor the traffic outbound and inbound
to the switch.

A

Port mirroring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The ports on a hub to which computer systems are attached are called

A

Medium-Dependent Interface Crossed (MDI-X).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Another type of port, called a_____port, is often
included on a hub or switch to facilitate the connection of two switches or
hubs.

A

Medium-Dependent Interface (MDI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

ExamAlert

In a crossover cable, wires 1 and 3 and wires 2 and 6 are crossed.

A

ExamAlert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Routers that send link-state advertisements (LSA) that contain information about the network to which they connect

A

link-state routing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q
  1. True or False: The biggest difference between a LAN and WAN is usually
    the size of the network.
A
  1. True. A WAN is a network that spans more than one geographic location,
    often connecting separated LANs.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
  1. What network model offers no centralized storage of data or centralized
    control over the sharing of files or resources?
A
  1. A peer-to-peer network is a decentralized network model offering no centralized
    storage of data or centralized control over the sharing of files or
    resources.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q
  1. In what networking model is the processing power shared between the
    client systems and the server?
A
  1. A distributed network model has the processing power distributed
    between the client systems and the server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A___ is a data network restricted to a single geographic location and typically
encompasses a relatively small area, such as an office building or school

A

LAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A ____is a network that spans more than one geographic location, often
connecting separated LANs

A

WAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

You can choose from two basic wired network models:

A

peer-to-peer and

client/server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A ____network is a decentralized network model offering no centralized
storage of data or centralized control over the sharing of files or
resources. All systems on this network can share the resources on
their local computer and use resources of other systems.

A

peer-to-peer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

The ____ networking model is, without question, the most widely
implemented model and the one you are most likely to encounter when working
in real-world environments. The advantages of the this system
are that it is a centralized model and it enables centralized network management
of all network services, including user management, security, and backup
procedures

A

The client/server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

EXAM ALERT:
The role of the client computer in the client/server model is to request the data
from the server and present that data to the users.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q
1. What is the maximum number of computers recommended for inclusion in a
peer-to-peer network?
❍ A. 2
❍ B. 5
❍ C. 10
❍ D. 25
A
  1. C. The maximum number of computers recommended in a peer-to-peer network
    is 10.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q
2. When a WAN is confined to a certain geographic area, such as a university campus
or city, it is known as a
❍ A. LAN
❍ B. MAN
❍ C. VAN
❍ D. VPN
A
  1. B. A WAN can be referred to as a MAN (Metropolitan Area Network) when it is
    confined to a certain geographic area, such as a university campus or city.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q
  1. Which topology (star, bus, or ring) would use a hub or switch?
A
  1. Of the choices given, only a star topology would use a hub or switch.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q
  1. With which topology does every node have a direct connection to every
    other node?
A
  1. With a mesh topology, every node has a direct connection to every other
    node.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

A ___refers to a network’s physical and logical layout.

A

topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

A network’s____topology refers to the actual layout of the computer cables and other network
devices.

A

physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

A network’s_____ topology refers to the way in which the network
appears to the devices that use it.

A

logical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A___ topology uses a trunk or backbone to connect all the computers on the
network

A

bus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

EXAM ALERT:

Loose or missing terminators from a bus network disrupt data transmissions.

A

EXAM ALERT:

Loose or missing terminators from a bus network disrupt data transmissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

The____ topology is actually a logical ring, meaning that the data travels in a
circular fashion from one computer to another on the network.

A

ring, is not a physical ring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

In the ____topology, all computers and other network devices connect to a central
device called a hub or switch. Each connected device requires a single cable
to be connected to the hub, creating a point-to-point connection between the
device and the hub.

A

star

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Among the network topologies discussed in this chapter, the star topology is the
easiest to expand in terms of the number of devices connected to the network.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

The ___ ____ topology (see Figure 1.6) incorporates a unique network design
in which each computer on the network connects to every other, creating a
point-to-point connection between every device on the network

A

wired mesh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

EXAM ALERT:
Because of the redundant connections, the mesh topology offers better fault tolerance
than other topologies.

A

EXAM ALERT:
Because of the redundant connections, the mesh topology offers better fault tolerance
than other topologies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

___ ___ ___is a technology designed to speed up network

traffic flow by moving away from the use of traditional routing tables.

A

Multiprotocol Label Switching (MPLS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Wireless networks typically are implemented using one of two wireless topologies:

A

. Infrastructure, or managed, wireless topology

. Ad hoc, or unmanaged, wireless topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

The ___ ___ ___ is commonly used to extend a wired LAN to
include wireless devices. Wireless devices communicate with the wired LAN
through a base station known as an access point (AP) or wireless access point.

A

infrastructure wireless topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

In a __ __ __ topology, devices communicate directly between themselves
without using an access point. This peer-to-peer network design is commonly
used to connect a small number of computers or wireless devices.

A

wireless ad hoc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Wireless mesh networks are known as self-healing, which
refers to the network’s capability to adapt to network failure and even
function should a node be moved from one location to another. Selfhealing
in a wireless mesh environment is possible because of the interconnected
connections and because of the wireless media.

A

Self-healing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Another meaning: The term hybrid topology also can refer to the combination of
wireless and wired networks. For the Network+ exam, however, the term hybrid
most likely refers to the combination of physical networks.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q
  1. You have been asked to install a network to give the network users the greatest
    amount of fault tolerance. Which of the following network topologies would you
    choose?
    ❍ A. Star
    ❍ B. Ring
    ❍ C. Mesh
    ❍ D. Bus
A
  1. C. A mesh network uses a point-to-point connection to every device on the network.
    This creates multiple points for the data to transmit around the network
    and therefore creates a high degree of redundancy. The star, ring, and bus
    topologies do not offer fault tolerance.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

An AP can operate as a bridge connecting a standard wired network to wireless
devices or as a router passing data transmissions from one access point to
another.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

The term ___ ____ is used to loosely encompass any device capable of
encrypting data for the purpose of making it more difficult to intercept. On
the lower end, this can encompass devices used by individual users (encrypted
flash drives, for example). On the higher end, a server can encrypt data for the
network.

A

encryption devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Because the Network+ exam focuses on networking and the objective focuses on
the OSI model, the presentation layer is responsible for encrypting/decrypting data
EXAM ALERT:
Because the Network+ exam focuses on networking and the objective focuses on
the OSI model, the presentation layer is responsible for encrypting/decrypting data
sent across the network.

A

EXAM ALERT:
Because the Network+ exam focuses on networking and the objective focuses on
the OSI model, the presentation layer is responsible for encrypting/decrypting data
sent across the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q
  1. Users are complaining that the network’s performance is unsatisfactory. It takes
    a long time to pull files from the server, and, under heavy loads, workstations
    can become disconnected from the server. The network is heavily used, and a
    new videoconferencing application is about to be installed. The network is a
    1000BaseT system created with Ethernet hubs. Which device are you most likely
    to install to alleviate the performance problems?
    ❍ A. Switch
    ❍ B. Router
    ❍ C. Bridge
    ❍ D. Gateway
A
  1. A. Replacing Ethernet hubs with switches can yield significant performance
    improvements. Of the devices listed, switches are also the only ones that can be
    substituted for hubs. A router is used to separate networks, not as a connectivity
    point for workstations. A bridge could be used to segregate the network and
    therefore improve performance, but a switch is a more obvious choice in this
    example. A gateway is a device, system, or application that translates data from
    one format into another.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q
2. Which of the following devices forwards data packets to all connected ports?
❍ A. Router
❍ B. Switch
❍ C. Bridge
❍ D. Hub
A
  1. D. Hubs are inefficient devices that send data packets to all connected devices.
    Switches pass data packets to the specific destination device. This method significantly
    increases network performance.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q
3. Of the following routing methods, which is likely to require the most administration
time in the long term?
❍ A. Static
❍ B. Link state
❍ C. Distance vector
❍ D. Dynamic
A
  1. A. Static routing takes more time to administer in the long term because any
    changes to the network routing table must be manually entered. Distance vector
    and link state are both dynamic routing methods. Dynamic routing might take
    more time to configure initially, but in the long term, it requires less administration
    time. It can automatically adapt to changes in the network layout.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q
  1. Which of the following statements best describes a gateway?
    ❍ A. It is a device that enables data to be routed from one network to
    another.
    ❍ B. It refers to any device that resides at the entrance of a network.
    ❍ C. It is a device, system, or application that translates data from one format
    into another.
    ❍ D. It is a network device that can forward or block data based on the
    MAC address embedded in the packet.
A
  1. C. A gateway can be a device, system, or application that translates data from
    one format into another. Answers A and B more closely describe a router.
    Answer D describes a bridge. A bridge is a device that is used to segregate a
    network. It makes forwarding or blocking decisions based on the MAC address
    embedded in the packet.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q
  1. You are experiencing performance problems on your Ethernet-based network. By
    using a network performance-monitoring tool, you determine that the network
    has a large number of collisions. To reduce the collisions, you decide to install a
    network bridge. What kind of bridge are you most likely to implement?
    ❍ A. Collision bridge
    ❍ B. Transparent bridge
    ❍ C. Visible bridge
    ❍ D. Translational bridge
A
  1. B. A transparent bridge can be used to segment a network, reducing the number
    of collisions and overall network traffic. It is called transparent because the other
    devices on the network do not need to be aware of the device and operate as if
    it weren’t there. A translational bridge is used in environments where it is necessary
    to translate one data format into another. Such a conversion is unnecessary
    in this scenario. There is no such thing as a collision bridge or a visible bridge.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q
  1. What acts as a translator between the LAN and WAN data formats?
A
  1. A CSU/DSU acts as a translator between the LAN and WAN data formats.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q
  1. What is the term that describes the mechanisms used to control bandwidth
    usage on the network?
A
  1. Bandwidth shaping describes the mechanisms used to control bandwidth
    usage on the network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q
  1. True or False: A load balancer must be a hardware device specially configured
    to balance the load.
A
  1. False. A load balancer can be either a hardware device or software specially
    configured to balance the load.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

The term ___ ___ describes the mechanisms used to control bandwidth
usage on the network. With this, administrators can control who uses bandwidth,
for what purpose, and what time of day bandwidth can be used. Traffic
shaping establishes priorities for data traveling to and from the Internet and
within the network.

A

traffic shaping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

A ___ ___ essentially performs two key
functions—monitoring and shaping. Monitoring includes identifying where
bandwidth usage is high and the time of day. After that information is
obtained, administrators can customize or shape bandwidth usage for the best
needs of the network.

A

bandwidth shaper

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

A ___ ___ is any software that controls what a user is allowed to peruse
and is most often associated with websites. Using a content filter, an employer
can block access to pornographic sites to all users, some users, or even just an
individual user.

A

content filter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

___ ___ is a technique in which the workload is distributed between several servers. This feature can
take networks to the next level; it increases network performance, reliability,
and availability.

A

Load balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

EXAM ALERT:
Remember that load balancing increases redundancy and therefore data availability.
Also, load balancing increases performance by distributing the workload.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

A ___ ___ is one that can operate at both Layer 2 and Layer 3 of the
OSI model, which means that the multilayer device can operate as both a
switch and a router.

A

multilayer switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

EXAM ALERT:

A multilayer switch operates as both a router and a switch.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

A ___ ___ examines the
network data it receives, decides where the content is intended to go, and forwards
it. It can also can identify the application that data is targeted
for by associating it with a port.

A

content switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

___ ___ can help with load balancing because they can distribute
requests across servers and target data to only the servers that need it, or distribute
data between application servers.

A

Content servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

EXAM ALERT:
A content switch can distribute incoming data to specific application servers and
help distribute the load.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

a __ __ is defined as a server that sits between a client computer and the
Internet, looking at the web page requests the client sends.

A

proxy server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

The ___ is a list of

allowed or nonallowed websites;

A

Access Control List (ACL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

A ___ ___ can be used to increase remote-access security. It can establish a secure connection (tunnel)
between the sending and receiving network devices.

A

VPN concentrator/ VPN concentrators
add an additional level to VPN security. They can not only create the tunnel,
but they also can authenticate users, encrypt the data, regulate the data transfer,
and control traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

Connects networks

A

Router- A router uses the softwareconfigured
network address to
make forwarding decisions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Connects LANS to reduce overall network traffic

A

Bridge- A bridge enables data to pass through it or prevents data from passing through it by reading the MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

Connects devices on a twisted-pair network

A

Switch- A switch forwards data to its destination by using the MAC address embedded in each packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Connects devices on an Ethernet twisted-pair network

A

Hub- a hub does not perform any tasks besides signal regeneration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

Translates from one data format into another

A

Gateway- can be hardware or software based. Any device that translates data formats is called a gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

Translates digital signals used on a LAN into those used on a WAN

A

Channel Service Unit/Data Service Unit (CSU/DSU)- Sometims incorporated into other devices, such as a router with WANT connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

Provides serial communication capabilities across phone lines

A

Modem- Modems modulate the digital signals into analog at the sending end and perform the reverse function at the receiving end

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

Enables systems to connect to the network

A

Network Card- interfaces can be add-in expansion cards, express cards, or built-in interfaces

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Interconnects older technology with new

A

Media converter- is a hardware device that connects newer Gigabit Ethernet technologies with older 100BaseT networks or older copper standards with fiber

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

Provides controlled data access between networks

A

Firewalls- can be hardward or software based. They are an essential part of a network’s security strategy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Automatically distributes IP information

A

Dynamic Host Configuration Protocol (DHCP) assigns all IP information, including IP address, subnet mask, DNS, gateway, and more

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

Functions as a switch or router

A

Multilayer switch- Operates on layers 2 and 3 of the OSI model as a switch and can perform router functionality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

Forwards data by application

A

Content Switch- Can identify and forward data by its port and application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

Distributes network load

A

Load balancer- increases redundancy by distributing the load to multiple servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

Combines network services

A

Multifunction devices- these are hardware devices that combine multiple network services into a single device, reducing cost and easing admin difficulty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

Provides name resolution from hostnames to IP addresses

A

DNS Server- answers requests to translate hostnames into IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

Manages network Bandwitdth

A

Bandwidth shaper- monitors and controls bandwidth usage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

Manages client internet requests

A

Proxy Server- Serves two key network performances: increases network performance by caching, and filters outgoing client requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q
  1. Several users on your network are downloading from peer-to-peer networks,
    tying up bandwidth during peak hours. Which of the following is used to manage
    network bandwidth?
    ❍ A. Load leveler
    ❍ B. Load toner
    ❍ C. Bandwidth toner
    ❍ D. Bandwidth shaper
A
  1. D. The term bandwidth shaping describes the mechanisms used to control
    bandwidth usage on the network. With this, administrators have complete control
    over who uses bandwidth, for what purpose, and the time of day bandwidth
    can be used. Bandwidth shaping establishes priorities for data traveling to and
    from the Internet and within the network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q
2. Which of the following devices passes data based on the MAC address?
❍ A. Hub
❍ B. Switch
❍ C. MSAU
❍ D. Router
A
  1. B. When determining the destination for a data packet, the switch learns the
    MAC address of all devices attached to it and then matches the destination
    MAC address in the data it receives. None of the other devices listed passes
    data based solely on the MAC address.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q
  1. On a virtual desktop what is the term that encompasses the software and
    hardware needed to create the virtual environment?
A
  1. The virtual desktop is often called a virtual desktop interface (VDI) and
    that term encompasses the software and hardware needed to create the
    virtual environment.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q
  1. True or False: NaaS is similar to the Software as a Service (SaaS) cloud
    computing model in that it is provided on demand in a pay-as-you-go
    model.
A
  1. True. NaaS is similar to the Software as a Service (SaaS) cloud computing
    model in that it is provided on demand in a pay-as-you-go model.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

The virtual desktop is often called a ___ ___ and
that term encompasses the software and hardware needed to create the virtual
environment.

A

virtual desktop interface (VDI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q
1. Which of the following is an open source virtual switch?
❍ A. VirtualBox
❍ B. VMware
❍ C. Xen
❍ D. Open vSwitch
A
  1. D. Open vSwitch is an open source virtual switch licensed beneath the Apache
    2.0 license. It can be found at http://openvswitch.org. The other options listed
    (some proprietary and some open source) are for virtual desktops.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q
  1. When a vendor offers to provide all networking for a client—freeing the company
    from needing to worry about bandwidth, connectivity, scalability, and all the
    issues normally associated with networking—what is it known as?
    ❍ A. SaaS
    ❍ B. NaaS
    ❍ C. SAN
    ❍ D. NAS
A
  1. B. Known as Network as a Service (Naas), this alleviates the company’s concerns
    about bandwidth, connectivity, scalability, and all the issues normally
    associated with networking.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q
  1. What is the point of demarcation with a small office?
A
  1. The point of demarcation is always the point where the service provider
    stops being responsible for the wiring and it becomes your responsibility.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q
  1. True or False: Cable modems and DSL modems are commonly used in
    SOHO implementations for Internet access.
A
  1. True. Cable modems and DSL modems are commonly used in SOHO
    implementations for Internet access.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q
1. On a typical cable modem, which panel light is found beneath the power light?
❍ A. Receive
❍ B. Send
❍ C. Online
❍ D. Activity
A
  1. A. A typical sequence of lights on a cable modem is power, receive, send,
    online, and activity.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q
  1. Which of the following is true of many SOHO routers?
    ❍ A. They close down the DHCP ports by default.
    ❍ B. They close down the NAT ports by default.
    ❍ C. They close down the ICMP ports by default.
    ❍ D. They leave open the DHCP, NAT, and ICMP ports by default.
A
  1. C. Many SOHO routers close down the ICMP ports by default.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q
  1. What are T-lines used for, and what is the maximum speed of T1 and T3?
A
  1. T-carrier lines create point-to-point network connections for private networks.
    T1 lines offer transmission speeds of up to 1.544Mbps, whereas
    T3 lines offer transmission speeds of 44.736Mbps.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q
  1. What are the X.25 transmission speed restrictions?
A
  1. X.25 is restricted to transmission rates of 56Kbps or 64Kbps with digital
    implementations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q
  1. What is the difference between circuit switching and packet switching?
A
  1. Circuit switching offers a dedicated transmission channel that is reserved
    until it is disconnected. Packet switching enables packets to be routed
    around network congestion.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

In ___ ___, messages are broken into smaller pieces called packets.
Each packet is assigned source, destination, and intermediate node addresses.
Packets are required to have this information because they do not always use
the same path or route to get to their intended destination.

A

packet switching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

Two types of packet-switching methods are used on networks are:

A

Virtual-circuit packet switching: and Datagram packet switching:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

WIth ___ ___ ____, a logical connection is established
between the source and the destination device. This logical connection
is established when the sending device initiates a conversation with the
receiving device. The logical communication path between the two
devices can remain active for as long as the two devices are available or
can be used to send packets once. After the sending process has completed,
the line can be closed.

A

Virtual-circuit packet switching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

Unlike virtual-circuit packet switching, ___ ___ ___ does not establish a logical connection between the sending and transmitting devices. The packets in this type are independently sent, meaning that they can take different
paths through the network to reach their intended destination. To do this, each packet must be individually addressed to determine its source and destination. This method ensures that packets take the easiest possible routes to their destination and avoid high-traffic areas. These are mainly used on the Internet.

A

Datagram packet switching:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

In contrast to the packet-switching method, ___ ____ requires a dedicated physical connection between the sending and receiving devices. The most commonly used analogy to represent this is a telephone
conversation in which the parties involved have a dedicated link between them for the duration of the conversation. When either party disconnects, the circuit
is broken, and the data path is lost.

A

circuit switching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

The two types of ISDN are:

A

Basic Rate Interface (BRI) and

Primary Rate Interface (PRI).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

____ ISDN uses three separate channels; two bearer (B) channels of 64Kbps
each and a delta channel of 16Kbps. B channels can be divided into four D
channels, which ENABLE businesses to have eight simultaneous Internet
connections. The B channels carry the voice or data, and the D channels are
used for signaling.

A

BRI- BRI ISDN channels can be used separately using 64Kbps transfer or combined to
provide 128Kbps transfer rates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

____ is a form of ISDN that generally is carried over a T1 line and can provide transmission rates of up to 1.544Mbps. ___ is composed of 23 B channels, each providing 64Kbps for data/voice capacity, and one 64kbps D channel,
which is used for signaling.

A

PRI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

EXAM ALERT: ISDN is considered a leased line because access to ISDN is leased from a service
provider.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

BRI to PRI ISDN Comparison

Characteristic BRI PRI

Speed 128Kbps 1.544Mbps

Channels 2B+D 23B+D

Transmission carrier ISDN T1

A

BRI to PRI ISDN Comparison

Characteristic BRI PRI

Speed 128Kbps 1.544Mbps

Channels 2B+D 23B+D

Transmission carrier ISDN T1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

___ ___ are high-speed dedicated digital lines that can be leased from telephone companies. This creates an always-open, always-available line
between you and whomever you choose to connect to when you establish the service. ___ ___ lines can support both voice and data transmissions and are often used to create point-to-point private networks.

A

T-carrier lines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

Four types of T-carrier lines are available. They are:

A

T1, T2, T3, T4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

T- carrier line that Offers transmission speeds of 1.544Mbps and can create point-to-point dedicated digital communication paths. these lines have commonly
been used for connecting LANs. In North America, DS (digital signal) notation is used with T-lines to describe the circuit. For all practical purposes, DS1 is synonymous with it.

A

T1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

T-carrier line which Offers transmission speeds of 6.312Mbps. They accomplish this by
using 96 64Kbps B channels.

A

T2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

This T-carrier line Offers transmission speeds of up to 44.736Mbps, using 672 64Kbps B channels. Digital signal 3 (DS3) is a more accurate name in North America, but ___ is what most refer to the link as.

A

T3 (When you take the exam, think of DS3 and T3 as synonymous.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

This T-carrier line Offers impressive transmission speeds of up to 274.176Mbps by
using 4,032 64Kbps B channels.

A

T4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

What is the speed for T1 and T3 lines

A

T1- 1.544Mbps/ T3- 44.736Mbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

OCx Level Transmission Rate for

OC-1 51.84Mbps

A

51.84Mbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

OCx Level Transmission Rate for

OC-3

A

155.52Mbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

OCx Level Transmission Rate for

OC-12

A

622.08Mbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

OCx Level Transmission Rate for

OC-24

A

1.244Gbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
128
Q

OCx Level Transmission Rate for

OC-48

A

2.488Gbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
129
Q

OCx Level Transmission Rate for

OC-96

A

4.976Gbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
130
Q

OCx Level Transmission Rate for

OC-192

A

9.953Gbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
131
Q

OCx Level Transmission Rate for

OC-768

A

39.813Gbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
132
Q

ExamAlert

When you take the exam, equate SDH with SONET.

A

Synchronous Optical Network (SONET), Synchronous Digital Hierarchy (SDH) is the European counterpart to SONET

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
133
Q

a ___ ___ is one in which unpowered optical splitters
are used to split the fiber so it can service a number of different locations and
brings the fiber either to the curb, the building, or the home.

A

passive optical network (PON)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
134
Q

____ was one of the original packet-switching technologies, but today it has
been replaced in many applications by Frame Relay

A

X.25

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
135
Q

___ ___is a WAN protocol that operates at the physical and data link layers of the OSI model. ___ ___ enables data transmission for intermittent
traffic between LANs and between endpoints in a WAN.

A

Frame Relay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
136
Q

In the Frame Relay world, the term
___ refers to terminating equipment located within a company’s network. Termination equipment includes such hardware as end-user systems, servers, routers, bridges, and switches.

A

DTE- Data terminal equipment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
137
Q

In frame relay, ___ refers to the
equipment owned by the carrier. This equipment provides the switching
services for the network and therefore is responsible for actually transmitting
the data through the WAN.

A

DCE-Data circuit-terminating equipment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
138
Q

In Frame Relay, ____Represents a temporary virtual circuit established and maintained only for the duration of a data transfer session.

A

Switched virtual circuit (SVC):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
139
Q

A permanent dedicated virtual link shared in a Frame Relay network, replacing a hard-wired dedicated endto-
end line.

A

Permanent virtual circuit (PVC):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
140
Q

___ is a packet-switching technology that provides transfer speeds ranging from 1.544Mbps to 622Mbps. It is well suited for a variety of data types, such as voice, data, and video. Using fixed-length packets, or cells, that are 53 bytes long, ___ can operate more efficiently than variable-length-packet packetswitching technologies such as Frame Relay.

A

Asynchronous Transfer Mode (ATM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
141
Q

Your company currently uses a standard PSTN communication link to transfer
files between LANs. Until now, the transfer speeds have been sufficient for the
amount of data that needs to be transferred. Recently, a new application was
purchased that requires a minimum transmission speed of 1.5Mbps. You have
been given the task to find the most cost-effective solution to accommodate the
new application. Which of the following technologies would you use?
❍ A. T3
❍ B. X.25
❍ C. T1
❍ D. BRI ISDN

A
  1. C. A T1 line has a transmission capability of 1.544Mbps and is considerably
    cheaper than a T3 line. X.25 and BRI ISDN cannot provide the required transmission
    speed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
142
Q
  1. Which of the following best describes the process to create a dedicated circuit between
    two communication endpoints and direct traffic between those two points?
    ❍ A. Multiplexing
    ❍ B. Directional addressing
    ❍ C. Addressing
    ❍ D. Circuit switching
A
  1. D. Circuit switching is the process of creating a dedicated circuit between two
    communications endpoints and directing traffic between those two points. None
    of the other answers are valid types of switching.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
143
Q
  1. Which of the following statements are true of ISDN? (Choose the two best
    answers.)
    ❍ A. BRI ISDN uses two B+1 D channels.
    ❍ B. BRI ISDN uses 23 B+1 D channels.
    ❍ C. PRI ISDN uses two B+1 D channels.
    ❍ D. PRI ISDN uses 23 B+1 D channels.
A
  1. A, D. BRI ISDN uses two B+1 D channels, which are two 64Kbps data channels,
    and PRI ISDN uses 23 B+1 D channels. The D channel is 16Kbps for BRI and
    64Kbps for PRI.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
144
Q
  1. You have been hired to establish a WAN connection between two offices: one in
    Vancouver and one in Seattle. The transmission speed can be no less than
    2Mbps. Which of the following technologies could you choose?
    ❍ A. T1
    ❍ B. PSTN
    ❍ C. T3
    ❍ D. ISDN
A
  1. C. The only possible answer capable of transfer speeds above 2Mbps is a T3
    line. None of the other technologies listed can provide the transmission speed
    required.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
145
Q
  1. On an ISDN connection, what is the purpose of the D channel?
    ❍ A. It carries the data signals.
    ❍ B. It carries signaling information.
    ❍ C. It enables multiple channels to be combined to provide greater bandwidth.
    ❍ D. It provides a temporary overflow capacity for the other channels.
A
  1. B. The D channel on an ISDN link carries signaling information, whereas the B,
    or bearer, channels carry the data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
146
Q
6. Which of the following circuit-switching strategies does ATM use? (Choose the
two best answers.)
❍ A. SVC
❍ B. VCD
❍ C. PVC
❍ D. PCV
A
  1. A, C. ATM uses two types of circuit switching: PVC and SVC. VCD and PCV are
    not the names of switching methods.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
147
Q
  1. Due to recent cutbacks, your boss approaches you, demanding an alternative to
    the company’s costly dedicated T1 line. Only small amounts of data require
    transfer over the line. Which of the following are you likely to recommend?
    ❍ A. ISDN
    ❍ B. FDDI
    ❍ C. The PSTN
    ❍ D. X.25
A
  1. C. When little traffic will be sent over a line, the PSTN is the most cost-effective
    solution; although, it is limited to 56Kbps. All the other WAN connectivity methods
    accommodate large amounts of data and are expensive compared to the
    PSTN.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
148
Q
8. Which of the following technologies requires a logical connection between the
sending and receiving devices?
❍ A. Circuit switching
❍ B. Virtual-circuit packet switching
❍ C. Message switching
❍ D. High-density circuit switching
A
  1. B. When virtual-circuit switching is used, a logical connection is established
    between the source and the destination device.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
149
Q
  1. What is VHDSL commonly used for?
A
  1. VHDSL supports high-bandwidth applications such as VoIP and HDTV.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
150
Q
  1. True or False: DSL using regular phone lines transfers data over the same
    copper wire.
A
  1. True. DSL using regular phone lines transfers data over the same copper
    wire.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
151
Q
  1. What is the difference between a one-way and a two-way satellite
    system?
A
  1. A one-way satellite system requires a satellite card and a satellite dish
    installed at the end user’s site. This system works by sending outgoing
    requests on one link using a phone line, with inbound traffic returning on
    the satellite link. A two-way satellite system, on the other hand, provides
    data paths for both upstream and downstream data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
152
Q

The term _____ often refers to high-speed Internet access. Both DSL and cable modem are common ____ Internet technologies. ____ routers and ____ modems are network devices that support both DSL and cable.

A

broadband

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
153
Q

_____ is an Internet access method that uses a standard phone line to provide high-speed Internet access. It is most commonly associated with highspeed Internet access; because it is a relatively inexpensive Internet access, it is often found in homes and small businesses. With this type, a different frequency can be used for digital and analog signals, which means that you can talk on the phone while you upload data.

A

DSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
154
Q

For DSL services, two types of systems exist. They are:

A

Asymmetric Digital Subscriber

Line (ADSL) and High-Rate Digital Subscriber Line (HDSL).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
155
Q

___ provides a high data rate in only one direction. It enables fast download speeds
but significantly slower upload speeds. It is designed to work with existing analog telephone service (POTS) service. With fast download speeds, it is well suited for home-use Internet access where uploading large amounts of data isn’t a frequent task.

A

Asymmetric Digital Subscriber

Line (ADSL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
156
Q

___ provides a bidirectional high data rate service

that can accommodate services, such as videoconferencing, that require high data rates in both directions.

A

High-Rate Digital Subscriber Line (HDSL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
157
Q

A variant of HDSL is ____which provides an HDSL service at very high data transfer rates.

A

VHDSL (Very High-Rate Digital Subscriber Line),

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
158
Q

The ___, often considered a POTS, is the entire collection of interconnected telephone wires throughout the world. Discussions of the ___ include all the equipment that goes into connecting two points, such as the cable, the networking equipment, and the telephone exchanges.

A

The Public Switched Telephone Network

PSTN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
159
Q

EXAM ALERT:

If money is a major concern, the PSTN is the method of choice for creating a WAN.

A

If money is a major concern, the PSTN is the method of choice for creating a WAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
160
Q
  1. Which of the following technologies require dialup access? (Choose the two best
    answers.)
    ❍ A. FDDI
    ❍ B. ISDN
    ❍ C. Packet switching
    ❍ D. The PSTN
A
  1. B and D. Both the PSTN and ISDN require dialup connections to establish communication
    sessions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
161
Q
  1. Which of the following is an advantage of ISDN over the PSTN?
    ❍ A. ISDN is more reliable.
    ❍ B. ISDN is cheaper.
    ❍ C. ISDN is faster.
    ❍ D. ISDN uses 53Kbps fixed-length packets.
A
  1. C. One clear advantage that ISDN has over the PSTN is its speed. ISDN can
    combine 64Kbps channels for faster transmission speeds than the PSTN can
    provide. ISDN is no more or less reliable than the PSTN. ISDN is more expensive
    than the PSTN. Answer D describes ATM.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
162
Q
3. Which of the following technologies is known as a 3G transitional technology
that supports legacy architecture?
❍ A. HSPA+
❍ B. LTE
❍ C. WiMax
❍ D. PON
A
  1. A. HSPA+ (Evolved High Speed Packet Access) is known as a 3G transitional
    technology that supports legacy architecture.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
163
Q
4. What is the theoretical download speed possible with WiMax?
❍ A. 84Mbit/s
❍ B. 100Mbit/s
❍ C. 1Gbit/s
❍ D. 10Gbit/s
A
  1. C. The theoretical download speed possible with WiMax is 1Gbit/s. The speed
    possible with HSPA+ is 84Mbits/s, whereas that possible with LTE is 100Mbit/s.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
164
Q
5. Which of the following is the time lapse between sending or requesting information
and the time it takes to return?
❍ A. Echo
❍ B. Attenuation
❍ C. Bandwidth
❍ D. Latency
A
  1. D. Latency refers to the time lapse between sending or requesting information
    and the time it takes to return.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
165
Q
6. Which of the following provides public hotspots for wireless Internet access?
❍ A. WISP
❍ B. WASP
❍ C. WSP+
❍ D. WPST
A
  1. A. Wireless Internet access is provided by a Wireless Internet Service Provider
    (WISP). The WISP provides public wireless Internet access known as hotspots.
    Hotspots offer Internet access for mobile network devices such as laptops,
    handheld computers, and cell phones in airports, coffee shops, conference
    rooms, and so on.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
166
Q
7. What is the speed usually offered with dialup service?
❍ A. 1Gbps
❍ B. 256Kbps
❍ C. 144Kbps
❍ D. 56Kbps
A
  1. D. Almost without exception, ISPs offer 56Kbps access, the maximum possible
    under current standards.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
167
Q
  1. What is the difference between RJ-11 and RJ-45 connectors?
A
  1. RJ-11 connectors are used with standard phone lines and are similar in
    appearance to RJ-45 connectors used in networking. However, RJ-11
    connectors are smaller. RJ-45 connectors are used with UTP cabling.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
168
Q
  1. What are the two most common connectors used with fiber-optic cabling?
A
  1. Fiber-optic cabling uses a variety of connectors, but SC and ST are more
    commonly used than others. ST connectors offer a twist-type attachment,
    whereas SCs have a push-on connector. LC and MT-RJ are other types of
    fiber-optic connectors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
169
Q
  1. What are F-type connectors used for?
A
  1. F-type connectors are used to connect coaxial cable to devices such as
    Internet modems.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
170
Q
  1. What hardware is located at the demarcation point?
A
  1. The hardware at the demarcation point is the smart jack, also known as
    the Network Interface Device (NID).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
171
Q
  1. What is BPL?
A
  1. Broadband over Power Lines (BPL) enables electrical wiring to be used to
    build a network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
172
Q

_____ transmissions use digital signaling over a single wire. Communication on ______ transmissions is bidirectional,
allowing signals to be sent and received, but not at the same time.
To send multiple signals on a single cable, _____ uses something
called Time Division Multiplexing (TDM). TDM divides a single channel into time slots. The key thing about TDM is that it doesn’t change how ______ transmission works—only how data is placed on the cable.

A

Baseband

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
173
Q

In terms of LAN network standards, _____ transmissions use analog transmissions. For ______ transmissions to be sent and received, the medium must be split into two channels. (Alternatively, two cables can be used: one to send and one to receive transmissions.) Multiple channels are created using Frequency Division Multiplexing (FDM). FDM allows ___ media to accommodate traffic going in different directions on a single medium at the same time.

A

broadband

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
174
Q

______mode enables one-way communication of data through the network,
with the full bandwidth of the cable used for the transmitting signal.

A

Simplex mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
175
Q

accommodates transmitting
and receiving on the network, but not at the same time. Many networks
are configured for half-duplex communication.

A

half-duplex mode,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
176
Q

___can
simultaneously transmit and receive. This means that 100Mbps network
cards theoretically can transmit at 200Mbps

A

full-duplex

mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
177
Q

is a problem when cables are installed near electrical devices, such as air
conditioners or fluorescent light fixtures. If a network medium is placed close
enough to such a device, the signal within the cable might become corrupt.

A
electromagnetic interference
(EMI)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
178
Q

____refers to how the data signals
on two separate media interfere with each other. The result is that the
signal on both cables can become corrupt.

A

Crosstalk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
179
Q

____refers to the weakening of data signals as they travel through a
medium.

A

Attenuation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
180
Q

Data-grade cable that can transmit data up to 10Mbps with

a possible bandwidth of 16MHz.

A

Category 3:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
181
Q

Data-grade cable that has potential data throughput of

16Mbps.

A

Category 4:Category 4 cable is no longer used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
182
Q

Data-grade cable that typically was used with Fast Ethernet

operating at 100Mbps with a transmission range of 100 meters

A

Category 5:Although Category 5 was a popular media type, this cable is an outdated
standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
183
Q

Data-grade cable used on networks that run at

10/100Mbps and even up to 1000Mbps, can be used up to 100 meters, provides a minimum of 100MHz of bandwidth

A

Category 5e:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
184
Q

High-performance UTP cable that can transmit data up to
10Gbps. has a minimum of 250MHz of bandwidth and specifies
cable lengths up to 100 meters with 10/100/1000Mbps transfer,
along with 10Gbps over shorter distances.

A

Category 6:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
185
Q

Offers improvements by offering a minimum of 500MHz of bandwidth.

A

Category 6a:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
186
Q

Coax Cable Used to generate low-power video connections. cannot be used over long distances because of its high-frequency
power losses.

A

RG-59 /U

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
187
Q

Coax cable that Has a solid copper core. Used for radio communication and thin
Ethernet (10Base2).

A

RG-58 /U

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
188
Q

Coax cable that Has a stranded wire core. Used for radio communication and thin
Ethernet (10Base2).

A

RG-58 A/U

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
189
Q

Coax cable Used for military specifications.

A

RG-58 C/U

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
190
Q

Coax cable Often used for cable TV and cable modems.

A

RG-6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
191
Q

Ttypes of fiber optic cable where Many beams of light travel through the cable, bouncing
off the cable walls. This strategy actually weakens the signal, reducing
the length and speed at which the data signal can travel.

A

Multimode Fiber

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
192
Q

Type of fiber optic cable that Uses a single direct beam of light, thus allowing for
greater distances and increased transfer speeds.

A

Single-mode FIber

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
193
Q

EXAM ALERT! Cables run through the plenum must have two important characteristics: They must
be fire-resistant, and they must not produce toxic fumes if exposed to intense heat.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
194
Q

___ connectors are associated with coaxial media and 10Base2 networks

A

BNC Connectors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
195
Q

_____ connectors are small plastic connectors used on telephone
cables. They have capacity for six small pins. However, in many cases,
not all the pins are used.

A

RJ- (registered jack) 11

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
196
Q

____ connectors are used with twistedpair
cabling, the most prevalent network cable in use today. they support up to eight
wires.

A

RJ-45

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
197
Q

_____ are screw-on connections used to
attach coaxial cable to devices. This includes RG-59 and RG-6 cables.most commonly associated
with connecting Internet modems to cable or satellite Internet service
providers’ (ISPs’) equipment. also used to
connect to some proprietary peripherals. They have a “nut” on the connection that provides something to
grip as the connection is tightened by hand. If necessary, this nut can also be
lightly gripped with pliers to aid disconnection.

A

F- Type Connectors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
198
Q

Fiber connector that uses a half-twist
bayonet type of
lock.

A

ST Connector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
199
Q
Fiber connector that uses a
push-pull connector
similar to common
audio and video
plugs and sockets
A

SC Connector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
200
Q
\_\_\_\_ Fiber connectors have a
flange on top, similar
to an RJ-45 connector,
that aids secure
connection.
A

LC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
201
Q

___ fiber connector is a popular
connector for two
fibers in a very
small form factor.

A

MT-RJ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
202
Q

_____is a TIA/EIA standard for serial transmission
between computers and peripheral devices such as modems, mice, and keyboards. was introduced way back in the 1960s and is
still used today. However, peripheral devices are more commonly connected
using USB or wireless connections.

A

RS-232 (Recommended Standard 232)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
203
Q

_____ ports are now an extremely common sight on both
desktop and laptop computer systems. Like IEEE 1394, it is associated more with connecting consumer peripherals such as MP3 players and digital cameras than with networking. However, many manufacturers now make wireless network cards that plug directly into a ____ port. Most desktop and
laptop computers have between two and four ____ ports, but ____ hubs are
available that provide additional ports if required.

A

Universal Serial Bus (USB)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
204
Q

When you have two dissimilar types of network media, a _____ is
used to allow them to connect. Depending upon the conversion being done,
it can be a small device barely larger than the connectors themselves,
or a large device within a sizable chassis.

A

media converter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
205
Q
EXAM ALERT: Make sure you know that the possibilities listed here exist.
. Singlemode fiber to Ethernet
. Singlemode to multimode fiber
. Multimode fiber to Ethernet
. Fiber to Coaxial
A

KNOW THESE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
206
Q

___ and ___ are telecommunications standards from TIA and EIA. These
standards specify the pin arrangements for the RJ-45 connectors on UTP
or STP cables. The number ____refers to the order in which the wires within
the Category 5 cable are terminated and attached to the connector.

A

568A and 568B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
207
Q

Specifically, in a crossover cable, wires _ and _ and wires _ and _ are crossed.

A

1 and 3 and 2 and 6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
208
Q

EXAM ALERT: The crossover cable can be used to directly network two PCs without using a hub
or switch. This is done because the cable performs the function of the switch.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
209
Q

The ___ cable is a Cisco proprietary cable used to connect a computer system to a router or switch console port. It resembles an Ethernet UTP cable; however, it is not possible to use it on anything but
Cisco equipment.

A

rollover

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
210
Q

EXAM ALERT: Remember that the rollover cable is a proprietary cable used to connect a PC to a
Cisco router.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
211
Q

A ___ cable, also known as a plug, is used to test and isolate network problems. If made correctly, the it plug causes the link light on a device such as a network interface card (NIC) to come on.

A

loopback

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
212
Q

EXAM ALERT: Know a loopback cable is a basic troubleshooting tool.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
213
Q

in Network Cross-Connects, this section Connects client systems to the network

A

Horizontal cabling:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
214
Q

in Network Cross-Connects this Runs between floors to connect different
locations on the network.

A

Vertical (backbone) cabling:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
215
Q

in cable distribution: The location where outside cables
enter the building for distribution. This can include Internet and phone
cabling.

A

Vertical or main cross-connect:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
216
Q

in cable distribution: The location where the vertical and horizontal
connections meet.

A

Horizontal cross-connect:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
217
Q

in cable distribution:

A

Intermediate cross-connect: Typically used in larger networks.
Provides an intermediate cross-connect between the main and horizontal
cross-connects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
218
Q

The term ___ ___refers to the point where the cables running throughout
the network meet and are connected.

A

cross-connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
219
Q

A ___ ___ is a
freestanding or wall-mounted unit with a number of RJ-45 port connections
on the front. In a way, it looks like a wall-mounted hub without the light-emitting
diodes (LEDs). provides a connection point
between network equipment such as hubs and switches and the ports to which
PCs are connected, which normally are distributed throughout a building.

A

patch panel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
220
Q

Two main types of punchdown blocks are

A

type 66 and type 110

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
221
Q

Type ___ is an older design punchdown block used to connect wiring for telephone systems and other low-speed network systems

A

66

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
222
Q

Type ___ punchdown block is used to connect network cable. can also be used at the other end of the network
cable at the RJ-45 wall jack
to patch panels

A

110

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
223
Q

The main wiring closet for a network typically holds the majority of the network gear, including routers, switches, wiring, servers, and more. This is also typically the wiring closet where outside lines run into the network. This main wiring closet is known as the ___. One of the key components in the ___ is a primary patch panel. The network connector jacks attached to this patch panel lead out to the building for network connections.

A

Main Distribution Frame (MDF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
224
Q

In some networks, multiple wiring closets are used. When this is the case, connection to a secondary wiring closets, or IDFs using a backbone cable is used

A

Intermediate Distribution Frame

IDF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
225
Q

As you might imagine, you need some form of hardware at the demarcation point. This is the smart jack, also known as the ___ ___ ___. The smart jack performs several primary functions:

A

Network Interface Device (NID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
226
Q

Network Interface Device Function:
The___ is built into the smart jack.
Like the Ethernet loopback cable, it is used for testing purposes. In this case, the loopback feature enables remote testing so that technicians
do not always need to be called to visit the local network to isolate
problems.

A

loopback feature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
227
Q

Network Interface Device Function: The smart jack can amplify signals. This feature is similar to that of the function of repeaters in an Ethernet network.

A

Signal amplification:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
228
Q

Network Interface Device Function:
Lighting and other environmental conditions can
cause electrical surges that can quickly damage equipment. Many smart
jacks include protection from environmental situations.

A

surge protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
229
Q

Network Interface Device Function:
Smart jacks typically include an this that allows the owner to identify if something goes wrong with the smart jack and therefore the connections at the demarcation point.

A

Remote Alarms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
230
Q

acts as a translator

between the LAN data format and the WAN data format.

A

Channel Service Unit/Data Service Unit (CSU/DSU)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
231
Q

EXAM ALERT:
Traditionally, the CSU/DSU has been in a box separate from other networking
equipment. However, the increasing use of WAN links means that some router
manufacturers are now including CSU/DSU functionality in routers or are providing
the expansion capability to do so.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
232
Q
1. Which of following connectors is commonly used with fiber cabling?
❍ A. RJ-45
❍ B. BNC
❍ C. SC
❍ D. RJ-11
A
  1. C. SC connectors are used with fiber-optic cable. RJ-45 connectors are used
    with UTP cable, BNC is used for thin coax cable, and RJ-11 is used for regular
    phone connectors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
233
Q
2. Which of the following describes the loss of signal strength as a signal travels
through a particular medium?
❍ A. Attenuation
❍ B. Crosstalk
❍ C. EMI
❍ D. Chatter
A
  1. A. The term used to describe the loss of signal strength for media is attenuation.
    Crosstalk refers to the interference between two cables, EMI is electromagnetic
    interference, and chatter is not a valid media interference concern.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
234
Q
3. What kind of cable would you associate with an F-type connector?
❍ A. Fiber-optic
❍ B. UTP
❍ C. Coaxial
❍ D. STP
A
  1. C. F-type connectors are used with coaxial cables. They are not used with fiberoptic,
    Unshielded Twisted Pair (UTP), or Shielded Twisted Pair (STP) cabling.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
235
Q
  1. A user calls to report that he is experiencing periodic problems connecting to the
    network. Upon investigation, you find that the cable connecting the user’s PC to
    the switch is close to a fluorescent light fitting. What condition is most likely
    causing the problem?
    ❍ A. Crosstalk
    ❍ B. EMI
    ❍ C. Attenuation
    ❍ D. Faulty cable
A
  1. B. EMI is a type of interference that is often seen when cables run too close to
    electrical devices. Crosstalk is when two cables interfere with each other.
    Attenuation is a loss of signal strength. Answer D is incorrect also. It may be that
    a faulty cable is causing the problem. However, the question asked for the most
    likely cause. Because the cable is running near fluorescent lights, the problem is
    more likely associated with EMI.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
236
Q
5. Which of the following is not a type of fiber-optic connector used in network
implementations?
❍ A. MT-RJ
❍ B. SC
❍ C. BNC
❍ D. LC
A
  1. C. BNC is a connector type used with coaxial cabling. It is not used as a connector
    for fiber-optic cabling. MT-RJ, SC, and LC are all recognized types of
    fiber-optic connectors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
237
Q
6. Which of the following fiber connectors uses a twist-type connection method?
❍ A. ST
❍ B. SC
❍ C. BNC
❍ D. SA
A
  1. A. ST fiber connectors use a twist-type connection method. SC connectors
    use a push-type connection method. The other choices are not valid fiber
    connectors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
238
Q
7. Which Broadband over Power Lines standard exists for high-speed communication
devices?
❍ A. MLME
❍ B. IEEE 754
❍ C. IEEE 1901
❍ D. Wibree
A
  1. C. The IEEE 1901 standard applies to high-speed communication devices and
    Broadband over Power Lines (BPL). The other choices are not valid for
    Broadband over Power Lines.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
239
Q
8. In a crossover cable, which wire is wire 1 crossed with?
❍ A. 2
❍ B. 3
❍ C. 4
❍ D. 5
A
  1. B. In a crossover cable, wires 1 and 3 and wires 2 and 6 are crossed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
240
Q
9. What are the two main types of punchdown blocks? (Choose two.)
❍ A. 110
❍ B. 220
❍ C. 66
❍ D. 12
A
  1. A,C. The two main types of punchdown blocks are type 66 and type 110. Type
    66 is an older design used to connect wiring for telephone systems and other
    low-speed network systems and is not as widely used as type 110.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
241
Q
10. What device acts as a translator between the LAN data format and the WAN
data format?
❍ A. CSMA/CD
❍ B. T568B
❍ C. MTRJ
❍ D. CSU/DSU
A
  1. D. A Channel Service Unit/Data Service Unit (CSU/DSU) acts as a translator
    between the LAN data format and the WAN data format. Such a conversion is
    necessary because the technologies used on WAN links are different from those
    used on LANs.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
242
Q
  1. What are the characteristics/limitations of 1000BaseCX?
A
  1. 1000BaseCX offers 1000Mbps transfer speeds over shielded copper
    cable. Distances are restricted to 25 meters.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
243
Q
  1. Which IEEE standard defines 10Gbps networks?
A
  1. 10Gbps networks are defined by the IEEE 802.3ae standard.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
244
Q
  1. What type of connectors can be used with 100BaseTX networks?
A
  1. 100BaseTX networks use RJ-45 connectors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
245
Q

IEEE 802 Networking Standards: Standards for Interoperable LAN/MAN Security (SILS) (network
security)

A

802.10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
246
Q

IEEE 802 Networking Standards: Wireless networks

A

802.11

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
247
Q

IEEE 802 Networking Standards: 100Mbps technologies, including 100BaseVG-AnyLAN

A

802.12

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
248
Q

IEEE 802 Networking Standards:

Internetworking

A

802.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
249
Q

IEEE 802 Networking Standards: The LLC (Logical Link Control) sublayer. called Logical Link Control (LLC), manages data flow
control and error control for the other IEEE LAN standards

A

802.2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
250
Q

IEEE 802 Networking Standards: CSMA/CD (Carrier Sense Multiple Access with Collision Detection) for Ethernet networks. define a range of networking systems based on the
original Ethernet standard.

A

802.3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
251
Q

IEEE 802 Networking Standards: A token-passing bus

A

802.4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
252
Q

IEEE 802 Networking Standards: Token ring networks

A

802.5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
253
Q

IEEE 802 Networking Standards: Metropolitan area network (MAN)

A

802.6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
254
Q

IEEE 802 Networking Standards: Broadband Technical Advisory Group

A

802.7

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
255
Q

IEEE 802 Networking Standards: Fiber-Optic Technical Advisory Group

A

802.8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
256
Q

IEEE 802 Networking Standards: Integrated voice and data networks

A

802.9

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
257
Q

EXAM ALERT: A node is any device connected to the network. A node might be a client computer, server computer, printer, router, or gateway

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
258
Q
Know that collisions do occur with CSMA. You can detect them (CD) or attempt to
avoid them (CA).
A

ExamAlert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
259
Q

CSMA/CD is known as a contention media access method because systems contend
for access to the media.

A

ExamAlert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
260
Q

Know that CSMA/CA uses broadcasts.

A

ExamAlert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
261
Q

IEEE 802.3x Standard Characteristics:

___, also known as ____ enables you to use multiple channels at the same time to increase performance.

A

Bonding, also known as channel bonding,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
262
Q

IEEE 802.3x Standard Characteristics:

The term ___, which is the plural of ___, generically describes the methods by which data is transported from one point
to another. Common network ____ types include twisted-pair cable, coaxial
cable, infrared, radio frequency, and fiber-optic cable.

A

media, medium, media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
263
Q

Summary of ___ Characteristics:

Transmission method -Baseband
Speed -10Mbps
Total distance/segment- 100 meters
Cable type Category- 3, 4, 5, or 6 UTP or STP
Connector -RJ-45
A

10BaseT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
264
Q

Summary of 802.3u Fast Ethernet Characteristics

Transmission method-= Baseband
Speed=  100Mbps
Distance =100 meters
Cable type= Category UTP, STP
Connector type=  RJ-45
Which one is this?
A

100BaseTX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
265
Q

Summary of 802.3u Fast Ethernet Characteristics

Transmission method-= Baseband

Speed= 100Mbps

Distance =412 meters (multimode half duplex);
10,000 meters (single mode full duplex)

Cable type= Fiber-optic
Connector type= SC, ST
Which one is this?

A

100BaseFX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
266
Q

Which IEEE 802.3z Gigabit Ethernet Characteristics has:
Transmission method= Baseband
Speed= 1000Mbps
Distance= Half Duplex 275 (62.5 micron myltimode fiber); half duplex 316 (50 micron multimode fiber; full duplex 275 (62.5 micron multimode fiber); full duplex 550 (50 micron multimode fiber)
Cable Type= 62.5/125 and 50/125 multimode fiber
Connector type= fiber connectors

A

1000BaseSX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
267
Q

Which IEEE 802.3z Gigabit Ethernet Characteristics has:
Transmission method= Baseband
Speed= 1000Mbps
Distance= Hapf duplex 316 (multimode and single mode fiber); full duplex 550(multimode fiber); full duplex 5000 (single mode fiber)
Cable Type= 62.5/125 and 50/125 multimode fiber; two 10 micron single mode iptical fibers

A

1000BaseLX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
268
Q

Which IEEE 802.3z Gigabit Ethernet Characteristics has:
Transmission method= Baseband
Speed= 1000Mbps
Distance= 25 meters for both full and half duplex operations
Cable Type= Shielded copper cable
Connector Type= Nine pin shielded connector

A

1000BaseCX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
269
Q
Summary of \_\_\_\_ Characteristics:
Transmission method= Baseband
Speed =1000Mbps
Total distance/segment= 75 meters
Cable type= Category 5 or better
Connector type= RJ-45
A

1000BaseT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
270
Q

10 Gigabit Ethernet is defined in the IEEE 802.3ae standard.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
271
Q
Summary of 802.3an Characteristics:
Transmission method = Baseband
Speed = 10 gigabit
Total distance/segment = 100 meters Category 6a cable; 55 meters Category 6
cable
Cable type = Category 6, 6a UTP or STP
Connector = RJ-45
A

10GBaseT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
272
Q
  1. You troubleshoot a network using 1000BaseCX cable, and you suspect that the
    maximum length has been exceeded. What is the maximum length of
    1000BaseCX cable?
    ❍ A. 1,000 meters
    ❍ B. 100 meters
    ❍ C. 25 meters
    ❍ D. 10,000 meters
A
  1. C. The 1000BaseCX standard specifies Gigabit Ethernet transfer over Category 5
    UTP cable. It uses STP twisted-pair cable and has a 25-meter length restriction.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
273
Q
2. Which of the following 10 Gigabit Ethernet standards has the greatest maximum
transmission distance?
❍ A. 10GBaseSR
❍ B. 10GBaseER
❍ C. 10GBaseLR
❍ D. 10GBaseXR
A
  1. B. The 10GBaseER standard specifies a maximum transmission distance of
    40,000 meters. The 10GBaseSR standard specifies a maximum transmission
    distance of 300 meters, whereas 10GBaseLR specifies a maximum transmission
    distance of 10,000 meters. 10GBaseXR is not a recognized 10 Gigabit Ethernet
    standard.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
274
Q
  1. Your manager has asked you to specify a high-speed 10GbE link to provide connectivity
    between two buildings 3km from each other. Which of the following
    IEEE standards are you likely to recommend?
    ❍ A. 10GBaseLR
    ❍ B. 10GBaseSR
    ❍ C. 10GBaseT4
    ❍ D. 10GBaseFL
A
  1. A. 10GBaseLR can be used over distances up to 10km. 10GBaseSR can only be
    used up to a maximum distance of 300 meters. 10GBaseT4 and 10GBaseFL are
    not recognized 10-Gigabit Ethernet standards.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
275
Q
  1. In a 100BaseTX network environment, what is the maximum distance between
    the device and the networking equipment, assuming that no repeaters are used?
    ❍ A. 1,000 meters
    ❍ B. 100 meters
    ❍ C. 500 meters
    ❍ D. 185 meters
A
  1. B. 100BaseT networks use UTP cabling, which has a maximum cable length of
    100 meters. Answer A is incorrect because this distance could be achieved only
    with UTP cabling by using repeaters. Answer C specifies the maximum cable
    length for 10Base5 networks. Answer D specifies the maximum cable length for
    10Base2 networks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
276
Q
  1. What is the network name needed to connect to a wireless AP?
A
  1. SSID (Service Set Identifier).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
277
Q
  1. True or False: A wireless access point (AP) is both a transmitter and
    receiver (transceiver) device used for wireless LAN (WLAN) radio signals.
A
  1. True. A wireless access point (AP) is both a transmitter and receiver
    (transceiver) device used for wireless LAN (WLAN) radio signals.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
278
Q

An AP can operate as a bridge, connecting a standard wired network to wireless
devices, or as a router, passing data transmissions from one access point to
another.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
279
Q

____ is a network name needed to connect to a wireless AP.

A

Service Set Identifier (SSID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
280
Q

___ refers to a wireless network that uses a single

AP and one or more wireless clients connecting to the AP.

A

Basic Service Set (BSS)—

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
281
Q

____Refers to two or more connected BSSs
that use multiple APs. The ESS is used to create WLANs or larger
wireless networks and is a collection of APs and clients

A

Extended Service Set (ESS)—

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
282
Q

Although the terms
____ and SSID are used interchangeably, there is a difference between the two. SSID is the name used with BSS networks. ___ is the network name used with an ___ wireless network design. With an ___, not all APs necessarily use the same name.

A

Extended Service Set Identifier (ESSID)—

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
283
Q

The MAC address of the Basic Service Set (BSS) AP. The ___ is not to be confused with the SSID, which is the name of the wireless network.

A

Basic Service Set Identifier (BSSID)—

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
284
Q

When troubleshooting or designing wireless networks, the ___ is an important consideration. The ___ refers to the AP’s coverage area. The ___ for an AP depends on many factors, including the strength of the AP antenna, interference in the area, and whether an omnidirectional or directional antenna is used

A

Basic Service Area (BSA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
285
Q

When troubleshooting a wireless problem in Windows, you can use the ipconfig
command to see the status of IP configuration. Similarly, the ifconfig command
can be used in Linux. In addition, Linux users can use the iwconfig command to
view the state of your wireless network. Using iwconfig, you can view such
important information as the link quality, AP MAC address, data rate, and encryption
keys, which can be helpful in ensuring that the parameters in the network are
consistent.

A

EXAM ALERT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
286
Q

____ refers to the theoretical maximum of a wireless standard, such as
100Mbps.

A

Data rate refers to the theoretical maximum of a wireless standard, such as
100Mbps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
287
Q

___refers to the actual speeds achieved after all implementation
and interference factors.

A

Throughput

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
288
Q

____ ___ ___ are an important part of the wireless network because
it is their job to advertise the presence of the access point so that systems can
locate it.

A

Beacon Management Frames

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
289
Q

In ____ scanning: The client system listens for the beacon frames to
discover the AP. After it is detected, the beacon frame provides the
information necessary for the system to access the AP.

A

Passive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
290
Q

in ____ scanning: The client station transmits another type of management frame known as a probe request. The probe request goes out from the client system, looking for a specific SSID or any SSID within its area. After the probe request is sent, all APs in the area with the same SSID reply with another frame, the probe response. The information contained in the probe response is the same information included with the beacon frame. This information enables the client to access the system.

A

Active

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
291
Q

______ spectrum refers to the manner in which data signals travel through a radio frequency. With ___ spectrum, data does not travel straight through a single RF band; this type of transmission is known as narrowband transmission. ____ spectrum, on the other hand, requires that data signals either alternate between carrier frequencies or constantly change their data pattern. Although the shortest distance between two points is a straight line (narrowband), ____ spectrum is designed to trade bandwidth efficiency for reliability, integrity, and security. ___-spectrum signal strategies use more bandwidth than in the case of narrowband transmission, but the trade-off is a data signal that is clearer and easier to detect.

A

Spread

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
292
Q

The two types of spread-spectrum radio

are ____ ____ and ____ ____.

A

frequency hopping, direct sequence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
293
Q

_____requires the use of narrowband signals that change frequencies in a predictable pattern. The term refers to data signals hopping
between narrow channels.

A

frequency hopping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
294
Q

With _____ transmissions, the signal is spread over a full transmission frequency spectrum. For every bit of data sent, a redundant bit pattern is also sent. This 32-bit pattern is called a chip. These redundant bits of data provide both security and delivery assurance. The reason transmissions are so safe and reliable is simply because the system sends so many redundant copies of the data, and only a single copy is required to have complete transmission of the data or information. ____ can minimize the effects of interference and background
noise.

A

Direct-Sequence Spread-Spectrum (DSSS)

Technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
295
Q

When a single AP is connected to the wired network and to a set of wireless stations,
it is called a Basic Service Set (BSS). An Extended Service Set (ESS)
describes the use of multiple BSSs that form a single subnetwork. Ad hoc mode is
sometimes called an Independent Basic Service Set (IBSS).

A

ExamAlert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
296
Q

The ______ process occurs when a wireless adapter is turned on. The client adapter immediately begins scanning the wireless frequencies for wireless APs or, if using ad hoc mode, other wireless devices. When the wireless client is configured to operate in infrastructure mode, the user can choose a
wireless AP with which to connect. This process may also be automatic, with the AP selection based on the SSID, signal strength, and frame error rate. Finally, the wireless adapter switches to the assigned channel of the selected wireless AP and negotiates the use of a port.

A

association

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
297
Q

If at any point the signal between the devices drops below an acceptable level, or if the signal becomes unavailable for any reason, the wireless adapter initiates another scan, looking for an AP with stronger signals. When the new AP is located, the wireless adapter selects it and associates with it. This is known
as ______.

A

reassociation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
298
Q

The 802.11 standards enable a wireless client to roam between multiple APs. An AP transmits a beacon signal every so many milliseconds. It includes a time stamp for client synchronization and an indication of supported data rates. A client system uses the beacon message to identify the strength of the existing connection to an AP. If the connection is too weak, the roaming client attempts to associate itself with a new AP. This enables the client system to roam between distances and APs.

A

ExamAlert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
299
Q
1. Which of the following wireless protocols operate at 2.4GHz? (Select two.)
❍ A. 802.11a
❍ B. 802.11b
❍ C. 802.11g
❍ D. 802.11n
A
  1. B, C, and D. Wireless standards specify an RF range on which communications
    are sent. The 802.11b and 802.11g standards use the 2.4GHz range. 802.11a
    uses the 5GHz range. 802.11n can operate at 2.4GHz and 5GHz. For more information,
    see the section “802.11 Wireless Standards.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
300
Q
  1. Under what circumstance would you change the default channel on an access
    point?
    ❍ A. When channel overlap occurs between access points
    ❍ B. To release and renew the SSID
    ❍ C. To increase WEP security settings
    ❍ D. To decrease WEP security settings
A
  1. A. Ordinarily, the default channel used with a wireless device is adequate; however,
    you might need to change the channel if overlap occurs with another nearby
    access point. The channel should be changed to another, nonoverlapping
    channel. Changing the channel would not impact the WEP security settings. For
    more information, see the section “Wireless Radio Channels.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
301
Q
  1. A client on your network has had no problems accessing the wireless network in
    the past, but recently she moved to a new office. Since the move she cannot
    access the network. Which of the following is most likely the cause of the
    problem?
    ❍ A. The SSIDs on the client and the AP are different.
    ❍ B. The SSID has been erased.
    ❍ C. The client has incorrect WEP settings.
    ❍ D. The client system has moved too far from the access point.
A
  1. D. An AP has a limited distance that it can send data transmissions. When a client
    system moves out of range, it can’t access the AP. Many strategies exist to increase
    transmission distances, including RF repeaters, amplifiers, and buying more powerful
    antennas. The problem is not likely related to the SSID or WEP settings because
    the client had access to the network before, and no settings were changed. For
    more information, see the section “Wireless Troubleshooting Checklist.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
302
Q
  1. What is the access method employed by the 802.11 wireless standards?
A
  1. All the 802.11 wireless standards employ the CSMA/CA access method.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
303
Q
  1. What technology can be considered the biggest development for 802.11n
    and the key to the new speeds?
A
  1. Multiple input multiple output (MIMO) antenna technology is the biggest
    development for 802.11n and the key to the new speeds.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
304
Q

____ uses multiplexing to increase the range
and speed of wireless networking. Multiplexing is a technique that combines
multiple signals for transmission over a single line or medium.

A

multiple input multiple output (MIMO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
305
Q
  1. You are installing a wireless network solution, and you require a standard that
    can operate using either 2.4GHz or 5GHz frequencies. Which of the following
    standards would you choose?
    ❍ A. 802.11a
    ❍ B. 802.11b
    ❍ C. 802.11g
    ❍ D. 802.11n
A
  1. D. The IEEE standard 802.11n can use either the 2.4GHz or 5GHz radio frequencies.
    802.11a uses 5GHz, and 802.11b and 802.11g use 2.4GHz. For more information,
    see the section “802.11 Wireless Standards.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
306
Q
  1. You are installing a wireless network solution that uses a feature known as
    MIMO. Which wireless networking standard are you using?
    ❍ A. 802.11a
    ❍ B. 802.11b
    ❍ C. 802.11g
    ❍ D. 802.11n
A
  1. D. MIMO is used by the 802.11n standard and takes advantage of multiplexing
    to increase the range and speed of wireless networking. Multiplexing is a technique
    that combines multiple signals for transmission over a single line or medium.
    MIMO enables the transmission of multiple data streams traveling on different
    antennas in the same channel at the same time. A receiver reconstructs the
    streams, which have multiple antennas. For more information, see the section
    “The Magic Behind 802.11n.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
307
Q
  1. What does WPA use to scramble encryption keys using a hashing
    algorithm?
A
  1. WPA uses a temporal key integrity protocol (TKIP), which scrambles
    encryption keys using a hashing algorithm.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
308
Q
  1. WPA2 uses CCMP. What is the strength of CCMP in terms of bits?
A
  1. CCMP uses 128-bit AES encryption with a 48-bit initialization vector.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
309
Q

Always equate WPA Enterprise with 802.1X: For exam purposes, the two are
synonymous.

A

ExamAlert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
310
Q
1. You are asked to configure the security settings for a new wireless network. You
want the setting that offers the greatest level of security. Which of the following
would you choose?
❍ A. WEP-Open
❍ B. WEP-Closed
❍ C. WEP-Shared
❍ D. WEP-Unshared
2.
A
  1. C. Both WEP-Open and WEP-Shared are forms of wireless security. WEP-Open
    is the simpler of the two authentication methods because it does not perform
    any type of client verification. It is a weak form of authentication because no
    proof of identity is required. WEP-Shared requires that a WEP key be configured
    on both the client system and the access point. This makes authentication with
    WEP-Shared mandatory and therefore more secure for wireless transmission.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
311
Q
  1. Which of the following best describes 802.1X?
    ❍ A. A port-based access control
    ❍ B. A wireless standard specifying 11Mbps data transfer
    ❍ C. A wireless standard specifying 54Mbps data transfer
    ❍ D. An integrity-based access control
A
  1. A. 802.1X is an IEEE standard specifying port-based network access control.
    Port-based network access control uses the physical characteristics of a
    switched local area network (LAN) infrastructure to authenticate devices
    attached to a LAN port and to prevent access to that port in cases where the
    authentication process fails. For more information, see the section “WPA
    Enterprise.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
312
Q
  1. In the 802.1X security framework, which of the following best describes the role
    of the supplicant?
    ❍ A. Authenticating usernames and passwords
    ❍ B. Encrypting usernames and passwords
    ❍ C. The system or node requesting access and authentication to a network
    resource
    ❍ D. A control mechanism that allows or denies traffic that wants to pass
    through a port
A
  1. C. The 802.1X security framework has three main components. The supplicant is
    the system or node requesting access and authentication to a network resource.
    The authenticator usually is a switch or AP that acts as a control mechanism,
    allowing or denying traffic that wants to pass through a port. Finally, the authentication
    server validates the credentials of the supplicant that is trying to access
    the network or resource. For more information, see the section “WPA
    Enterprise.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
313
Q
  1. You have noticed that connections between nodes on one network are
    inconsistent and suspect there may be another network using the same
    channel. What should you try first?
A
  1. If connections are inconsistent, try changing the channel to another,
    nonoverlapping channel.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
314
Q
  1. True or False: Weather conditions should not have a noticeable impact on
    wireless signal integrity.
A
  1. False. Weather conditions can have a huge impact on wireless signal
    integrity.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
315
Q
  1. You purchase a new wireless access point that uses no WEP security by default.
    You change the security settings to use 128-bit encryption. How must the client
    systems be configured?
    ❍ A. All client systems must be set to 128-bit encryption.
    ❍ B. The client system inherits security settings from the AP.
    ❍ C. WEP does not support 128-bit encryption.
    ❍ D. The client WEP settings must be set to autodetect.
A
  1. A. On a wireless connection between an access point and the client, each system
    must be configured to use the same WEP security settings. In this case,
    they must both be configured to use 128-bit encryption. For more information,
    see the section “Wireless Troubleshooting Checklist.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
316
Q
  1. You experience connectivity problems with your SOHO network. What can you
    change in an attempt to solve this problem?
    ❍ A. Shorten the SSID.
    ❍ B. Remove all encryption.
    ❍ C. Lower the transfer rate.
    ❍ D. Raise the transfer rate.
A
  1. C. If you experience connectivity problems between wireless devices, try using
    the lower transfer rate in a fixed mode to achieve a more stable connection. For
    example, you can manually choose the wireless transfer rate. The higher the
    transfer rate, the shorter the connection distance. For more information, see the
    section “Wireless Troubleshooting Checklist.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
317
Q
  1. Which network topology focuses on the direction in which data flows within
    the physical environment?
A
  1. The logical network refers to the direction in which data flows on the network
    within the physical topology. The logical diagram is not intended to focus on
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
318
Q
  1. In computing, what are historical readings used as a measurement for
    future calculations referred to as?
A
  1. Keeping and reviewing baselines is an essential part of the administrator’s role.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
319
Q
  1. True or False: Both logical and physical network diagrams provide an
    overview of the network layout and function.
A
  1. True. Both logical and physical network diagrams provide an overview of
    the network layout and function.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
320
Q

WhAt type of information should be included i network documentation?

A

Wiring layout, server configuration, network equipment, key applications, detailed account of network services, and network procedures.

321
Q

The _____ topology refers to how a network is physically constructed—how it looks. The _____ topology refers to how a network looks to the devices that use it—how it functions.

A

physical, logical

322
Q

The physical documentation of the network should include:

A

Cabling information, servers, network devices, wode area network, user information

323
Q

In simple terms, a _____ is a measure of performance that indicates how hard the network is working and where network resources are spent.

A

baseline

324
Q

Remember that baselines need to be taken periodically and under the same conditions to be effective. They are used to compare current performance with past performance to help determine if the network is functioning properly or if
troubleshooting is required.

A

ExamAlert

325
Q

Though often used interchangeably; however, there
is a difference. As mentioned, ______ are written by an organization for its employees. ______ are actual legal restrictions with legal consequences.

A

policies; Regulations

326
Q

For the exam and for real-life networking, remember that regulations often are
enforceable by law.

A

ExamAlert

327
Q
  1. What can be used to capture network data?
A
  1. Packet sniffers can be used by both administrators and hackers to capture
    network data.
328
Q
  1. True or False: Port scanners detect open and often unsecured ports.
A
  1. True. Port scanners detect open and often unsecured ports.
329
Q

_____ _____ are commonly used on networks. They are either a hardware device or software that basically eavesdrops on transmissions traveling throughout the network. They quietly capture data and save it to be reviewed later. They can also be used on the Internet to capture data traveling between computers.

A

Packet sniffers

330
Q

WHat are two key defenses to use againts packet sniffers?

A

Use a switched network and ensure that all sensitive data is encrypted as it travles.

331
Q

In the networking world, _____ refers to the rate of data delivery over a communication channel.

A

throughput

332
Q

_____ testers test the rate of data

delivery over a network.

A

throughput

333
Q

______ refers to the maximum

amount of information that can be sent through a particular medium under ideal conditions.

A

Bandwidth

334
Q

Be sure you know the difference between throughput and bandwidth.

A

ExamAlert

335
Q

___ ___are software-based security utilities designed to search a network host for open ports on a TCP/IP-based network.

A

Port scanners

336
Q

The quickest way to get an overview of the ports used by the system and their status is to issue the ___ ___command from the command line.

A

netstat -a

337
Q

Administrators use the detailed information revealed from a port scan to ensure network security. Port scans identify closed, open, and listening ports. However, port scanners also can be used by people who want to compromise security by finding open and unguarded ports.

A

ExamAlert

338
Q

The goal of performance testing is to establish baselines for the comparison of network functioning. The results of a performance test are meaningless unless you can compare them to previously documented performance levels.

A

ExamAlert

339
Q

Performance tests are about network functioning today. Load tests look forward to
see if performance may be hindered in the future by growth or other changes to the
network.

A

ExamAlert

340
Q

Windows server and desktop systems such as Windows 7/Vista/XP and 2000 use ___ ___ to view many of the key log files. The logs in this can be used to find information on, for example, an error on the system or a security incident.

A

Event Viewer

341
Q

A system’s ____ log contains events related to incidents such as
successful and unsuccessful logon attempts and failed resource access. They can be customized, meaning that administrators can fine-tune exactly what they want to monitor. Some administrators choose to track nearly every event of this type on the system.

A

security

342
Q

This log contains information logged by applications that run on a particular
system rather than the operating system itself. Vendors of third-party applications can use the___ log as a destination for error messages generated by their applications. This log works in much the same way as the security log. It tracks both successful events and failed events within applications.

A

application

343
Q

____ logs record information about components or drivers in the system. This is the place to look when you’re troubleshooting a problem with a hardware device on your system or a problem with network connectivity. It’s also the place to look for hardware device errors, time synchronization issues, or service startup problems.

A

System

344
Q

In addition to the specific logs mentioned previously, most UNIX/Linuxbased systems include the capability to write messages (either directly or through applications) to log files via _____. This can be done for security or management reasons and provides a central means by which devices that otherwise could not write to a central repository can easily do so (often by using the logger utility).

A

syslog

345
Q

____ logs are most often associated with the tracking of Internet surfing habits. They maintain a record of all sites that a user visits. Network administrators might review these for potential security or policy breaches, but generally these are not commonly reviewed.

A

History

346
Q

___ ___ describes the process of managing large volumes of system-generated computer log files. It includes the collection,
retention, and disposal of all system logs. Although it can be a huge task, it is essential to ensure the proper functioning of the network and its applications. It also helps you keep an eye on network and system security.

A

Log Management (LM)

347
Q
  1. Which of the following involves pushing the network beyond its limits, often taking
    down the network to test its limits and recovery procedures?
    ❍ A. Crash and burn
    ❍ B. Stress test
    ❍ C. Recovery test
    ❍ D. Load test
A
  1. B. Whereas load tests do not try to break the system under intense pressure,
    stress tests sometimes do. Stress testing has two goals. The first is to see
    exactly what the network can handle. It’s useful to know the network’s breaking
    point in case the network ever needs to be expanded. Secondly, stress testing
    allows administrators to test their backup and recovery procedures.
348
Q
  1. You suspect that an intruder has gained access to your network. You want to
    see how many failed logon attempts there were in one day to help determine
    how the person got in. Which of the following might you do?
    ❍ A. Review the history logs.
    ❍ B. Review the security logs.
    ❍ C. Review the logon logs.
    ❍ D. Review the performance logs.
A
  1. B. The security logs can be configured to show failed or successful logon
    attempts as well as object access attempts. In this case, the administrator can
    review the security logs and failed logon attempts to get the desired information.
    The failed logs will show the date and time when the failed attempts occurred.
349
Q
3. Which utility can be used to write syslog entries on a Linux-based operating
system?
❍ A. memo
❍ B. record
❍ C. logger
❍ D. trace
A
  1. C. The syslog feature exists in most UNIX/Linux-based distributions and entries
    can be written using logger. The other options are not possibilities for writing
    syslog entries.
350
Q
4. Which of the following is not a standard component of an entry in a Windowsbased
security log?
❍ A. Event ID
❍ B. Date
❍ C. Computer
❍ D. Domain
❍ E. User
A
  1. D. The standard components of an entry in a Windows-based security log
    include the date, time, user, computer, and Event ID. The domain is not a standard
    component of a log entry.
351
Q
  1. You have just used a port scanner for the first time. On one port, it reports that a
    process is listening on that port and access to this port will likely be denied.
    Which state is the port most likely to be considered to be in?
    ❍ A. Listening
    ❍ B. Closed
    ❍ C. Filtered
    ❍ D. Blocked
A
  1. B. When a port is closed, no process is listening on that port and access to this
    port will likely be denied. When the port is Open/Listening, the host sends a
    reply indicating that a service is listening on the port. When the port is Filtered or
    Blocked, there is no reply from the host, meaning that the port is not listening or
    the port is secured and filtered.
352
Q
  1. What tools are used to attach twisted-pair network cable to connectors
    within a patch panel?
A
  1. Punchdown tools are used to attach twisted-pair network cable to connectors
    within a patch panel.
353
Q
  1. What are the two parts of a toner probe?
A
  1. A toner probe has two parts: the tone generator, or toner, and the tone
    locator, or probe.
354
Q

Basically, a ___ ___ is a tool that you use to attach media connectors to the ends of
cables.

A

wire crimpers

355
Q

___ ___ are tools designed to cleanly cut the cable.

A

Wire snips

356
Q

___ ___are designed to cleanly remove the sheathing

from wire to make sure a clean contact can be made.

A

wire strippers

357
Q

Punchdown tools are used to attach twisted-pair network cable to connectors within
a patch panel. Specifically, they connect twisted-pair wires to the insulation displacement
connector (IDC).

A

ExamAlert

358
Q

___ ___ ___ is used to monitor the quality
of power used on the network or by network hardware. You plug it into a wall socket, and it finds potential power-related concerns such as power sags, spikes, surges, or other power variations. The administrator then reviews the recorder’s findings. Such power irregularities can cause problems for hardware and, in the case of serious spikes, can destroy hardware.

A

Voltage Event Recorder

359
Q

In use, ___ ___ help diagnose computer networking problems, alert you to unused protocols, identify unwanted or malicious network traffic, and help isolate network traffic-related problems.

A

protocol analyzers

360
Q

___ ___ ___ is a device used to send a signal through
a particular medium to check the cable’s continuity. They can locate many types of cabling faults, such as a severed sheath, damaged conductors, faulty crimps, shorts, loose connectors, and more. Although network administrators will not need to use a tool such as this every day, it could significantly help in the troubleshooting process. They help ensure that data sent across the network is not interrupted by poor cabling that may cause
faults in data delivery.

A

time domain reflectometer (TDR)

361
Q

Ascertaining whether a signal reaches the other end of a fiber-optic cable is relatively easy, but when you determine that there is a break, the problem becomes locating the break. That’s when you need a tool called an __ __ __ __

A

optical time domain reflectometer (OTDR).

362
Q

A basic ____ combines several electrical meters into a single unit that can measure voltage, current, and resistance. Advanced models can also measure temperature.

A

multimeter

363
Q

A ___ ___ ___ gives administrators a quick glance at the network’s bandwidth and whether its current configuration can grow to support VoIP or Gigabit Ethernet, for example.

A

Network Qualification Tester

364
Q

Network qualification testers enable administrators to identify the current speeds the network cabling can support and to isolate cabling from network problems.

A

ExamAlert

365
Q

A ___ ___enables the administrator or technician to
butt into a communication line and use it. In the case of a phone line, a technician can use the line normally—that is, make a call, answer a call, or listen in to a call.

A

butt set

366
Q

The intent of a ___ ___ is to reveal Wi-Fi hot spots and detect wireless network access with LED visual feedback. Such devices can be configured
to scan specific frequencies.

A

Wi-Fi Detector

367
Q
1. You recently installed a new server in a wiring closet. The server shuts down periodically; you suspect power-related problems. Which of the following tools might you use to isolate a power problem?
❍ A. Voltage multimeter
❍ B. Voltage regulator
❍ C. Voltage monitor
❍ D. Voltage event recorder
A
  1. D. Voltage event recorders are used to monitor the quality of power used on the
    network or by network hardware. Voltage event recorders identify potential
    power-related concerns such as power sags, spikes, surges, and other power
    variations.
368
Q
2. While you were away, an air conditioning unit malfunctioned in a server room, and some equipment overheated. Which of the following would have alerted you
to the problem?
❍ A. Multimeter
❍ B. Environmental monitor
❍ C. TDR
❍ D. OTDR
A
  1. B. Environmental monitors are used in server and network equipment rooms to
    ensure that the temperature does not fluctuate too greatly. In the case of a failed
    air conditioner, the administrator is alerted to the drastic changes in temperature.
    Multimeters, TDRs, and OTDRs are used to work with copper-based media.
369
Q
3. What tool would you use when working with an IDC?
❍ A. Wire crimper
❍ B. Media tester
❍ C. OTDR
❍ D. Punchdown tool
A
  1. D. You use a punchdown tool when working with an IDC. All the other tools are
    associated with making and troubleshooting cables; they are not associated with
    IDCs.
370
Q
4. As a network administrator, you work in a wiring closet where none of the cables have been labeled. Which of the following tools are you most likely to use to
locate the physical ends of the cable?
❍ A. Toner probe
❍ B. Wire crimper
❍ C. Punchdown tool
❍ D. ping
A
  1. A. The toner probe tool, along with the tone locator, can be used to trace cables.
    Crimpers and punchdown tools are not used to locate a cable. The ping utility
    would be of no help in this situation.
371
Q
  1. You are installing a new system into an existing star network, and you need a cable that is 45 feet long. Your local vendor does not stock cables of this length,
    so you are forced to make your own. Which of the following tools do you need to complete the task?
    ❍ A. Optical tester
    ❍ B. Punchdown tool
    ❍ C. Crimper
    ❍ D. UTP splicer
A
  1. C. When attaching RJ-45 connectors to UTP cables, the wire crimper is the tool
    you use. None of the other tools listed are used in the construction of UTP
    cable.
372
Q

What does IDC stand for?

A

Insulation displacement connector

373
Q
  1. What TCP/IP command can be used to troubleshoot DNS problems?
A
  1. The nslookup command is a TCP/IP diagnostic tool used to troubleshoot
    DNS problems. On Linux, UNIX, and Macintosh systems, you
    can also use the dig command for the same purpose.
374
Q
  1. What is the Linux, Macintosh, and UNIX equivalent of the ipconfig
    command?
A
  1. The ifconfig command is the Linux, Macintosh, and UNIX equivalent
    of the ipconfig command.
375
Q
  1. What utility is the part of the TCP/IP suite and has the function of resolving
    IP addresses to MAC addresses?
A
  1. The function of arp is to resolve IP addresses to MAC addresses.
376
Q

This is Used to track the path a packet takes as it travels across a network. ____ is used on Windows systems; ____ is used on UNIX, Linux, and Macintosh systems.

A

tracert; traceroute

377
Q

____ is Used to test connectivity between two devices on a network.

A

ping

378
Q

___ is Used to view and work with the IP address to MAC

address resolution cache.

A

address resolution protocol (ARP)

379
Q

___ ___ Uses ARP to test connectivity between systems rather
than using Internet Control Message Protocol (ICMP), as
done with a regular ping.

A

address resolution protocol (arp) ping

380
Q

___ is Used to view the current TCP/IP connections on a system.

A

network statistics (netstat)

381
Q

____ is Used to view statistics related to NetBIOS name resolution and to see information about current NetBIOS over TCP/IP connections.

A

netbios statistics (nbstat)

382
Q

____ is Used to view and renew TCP/IP configuration on a

Windows system.

A

ipconfig

383
Q

____ is Used to view TCP/IP configuration on a UNIX, Linux, or
Macintosh system.

A

interface configuration (ifconfig)

384
Q

Used to perform manual DNS lookups. ____ can be
used on Windows, UNIX, Macintosh, and Linux systems.
While ____ is the command that can be used on UNIX, Linux, and Macintosh
systems.

A

name server lookup (nslookup); domain information groper (dig)

385
Q

____ is Used on Linux/UNIX systems to perform a reverse lookup on an IP address.

A

host

386
Q

___ is Used to view and configure the routes in the routing table.

A

route

387
Q

What does ICMP stand for

A

Internet control message protocol

388
Q

ping Command Switches:

Pings a device on the network until stopped

A

ping -t

389
Q

ping Command Switches:

Resolves addresses to hostnames

A

ping -a

390
Q

ping Command Switches:

Specifies the number of echo requests to send

A

ping -n count

391
Q

ping Command Switches:

Records the route for count hops

A

ping -r count

392
Q

ping Command Switches:

Timestamp for count hops

A

ping -s count

393
Q

ping Command Switches:

Timeout in milliseconds to wait for each reply

A

ping -w timeout

394
Q

The ___ ___ ___ error message means that a route to the destination computer system cannot be found. To remedy this problem, you might need to examine the routing information on the local host to confirm that the local host is correctly configured, or you might need to make sure that the default gateway information is correct.

A

Destination host unreachable

395
Q

The___ ___ ___ error message is common when you use the ping command. Essentially, this error message indicates that your host did not receive the ping message back from the destination device within the designated time period. Assuming that the network connectivity is okay on your
system, this typically indicates that the destination device is not connected to the network, is powered off, or is not correctly configured. It could also mean that some intermediate device is not operating correctly. In some rare cases, it
can also indicate that the network has so much congestion that timely delivery of the ping message could not be completed. It might also mean that the ping is being sent to an invalid IP address or that the system is not on the same network as the remote host, and an intermediary device is not correctly configured.

A

Request timed out

396
Q

The ___ ___error message is generated when the hostname of the destination computer cannot be resolved. This error usually occurs when you ping an incorrect hostname, as shown in the following example, or try to use ping with a hostname when hostname resolution (via DNS or a HOSTS text file) is not configured:

A

Unknown host

397
Q

The ___ ___ ___ is a key consideration in understanding the ping
command. The function of this is to prevent circular routing, which
occurs when a ping request keeps looping through a series of hosts. It
counts each hop along the way toward its destination device. Each time it
counts one hop, the hop is subtracted from the ___ ___ ___.

A

Time To Live (TTL)pingt

398
Q

___ ___ ___is used to resolve IP addresses to MAC
addresses. This is significant because on a network, devices find each other using the IP address, but communication between devices requires the MAC address. (Remember that the function of this is to resolve IP addresses to Layer 2 or MAC addresses.)!!!

A

Address Resolution Protocol (ARP)

399
Q

ARP command switches:

Displays both the IP and MAC addresses and whether they are dynamic or static entries

A

-a or -g

400
Q

ARP command switches:

Specifies a specific Internet address

A

inet_addr

401
Q

ARP command switches:

Displays the ARP entries for a specified network interface

A

-N if_addr

402
Q

ARP command switches:

Specifies a MAC address

A

eth_addr

403
Q

ARP command switches:

Specifies an Internet address

A

if_addr

404
Q

ARP command switches:

Deletes an entry from the ARP cache

A

-d

405
Q

ARP command switches:

Adds a static permanent address to the ARP cache

A

-s

406
Q

One type of attack is called an ICMP flood attack (also known as a ping attack).
The attacker sends continuous ping packets to a server or network system, eventually
tying up that system’s resources, making it unable to respond to requests from
other systems.

A

ExamAlert

407
Q

netstat Switches commands:

Specifies how long to wait before redisplaying statistics

A

interval

408
Q

netstat Switches commands:

Displays the current connections and listening ports. displays statistics for both TCP and User Datagram Protocol (UDP).

A

-a

409
Q

netstat Switches commands:

Displays Ethernet statistics. command shows the activity for the NIC and displays the number of packets that have been both sent and received.

A

-e

410
Q

netstat Switches commands:

Lists addresses and port numbers in numeric form

A

-n

411
Q

netstat Switches commands:

Shows connections for the specified protocol

A

-p

412
Q

netstat Switches commands:

Shows the routing table. used to view a system’s routing table. A
system uses a routing table to determine routing information for TCP/IP traffic.

A

-r

413
Q

netstat Switches commands:

Lists per-protocol statistics. displays a number of statistics related to the
TCP/IP protocol suite

A

-s

414
Q

The netstat and route print commands can be used to show the routing
table on a local or remote system.

A

ExamAlert

415
Q

The ____ utility is used to show the port activity for both TCP and UDP connections, showing the inbound and outbound connections.

A

netstat

416
Q

The netstat -r command output shows the same information as the output
from the route print command.

A

ExamAlert

417
Q

The ____ utility is used to view protocol statistics and information for NetBIOS over TCP/IP connections ___is commonly used to troubleshoot NetBIOS name resolution problems. Because ___ resolves NetBIOS names, it’s available only on Windows systems.

A

nbtstat

418
Q

nbtstat Switches commands:

Sends Name Release packets to WINS and then
starts Refresh.

A

nbtstat -RR (ReleaseRefresh)

419
Q

nbtstat Switches commands:

Remote host machine name.

A

nbtstat RemoteName

420
Q

nbtstat Switches commands:

Dotted-decimal representation of the IP address.

A

nbtstat IP address

421
Q

nbtstat Switches commands:

Redisplays selected statistics, pausing interval
seconds between each display. Press Ctrl+C to
stop redisplaying statistics.

A

nbtstat interval

422
Q

nbtstat Switches commands:

Adapter status) Outputs the NetBIOS name table
and MAC addresses of the card for the specified
computer.

A

nbtstat -a

423
Q

nbtstat Switches commands:

(Adapter status) Lists the remote machine’s name
table given its IP address.

A

nbtstat -A (IP address)

424
Q

nbtstat Switches commands:

Lists the contents of the NetBIOS name cache.

A

nbtstat -c (cache)

425
Q

nbtstat Switches commands:

Lists local NetBIOS names.

A

nbtstat -n (names)

426
Q

nbtstat Switches commands:

Lists names resolved by broadcast or WINS.

A

nbtstat -r (resolved)

427
Q

nbtstat Switches commands:

Purges and reloads the remote cache name table.

A

nbtstat -R (Reload)

428
Q

nbtstat Switches commands:

Summarizes the current NetBIOS sessions and
their status.

A

nbtstat -S (Sessions)

429
Q

nbtstat Switches commands:

Lists the sessions table, converting destination IP
addresses into computer NetBIOS names.

A

nbtstat -s (sessions)

430
Q

Used on its own, the ____ command shows basic information such as the name of the local network interface, the IP address, the subnet mask, and the default gateway. Combined with the /all switch, it shows a detailed set of information.

A

ipconfig

431
Q

IPCONFIG common troubleshooting symptoms:

The user cannot connect to any other system.

A

Ensure that the TCP/IP address and subnet mask are correct. If the network uses DHCP, ensure that DHCP
is enabled.

432
Q

IPCONFIG common troubleshooting symptoms:

The user can connect to another system on the same
subnet but cannot connect to a remote system.

A

Ensure the default gateway is configured correctly.

433
Q

IPCONFIG common troubleshooting symptoms:

The user is unable to browse the Internet.

A

Ensure the DNS server parameters are correctly configured.

434
Q

IPCONFIG common troubleshooting symptoms:

The user cannot browse across remote subnets.

A

Ensure the WINS or DNS server parameters are correctly configured, if applicable.

435
Q

ipconfig Switch commands:

Displays the ipconfig help screen

A

?

436
Q

ipconfig Switch commands:

Displays additional IP configuration information

A

/all

437
Q

ipconfig Switch commands:

Releases the IPv4 address of the specified adapter

A

/release

438
Q

ipconfig Switch commands:

Releases the IPv6 address of the specified adapter

A

/release6

439
Q

ipconfig Switch commands:

Renews the IPv4 address of a specified adapter

A

/renew

440
Q

ipconfig Switch commands:

Renews the IPv6 address of a specified adapter

A

/renew6

441
Q

ipconfig Switch commands:

Purges the DNS cache

A

/flushdns

442
Q

ipconfig Switch commands:

Refreshes the DHCP lease and reregisters the DNS names

A

/registerdns

443
Q

ipconfig Switch commands:

Used to display the information in the DNS cache

A

/displaydns

444
Q

The ipconfig /release and ipconfig /renew commands work only when
your system is using DHCP.

A

TIP

445
Q

_____ is a utility used to troubleshoot DNS-related problems. Using ____, you can, for example, run manual name resolution queries against DNS servers, get information about your system’s DNS configuration, or specify what kind of DNS record should be resolved.

A

nslookup

446
Q

_____is used on a Linux, UNIX, or Macintosh system to perform manual DNS lookups. It performs the same basic task as nslookup, but with one major distinction: The command does not have an interactive mode and instead uses only command-line switches to customize results.

A

dig

447
Q

The _____ command is used on Linux/UNIX systems to perform a reverse lookup on an IP address. A reverse lookup involves looking up an IP address and resolving the hostname from that. Users running Microsoft Windows operating systems could use the nslookup command to perform a reverse lookup on an IP address, and Linux users can use the host command or nslookup.

A

host

448
Q

The ____ utility is an often-used and very handy tool. With this command,you display and modify the routing table on your Windows and Linux systems.

A

route

449
Q

Switches for the route Command in Windows:

Enables you to add a static route to the routing table.

A

add

450
Q

Switches for the route Command in Windows:

Enables you to remove a route from the routing table.

A

delete

451
Q

Switches for the route Command in Windows:

Enables you to modify an existing route.

A

change

452
Q

Switches for the route Command in Windows:

When used with the add command, makes the route permanent. If the -p switch is not used when a route is added, the route is lost upon reboot.

A

-p

453
Q

Switches for the route Command in Windows:

Enables you to view the system’s routing table.

A

print

454
Q

Switches for the route Command in Windows:

Removes all gateway entries from the routing table.

A

-f

455
Q
1. What command can you issue from the command line to view the status of the system’s ports?
❍ A. netstat -p
❍ B. netstat -o
❍ C. netstat -a
❍ D. netstat –y
A
  1. C. Administrators can quickly determine the status of common ports by issuing the netstat -a command from the command line. This command output lists the ports used by the system and whether they are open and listening.
456
Q
2. Which of the following tools can you use to perform manual DNS lookups on aLinux system? (Choose two.)
❍ A. dig
❍ B. nslookup
❍ C. tracert
❍ D. dnslookup
A
  1. A and B. Both the dig and nslookup commands can be used to perform
    manual DNS lookups on a Linux system. You cannot perform a manual lookup
    with the tracert command. There is no such command as dnslookup.
457
Q
3. Which of the following commands generates a Request timed out error message?
❍ A. ping
❍ B. netstat
❍ C. ipconfig
❍ D. nbtstat
A
  1. A. The ping command generates a Request timed out error when it cannot
    receive a reply from the destination system. None of the other commands
    listed produce this output.
458
Q
4. Which of the following commands would you use to add a static entry to the
ARP table of a Windows 7 system?
❍ A. arp -a IP ADDRESS MAC ADDRESS
❍ B. arp -s MAC ADDRESS IP ADDRESS
❍ C. arp -s IP ADDRESS MAC ADDRESS
❍ D. arp -i IP ADDRESS MAC ADDRESS
A
  1. C. This command would correctly add a static entry to the ARP table. None of
    the other answers are valid ARP switches.
459
Q
5. Which command created the following output?
Server: nen.bx.ttfc.net
Address: 209.55.4.155
Name: examcram.com
Address: 63.240.93.157
❍ A. nbtstat
❍ B. ipconfig
❍ C. tracert
❍ D. nslookup
A
  1. D. The output was produced by the nslookup command. The other commands
    listed produce different output.
460
Q
  1. True or False: The biggest difference between a LAN and WAN is usually the size of the network.
A
  1. True. A WAN is a network that spans more than one geographic location,
    often connecting separated LANs.
461
Q
  1. What network model offers no centralized storage of data or centralized control over the sharing of files or resources?
A
  1. A peer-to-peer network is a decentralized network model offering no centralized
    storage of data or centralized control over the sharing of files or
    resources.
462
Q
  1. In what networking model is the processing power shared between the client systems and the server?
A
  1. A distributed network model has the processing power distributed
    between the client systems and the server.
463
Q

A ___ is a data network restricted to a single geographic location and typically
encompasses a relatively small area, such as an office building or school.

A

LAN

464
Q

A_______ network is a decentralized network model offering no centralized storage of data or centralized control over the sharing of files or resources. All systems on this type network can share the resources on
their local computer and use resources of other systems.

A

peer-to-peer

465
Q

The _____networking model is, without question, the most widely implemented model and the one you are most likely to encounter when working in real-world environments. The advantages of this system are that it is a centralized model and it enables centralized network management of all network services, including user management, security, and backup procedures.

A

client/server

466
Q

In a ____ computing model, one system provides both the data storage and processing power for client systems.
This networking model is most often associated with computer mainframes and dumb terminals, where no processing or storage capability exists at the workstation. These network environments are rare, but they do still exist.

A

centralized

467
Q
1. What is the maximum number of computers recommended for inclusion in a
peer-to-peer network?
❍ A. 2
❍ B. 5
❍ C. 10
❍ D. 25
A
  1. C. The maximum number of computers recommended in a peer-to-peer network
    is 10.
468
Q
peer-to-peer network?
❍ A. 2
❍ B. 5
❍ C. 10
❍ D. 25
2. When a WAN is confined to a certain geographic area, such as a university campus
or city, it is known as a
❍ A. LAN
❍ B. MAN
❍ C. VAN
❍ D. VPN
A
  1. B. A WAN can be referred to as a MAN (Metropolitan Area Network) when it is
    confined to a certain geographic area, such as a university campus or city.
469
Q
  1. Which topology (star, bus, or ring) would use a hub or switch?
A
  1. Of the choices given, only a star topology would use a hub or switch.
470
Q
  1. With which topology does every node have a direct connection to every
    other node?
A
  1. With a mesh topology, every node has a direct connection to every other
    node.
471
Q

A ___ refers to a network’s physical and logical layout.

A

topology

472
Q

A network’s ____ topology refers to the actual layout of the computer cables and other network
devices.

A

physical

473
Q

A network’s ____ topology refers to the way in which the network
appears to the devices that use it.

A

logical

474
Q

A ___ topology uses a trunk or backbone to connect all the computers on the network

A

bus

475
Q

The __ topology is actually a logical ___, meaning that the data travels in a circular fashion from one computer to another on the network. It is not a physical ___ topology.

A

ring

476
Q

In the ___ topology, all computers and other network devices connect to a central device called a hub or switch. Each connected device requires a single cable to be connected to the hub, creating a point-to-point connection between the
device and the hub.

A

star

477
Q

Among the network topologies discussed in this chapter, the star topology is the
easiest to expand in terms of the number of devices connected to the network.

A

ExamAlert

478
Q

The wired ____ topology incorporates a unique network design in which each computer on the network connects to every other, creating a point-to-point connection between every device on the network. The purpose of the ____ design is to provide a high level of redundancy. If one network cable fails, the data always has an alternative path to get to its destination— each node can act as a relay.

A

mesh

479
Q

Because of the redundant connections, the mesh topology offers better fault tolerance
than other topologies.

A

ExamAlert

480
Q

___ ___ ___is a technology designed to speed up network traffic flow by moving away from the use of traditional routing tables. Instead of routing tables, ___ ___ ___ uses short labels to direct packets and forward them through the network.

A

Multiprotocol Label Switching (MPLS)

481
Q

The ____ wireless topology is commonly used to extend a wired LAN to include wireless devices. Wireless devices communicate with the wired LAN through a base station known as an access point (AP) or wireless access point. The AP forms a bridge between a wireless and wired LAN, and all transmissions between wireless stations, or between a system and a wired network client, go
through the AP. APs are not mobile and must stay connected to the wired network; therefore, they become part of the wired network ____ (thus the
name).

A

infrastucture

482
Q

In a wireless ___ ___ topology, devices communicate directly between themselves without using an access point. This peer-to-peer network design is commonly used to connect a small number of computers or wireless devices. For example, an __ __ wireless network may be set up temporarily between laptops in a boardroom or to connect systems in a home instead of using a wired solution.

A

ad hoc

483
Q

in a ___ __ ___ wireless configuration, the

communication link travels from one node directly to one other node.

A

point-to-point (PtP)

484
Q

A __ __ ___ wireless connection is designed to link multiple wired networks. Signals in __ __ ___ networks travel from a central node such as a base station of a cellular system, an access point of a WLAN, or a satellite. The function of the ___ wireless topology is to interconnect multiple locations, enabling them to access and share resources.

A

point-to-multipoint (PtMP)

485
Q
  1. You have been asked to install a network to give the network users the greatest
    amount of fault tolerance. Which of the following network topologies would you
    choose?
    ❍ A. Star
    ❍ B. Ring
    ❍ C. Mesh
    ❍ D. Bus
A
  1. C. A mesh network uses a point-to-point connection to every device on the network.
    This creates multiple points for the data to transmit around the network
    and therefore creates a high degree of redundancy. The star, ring, and bus
    topologies do not offer fault tolerance.
486
Q
  1. Which of the following topologies enables network expansion with the least
    amount of disruption for the current network users?
    ❍ A. Bus
    ❍ B. Ring
    ❍ C. LAN
    ❍ D. Star
A
  1. D. On a star network, each network device uses a separate cable to make a
    point-to-point connection to a centralized device such as a hub or switch. With
    such a configuration, you can add a new device to the network by attaching the
    new device to the hub or switch with its own cable. This process does not disrupt
    the users who are currently on the network. Answers A and B are incorrect
    because the addition of new network devices on a ring or bus network can
    cause a disruption in the network and cause network services to be unavailable
    during the installation of a new device. A LAN (local area network) is created
    using any topology and is not a topology in and of itself.
487
Q
  1. You have been asked to connect two office locations. It has been specified that
    you use a wireless link. Which of the following strategies would you use to connect
    the two offices?
    ❍ A. Point-to-point
    ❍ B. Wireless mesh
    ❍ C. PtMP
    ❍ D. Star bus hybrid
A
  1. A. In a point-to-point (PtP) wireless configuration, the communication link travels
    from one node directly to one other node. Wireless point-to-point systems are
    often used in wireless backbone systems such as microwave relay communications
    or as a replacement for a single wired communication cable. You can use
    the point-to-point link to connect two locations to share data and resources. The
    other choices are not appropriate options for creating the wanted connection.
488
Q
5. Which network topology offers the greatest level of redundancy but also has the
highest implementation cost?
❍ A. Wireless mesh
❍ B. Wired mesh
❍ C. Hybrid star
❍ D. Bus network
A
  1. B. The wired mesh topology requires each computer on the network to be individually
    connected to every other device. This configuration provides maximum
    reliability and redundancy for the network. However, of those listed, it is the most
    costly to implement because of the multiple wiring requirements.
489
Q
  1. Which of the following statements are associated with a bus LAN network?
    (Choose all correct answers.)
    ❍ A. A single cable break can cause complete network disruption.
    ❍ B. All devices connect to a central device.
    ❍ C. It uses a single backbone to connect all network devices.
    ❍ D. It uses a dual-ring configuration.
A
  1. A, C. In a bus network, a single break in the network cable can disrupt all the
    devices on that segment of the network—a significant shortcoming. A bus network
    also uses a single cable as a backbone to which all networking devices
    attach. A star network requires networked devices to connect to a centralized
    device such as a hub or MSAU. It does not use a dual-ring configuration.
    Therefore, answer B is incorrect.
490
Q
  1. What type of network configuration enables a remote user to access a
    private network across the Internet?
A
  1. A virtual private network (VPN) can enable a remote user to access a private
    network across the Internet.
491
Q
  1. True or False: VLANs enable you to create multiple broadcast domains on
    a single switch.
A
  1. True. VLANs enable you to create multiple broadcast domains on a single
    switch.
492
Q
  1. Which of the following statements best describes a VPN?
    ❍ A. It is any protocol that enables remote clients to log in to a server over
    a network such as the Internet.
    ❍ B. It provides a system whereby only screen display and keyboard and
    mouse input travel across the link.
    ❍ C. It is a secure communication channel across a public network such
    as the Internet.
    ❍ D. It is a protocol used to encrypt user IDs and passwords.
A
  1. C. A VPN provides a secure communication path between devices over a public
    network such as the Internet.
493
Q
2. Which of the following are required to establish a VPN connection? (Choose all
correct answers.)
❍ A. VPN server
❍ B. VPN client
❍ C. VPN protocols
❍ D. VPN MAC identification
A
  1. A, B, C. Many elements are involved in establishing a VPN connection. This
    includes the VPN client to initiate the session, the VPN server to answer the
    client requests, and the VPN protocols to secure and establish the connection.
494
Q
3. Which of the following are valid ways to assign computers to a VLAN? (Choose
the three best answers.)
❍ A. Protocol assignment
❍ B. Port-based assignment
❍ C. NetBIOS computer name
❍ D. MAC address
A
  1. A, B, D. VLANs can be created by using protocol assignments, by defining the
    ports on a device as belonging to a VLAN, or by using MAC addresses. VLANs
    cannot be created by using the NetBIOS computer name.
495
Q

In general, a ___ recovery site is a site that can be up and operational in a relatively short amount of time, such as a day or two.

A

cold

496
Q

___ recovery sites are set up to be ready to go at a moment’s notice.

A

hot

497
Q

A ___ site typically has computers but is not configured ready to go. This means that
data might need to be upgraded or other manual interventions might need to
be performed before the network is again operational.

A

warm

498
Q

A hot site that mirrors the organization’s production network can assume network
operations at a moment’s notice. Warm sites have the equipment needed to bring
the network to an operational state but require configuration and potential database
updates. A cold site has the space available with basic service but typically
requires equipment delivery.

A

ExamAlert

499
Q
1. Which two types of tape backup methods clear the archive bit after the backup
has been completed?
❍ A. Full
❍ B. Differential
❍ C. Incremental
❍ D. GFS
A
  1. A, C. The archive bit is reset after a full backup and an incremental backup.
    Answer B is incorrect because the differential backup does not reset the archive
    bit. Answer D is wrong because GFS is a rotation strategy, not a backup
    method.
500
Q
  1. You come to work on Thursday morning to find that the server has failed and
    you need to restore the data from backup. You finished a full backup on Sunday
    and incremental backups on Monday, Tuesday, and Wednesday. How many
    tapes are required to restore the backup?
    ❍ A. Four
    ❍ B. Two
    ❍ C. Three
    ❍ D. Five
A
  1. A. Incremental backups save all files and directories that have changed since the
    last full or incremental backup. To restore, you need the latest full backup and all
    incremental tapes. In this case, you need four tapes to complete the restore
    process.
501
Q
  1. Which of the following recovery sites might require the delivery of computer
    equipment and an update of all network data?
    ❍ A. Cold site
    ❍ B. Warm site
    ❍ C. Hot site
    ❍ D. None of the above
A
  1. A. A cold site provides an alternative location but typically not much more. A
    cold site often requires the delivery of computer equipment and other services. A
    hot site has all network equipment ready to go if a massive failure occurs. A
    warm site has most equipment ready but still needs days or weeks to have the
    network up and running.
502
Q
  1. As part of your network administrative responsibilities, you have completed your
    monthly backups. As part of backup best practices, where should the tapes be
    stored?
    ❍ A. In a secure location in the server room
    ❍ B. In a secure location somewhere in the building
    ❍ C. In an offsite location
    ❍ D. In a secure offsite location
A
  1. D. Although not always done, it is a best practice to store tape backups in a
    secure offsite location in case of fire or theft. Answer A is incorrect because if
    the server room is damaged by fire or flood, the tapes and the data on the server
    can be compromised by the same disaster. Similarly, answer B is incorrect
    because storing the backups onsite does not eliminate the threat of a single disaster
    destroying the data on the server and tapes. Answer C is incorrect
    because of security reasons. The offsite tapes must be secured.
503
Q
  1. As network administrator, you have been tasked with designing a disaster recovery
    plan for your network. Which of the following might you include in a disaster
    recovery plan?
    ❍ A. RAID 5
    ❍ B. Offsite tape storage
    ❍ C. Mirrored hard disks
    ❍ D. UPS
A
  1. B. Offsite tape storage is part of a disaster recovery plan. The other answers are
    considered fault-tolerance measures because they are implemented to ensure
    data availability.
504
Q

A full backup is the fastest way to restore data of all the methods discussed here,
because only one tape, or set of tapes, is required for a full restore.

A

ExamAlert

505
Q

If you experience trouble with any type of backup, you should clean the tape drive
and then try the backup again. Also visually inspect the tape for physical damage.

A

ExamAlert

506
Q

Both full and incremental backups clear the archive bit after files have been backed
up.

A

ExamAlert

507
Q
  1. What are the two categories of QoS that applications generally can be
    broken into?
A
  1. Applications generally can be broken into either latency-sensitive or
    latency-insensitive.
508
Q
  1. What term involves delaying the flow of data traffic designated as less
    important compared to other traffic streams?
A
  1. Traffic shaping involves delaying the flow of data traffic designated as less
    important compared to other traffic streams.
509
Q

___ describes the strategies used to manage and increase the flow of network
traffic. ___ features enable administrators to predict bandwidth use, monitor
that use, and control it to ensure that bandwidth is available to the applications
that need it.

A

Quality of Service (QoS)

510
Q

CATEGORIES OF QoS:

These applications need bandwidth for quick delivery
where network lag time impacts their effectiveness. This includes
voice and video transfer. For example, voice over IP (VoIP) would be
difficult to use if there were a significant lag time in the conversation

A

Latency-sensitive

511
Q

Controlling bandwidth also involves managing ________ applications. This includes bulk data transfers such as
huge backup procedures and File Transfer Protocol (FTP) transfers.

A

latency-insensitive

512
Q

___ ___ is a QoS strategy designed to enforce prioritization policies on the transmission of data throughout the network. It is intended to reduce
latency by controlling the amount of data that flows into and out of the network. Traffic is categorized, queued, and directed according to network policies.

A

Traffic shaping

513
Q

Remember that traffic shaping involves delaying the flow of data traffic that is designated
as less important compared to other traffic streams.

A

ExamAlert

514
Q
  1. Caching improves network performance by caching content where?
    ❍ A. Locally.
    ❍ B. On a remote server.
    ❍ C. In archives.
    ❍ D. Caching does not improve network performance.
A
  1. A. Caching improves network performance by locally caching content, thereby
    limiting surges in traffic.
515
Q
2. Which of the following would most likely use latency-sensitive QoS?
❍ A. FTP
❍ B. DNS
❍ C. SNMP
❍ D. VoIP
A
  1. D. Latency-sensitive applications include those for voice and video transfer. For
    example, voice over IP (VoIP) would be difficult to use if there were a significant
    lag time in the conversation.
516
Q
  1. True or False: VPNs require a secure protocol to safely transfer data over
    the Internet.
A
  1. True. VPNs require a secure protocol such as IPSec or SSL to safely
    transfer data over the Internet.
517
Q
  1. How many phases are there to L2TP authentication?
A
  1. L2TP offers two-phase authentication—once for the computer and once
    for the user.
518
Q

Be sure you understand that ISAKMP is a framework and not an implementable
entity.

A

ExamAlert

519
Q

___ protocol it outlines
how secure communications should take place, but is not a protocol, or
application, itself.

A
Internet Security Association and Key
Management Protocol (ISAKMP)
520
Q

______ protocol creates a secure tunnel between two points on a network,
over which other connectivity protocols, such as PPP, can be used. This
tunneling functionality is the basis of VPNs.

A

Point-to-Point Tunneling Protocol (PPTP)

521
Q

VPNs are created and managed using PPTP, which builds on the functionality of
PPP. This makes it possible to create dedicated point-to-point tunnels through a
public network such as the Internet.

A

ExamAlert

522
Q

_____ ____ protocol is a combination of PPTP and Cisco L2F technology.It authenticates the client in a
two-phase process: It authenticates the computer and then the user. By
authenticating the computer, it prevents the data from being intercepted,
changed, and returned to the user in what is known as a man-in-the-middle
attack.

A

Layer 2 Tunneling Protocol (L2TP)

523
Q

Remember for the exam that L2TP offers two-phase authentication—once for the
computer and once for the user. This helps prevent man-in-the-middle attacks.

A

ExamAlert

524
Q

Unlike IPSec, which operates at the network layer of the OSI model, L2TP operates
at the data link layer, making it protocol-independent. This means that an L2TP
connection can even support protocols other than TCP/IP, such as AppleTalk and
Novell’s legacy IPX.

A

ExamAlert

525
Q

The ___ protocol is designed to provide secure communications between systems. This includes system-to-system communication in the same network, as well as communication to systems on external networks. It is an IP layer security protocol that can both encrypt and authenticate network transmissions. In a nutshell, it is composed of two separate protocols: Authentication Header (AH) and Encapsulating Security Payload
(ESP). AH provides the authentication and integrity checking for data packets,
and ESP provides encryption services.

A

IP Security (IPSec)

526
Q

IPSec relies on two underlying protocols: AH and ESP. AH provides authentication
services, and ESP provides encryption services.

A

ExamAlert

527
Q

IPSec can be used only on TCP/IP networks. If you use another network protocol,
you need to use a security protocol such as L2TP.

A

ExamAlert

528
Q

In a______ implementation, as the name
implies, whole networks are connected together. An example of this would be
divisions of a large company. Because the networks are supporting the VPN,
each gateway does the work and the individual clients do not need to have any
VPN.

A

site-to-site

529
Q

In a _______ scenario, individual clients (such as telecommuters or travelers) connect to the network remotely. Because the individual client makes a
direct connection to the network, each client doing so must have VPN client software installed.

A

client-to-site

530
Q

Be sure you understand that site-to-site and client-to-site are two types of VPNs.

A

ExamAlert

531
Q

___ ___ describes the mechanisms used to filter network traffic to determine
who is and who is not allowed to access the network and network
resources.

A

Access control:
Firewalls, proxy servers, routers, and individual computers all can
maintain access control to some degree. By limiting who can and cannot
access the network and its resources, it is easy to understand why access control
plays a critical role in security strategy. Several types of access control
strategies exist, as discussed in the following sections.

532
Q

Be sure you can identify the purpose and types of access control.

A

ExamAlert

533
Q

___ ___ control is the most secure form of access control. In systems configured to use mandatory access control, administrators dictate
who can access and modify data, systems, and resources. ____ systems are commonly used in military installations, financial institutions, and, because of new privacy laws, medical institutions.

A

Mandatory access control (MAC):
MAC secures information and resources by assigning sensitivity labels to
objects and users. When users request access to an object, their sensitivity
level is compared to the object’s. A label is a feature applied to files, directories,
and other resources in the system. It is similar to a confidentiality stamp.
When a label is placed on a file, it describes the level of security for that specific
file. It permits access by files, users, programs, and so on that have a similar
or higher security setting.

534
Q

___ ___ control is not forced from the administrator or operating system. Instead, access is controlled
by an object’s owner. For example, if a secretary creates a folder, he decides who will have access to that folder. This access is configured using permissions and an access control list.

A

discretionary access control (DAC):
DAC uses an access control list (ACL) to determine access. The ACL is a
table that informs the operating system of the rights each user has to a particular
system object, such as a file, directory, or printer. Each object has a security
attribute that identifies its ACL. The list has an entry for each system user
with access privileges. The most common privileges include the ability to read
a file (or all the files in a directory), to write to the file or files, and to execute
the file (if it is an executable file or program).

535
Q

___ ____ control controls access to objects according to established rules. The configuration and security settings established on a router or firewall are a good example.

A

Rule-based access:
In a practical application, rule-based access control is a variation on MAC.
Administrators typically configure the firewall or other device to allow or
deny access. The owner or another user does not specify the conditions of
acceptance, and safeguards ensure that an average user cannot change settings
on the devices.

536
Q

In ___ ___ control, access decisions are determined by the roles that individual users have within the organization.

A

role-based access control (RoBAC):
Role-based access
requires the administrator to have a thorough understanding of how a particular
organization operates, the number of users, and each user’s exact function
in that organization.

537
Q

___ ___ is often too restrictive to be practical in business. For instance, using teachers as an example, some more experienced teachers might have more responsibility than others and might require increased access to a particular network object. Customizing access to each individual is a time-consuming
process.

A

Least privilege

538
Q

_____ is a remote-access solution included with Windows Server products. It is a feature-rich, easy-to-configure, easy-to-use method of configuring remote
access.

A

Remote Access Service RAS

539
Q

____ is the standard remote-access protocol in use today. PPP is actually a family of protocols that work together to provide connection services.

A

point-to-point protocol PPP:
During the establishment of a PPP connection between the remote system
and the server, the remote server needs to authenticate the remote user. It
does so by using the PPP authentication protocols.

540
Q

___ _____ ____is a protocol used to connect multiple network users on an Ethernet local area network to a remote site through a common device.

A

Point-to-Point Protocol over Ethernet (PPPoE):
For example, using PPPoE, you can have all users
on a network share the same link, such as a DSL, cable modem, or wireless
connection to the Internet. PPPoE is a combination of PPP and the Ethernet
protocol, which supports multiple users in a local area network (hence the
name). The PPP information is encapsulated within an Ethernet frame.

541
Q

___ ___ ___is a method to restrict access to the network
based on identify or posture (discussed later in this chapter). This was created by Cisco to enforce privileges and make decisions on a client device based on information gathered from it (such as the vendor and version of the antivirus
software running).

A

Network Access Control (NAC)

542
Q

A ____assessment is any evaluation of a system’s security based on settings
and applications found.

A

posture

543
Q

Be able to identify posture assessment.

A

ExamAlert

544
Q

Remote-Control Protocols:
____ is a low-bandwidth protocol used to send mouse movements, keystrokes, and bitmap images of the screen
on the server to the client computer. It does not actually send data over the connection—only screenshots and client keystrokes.

A

Remote Desktop Protocol (RDP),

545
Q

____ is a tunneling protocol originally created for UNIX systems. It uses encryption to establish a secure connection between two systems and provides
alternative, security-equivalent applications for such utilities as Telnet, FTP, and other communications-oriented applications. Although it is available with
Windows and other operating systems, it is the preferred method of security for Telnet and other cleartext-oriented programs in the UNIX environment. It uses port 22 and TCP for connections.

A

Secure Shell (SSH),

546
Q

Be sure you know the port associated with SSH.

A

Citrix

EXAMALERT

547
Q

_____ enables clients to access and run applications on a server, using the
server’s resources. Only the user interface, keystrokes, and mouse movements
transfer between the client system and the server. In effect, even though you
work at the remote computer, the system functions as if you were actually sitting
at the computer itself. As with Terminal Services and RDP, it is an
example of thin client computing.

A

Independent Computing Architecture (ICA)

548
Q

Three protocols described in this chapter enable access to remote systems and enable users to run applications on the system, using that system’s resources. Only the user interface, keystrokes, and mouse movements transfer between the client system and the remote computer.

A

ExamAlert

549
Q

When configuring security for wireless networks, filtering by MAC address is a
common practice. Typically, in MAC filtering security, MAC addresses can be
added to an “allow” ACL or “deny” ACL.

A

ExamAlert

550
Q
1. Which of the following protocols is used in thin-client computing?
❍ A. RDP
❍ B. PPP
❍ C. PPTP
❍ D. RAS
A
  1. A. RDP is used in thin-client networking, where only screen, keyboard, and
    mouse input is sent across the line. PPP is a dialup protocol used over serial
    links. PPTP is a technology used in VPNs. RAS is a remote-access service.
551
Q
  1. Which of the following statements best describes the function of PPP?
    ❍ A. It is a secure technology that enables information to be securely
    downloaded from a website.
    ❍ B. It is a dialup protocol used over serial links.
    ❍ C. It is a technology that enables a secure tunnel to be created through
    a public network.
    ❍ D. It provides a public key/private key exchange mechanism.
A
  1. B. PPP is a protocol that can be used for dialup connections over serial links.
    Answer A describes SSL, answer C describes a VPN, and answer D describes
    PKI.
552
Q
  1. Your company wants to create a secure tunnel between two networks over the
    Internet. Which of the following protocols would you use to do this?
    ❍ A. PAP
    ❍ B. CHAP
    ❍ C. PPTP
    ❍ D. SLAP
A
  1. C. To establish the VPN connection between the two networks, you can use
    PPTP. PAP and CHAP are not used to create a point-to-point tunnel; they are
    authentication protocols. SLAP is not a secure dialup protocol.
553
Q
  1. Because of a recent security breach, you have been asked to design a security
    strategy that will allow data to travel encrypted through both the Internet and
    intranet. Which of the following protocols would you use?
    ❍ A. IPSec
    ❍ B. SST
    ❍ C. CHAP
    ❍ D. FTP
A
  1. A. IPSec is a nonproprietary security standard used to secure transmissions both
    on the internal network and when data is sent outside the local LAN. IPSec provides
    encryption and authentication services for data communications. Answer B
    is not a valid protocol. Answer C, CHAP, is a remote-access authentication protocol.
    Answer D is incorrect because FTP is a protocol used for large data transfers,
    typically from the Internet.
554
Q
  1. What does the acronym AAA stand for?
A
  1. AAA refers to authentication, authorization, and accounting services.
555
Q
  1. What are some of the policies that can usually be set for passwords?
A
  1. Common password policies typically include a minimum length of password,
    password expiration, prevention of password reuse, and prevention
    of easy-to-guess passwords.
556
Q

___ refers to the mechanisms used to verify the identity of the computer or user attempting to access a particular resource. It is usually done with a set of credentials—most commonly a username and
password.

A

Authentication

557
Q

_____determines if the person, previously identified and authenticated,
is allowed access to a particular resource. This is commonly determined
through group association. In other words, a particular group may have a specific
level of security clearance.

A

Authorization

558
Q

_______ refers to the tracking mechanisms used to keep a record of events on a system. One tool often used for this purpose is auditing. Auditing is the process of monitoring occurrences and keeping a log of what has occurred on
a system.

A

Accounting

559
Q

Be sure you can identify the purpose of authentication, authorization, and
accounting.

A

ExamAlert

560
Q

In a Windows environment, two pieces of information are required to access the
network: a valid username and a valid password. Both are required to gain access.

A

ExamAlert

561
Q

You need to identify an effective password policy. For example, a robust password
policy would include forcing users to change their passwords on a regular basis.

A

ExamAlert

562
Q

_______ is an Internet Engineering Task Force (IETF) standard for providing authentication. It is an integral part of network security. Networks, including the Internet, can connect people from all over the world. When data travels from one point to another across a network, it can be lost, stolen, corrupted, or misused. Much of the data sent over networks is sensitive, whether it is medical, financial, or otherwise. A key consideration for those responsible for the network is maintaining the confidentiality of the data.

A

Kerberos:
Kerberos was designed to fix such problems by using a method requiring only
a single sign-on. This single sign-on enables a user to log into a system and
access multiple systems or resources without the need to repeatedly re-enter
the username and password. Additionally, Kerberos is designed to have entities
authenticate themselves by demonstrating possession of secret information.

563
Q

Kerberos is a nonproprietary protocol and is used for cross-platform authentication.
It’s the main authentication protocol used with Windows servers.

A

ExamAlert

564
Q

Kerberos enables secure authentication over an insecure network such as the
Internet.

A

ExamAlert

565
Q

Kerberos uses ___ ___ ___ in which both client and server use the same encryption key to cipher and decipher data.

A

symmetric key cryptography,

566
Q

Another cryptography method in use is asymmetric key cryptography, or public key
cryptography. In this method, a device has both a public and private key. The private
key is never shared. The public key is used to encrypt the communication, and
the private key is used for decrypting.

A

ExamAlert

567
Q

You should know that the security tokens used in Kerberos are known as tickets.

A

ExamAlert

568
Q

_______ is a collection of software, standards, and
policies combined to enable users from the Internet or other unsecured public
networks to securely exchange data.

A

Public Key Infrastructure (PKI):
PKI uses a public and private cryptographic
key pair obtained and shared through a trusted authority. Services and
components work together to develop the PKI. Some of the key components
of a PKI include the following: Certficates, Certificat authorities (CAs), Certificate templates, Certificate Revocation List (CRL)

569
Q

In PKI:

A nonsecret key that forms half of a cryptographic key pair
used with a public key algorithm. The public key is freely given to all
potential receivers.

A

Public Key

570
Q

In PKI:
The secret half of a cryptographic key pair used with a
public key algorithm. The private part of the public key cryptography
system is never transmitted over a network.

A

Private Key

571
Q

Security is represented well in the Network+ objectives. You can expect to see
exam questions on the types of firewalls and their characteristics. For example, you
should know the differences between software and hardware firewalls and understand
stateful inspection versus packet filtering firewalls.

A

ExamAlert

572
Q

A stateless firewall examines the information within a data packet and rejects or
accepts the packet based on the source or destination address or port number listed
in the packet header. Stateful firewalls have features allowing them not only to
examine individual packets but also to examine packet streams at the application
layer (DNS, SMTP, POP3, SNMP).

A

ExamAlert

573
Q

Application layer firewalls offer a proxy service between the sending and receiving
devices. Using proxy services, the firewall can filter the content to and from source
and destination.

A

ExamAlert

574
Q

The three firewall methods described in this chapter are often combined into a single
firewall application. Packet filtering is the basic firewall function. Circuit-level
functionality provides NAT, and an application firewall provides proxy functionality.
This is a good point to remember for the exam.

A

ExamAlert

575
Q
  1. What is the basic reason for implementing a firewall?
    ❍ A. It reduces the costs associated with Internet access.
    ❍ B. It provides NAT functionality.
    ❍ C. It provides a mechanism to protect one network from another.
    ❍ D. It allows Internet access to be centralized.
A
  1. C. Implementing a firewall gives you protection between networks, typically from
    the Internet to a private network. All the other answers describe functions offered
    by a proxy server. Some firewall systems do offer NAT functionality, but NAT is
    not a firewall feature; it is an added benefit of these systems.
576
Q
  1. Which of the following statements best describes a VPN?
    ❍ A. It is any protocol that enables remote clients to log in to a server over
    a network such as the Internet.
    ❍ B. It provides a system whereby only screen display and keyboard and
    mouse input travel across the link.
    ❍ C. It is a secure communication channel across a public network such
    as the Internet.
    ❍ D. It is a protocol used to encrypt user IDs and passwords.
A
  1. C. A VPN provides a secure communication path between devices over a public
    network such as the Internet.
577
Q
  1. While reviewing the security logs for your server, you notice that a user on the
    Internet has attempted to access your internal mail server. Although it appears
    that the user’s attempts were unsuccessful, you are concerned about the possibility
    that your systems might be compromised. Which of the following solutions
    are you most likely to implement?
    ❍ A. A more secure password policy
    ❍ B. A firewall system at the connection point to the Internet
    ❍ C. File-level encryption
    ❍ D. Kerberos authentication
A
  1. B. To prevent unauthorized access to a private network from the Internet, you
    can use a firewall server to restrict outside access. Implementing a more secure
    password policy (answer A) is a good idea, but it is not the best choice.
    Implementing a file-level encryption system (answer C) is a good idea, but it is
    not the best choice. Kerberos (answer D) is an authentication system, not a
    method to prevent unauthorized access to the system.
578
Q
  1. You have enabled HTTPS because of concerns about the security of your web
    server application, which runs on a web server system in the DMZ of your corporate
    network. However, remote users are now unable to connect to the application.
    Which of the following is the most likely reason for the problem?
    ❍ A. Port 80 is being blocked on the corporate firewall.
    ❍ B. Port 443 is being blocked on the corporate firewall.
    ❍ C. Remote users need to enable HTTPS support in their web browsers.
    ❍ D. Port 110 is being blocked on the corporate firewall.
A
4. B. The most likely explanation is that port 443, the HTTPS default port, is being
blocked by a corporate firewall. Port 80 (answer A) is used by HTTP. All modern
web browsers automatically support HTTPS; therefore, answer C is incorrect.
Port 110 (answer D) is used by POP3.
579
Q
5. Which of the following is not a commonly implemented feature of a firewall
system?
❍ A. NAT
❍ B. Packet filtering
❍ C. Proxy
❍ D. NAS
A
  1. D. A firewall can provide several services to the network, including NAT, proxy
    services, and packet filtering. NAS is not a function of a firewall server; the
    acronym stands for network attached storage.
580
Q
  1. When a system running TCP/IP receives a data packet, which of the following
    does it use to determine which service to forward the packet to?
    ❍ A. Port number
    ❍ B. Packet ID number
    ❍ C. Data IP number
    ❍ D. IP protocol service type
A
  1. A. The service for which a data packet is destined is determined by the port
    number to which it is sent.
581
Q

___ ___ control is the most secure form of access control. In systems configured to use mandatory access control, administrators dictate
who can access and modify data, systems, and resources. ____ systems are commonly used in military installations, financial institutions, and, because of new privacy laws, medical institutions.

A

Mandatory access control (MAC):
MAC secures information and resources by assigning sensitivity labels to
objects and users. When users request access to an object, their sensitivity
level is compared to the object’s. A label is a feature applied to files, directories,
and other resources in the system. It is similar to a confidentiality stamp.
When a label is placed on a file, it describes the level of security for that specific
file. It permits access by files, users, programs, and so on that have a similar
or higher security setting.

582
Q

___ ___ control is not forced from the administrator or operating system. Instead, access is controlled
by an object’s owner. For example, if a secretary creates a folder, he decides who will have access to that folder. This access is configured using permissions and an access control list.

A

discretionary access control (DAC):
DAC uses an access control list (ACL) to determine access. The ACL is a
table that informs the operating system of the rights each user has to a particular
system object, such as a file, directory, or printer. Each object has a security
attribute that identifies its ACL. The list has an entry for each system user
with access privileges. The most common privileges include the ability to read
a file (or all the files in a directory), to write to the file or files, and to execute
the file (if it is an executable file or program).

583
Q

___ ____ control controls access to objects according to established rules. The configuration and security settings established on a router or firewall are a good example.

A

Rule-based access:
In a practical application, rule-based access control is a variation on MAC.
Administrators typically configure the firewall or other device to allow or
deny access. The owner or another user does not specify the conditions of
acceptance, and safeguards ensure that an average user cannot change settings
on the devices.

584
Q

In ___ ___ control, access decisions are determined by the roles that individual users have within the organization.

A

role-based access control (RoBAC):
Role-based access
requires the administrator to have a thorough understanding of how a particular
organization operates, the number of users, and each user’s exact function
in that organization.

585
Q

___ ___ is often too restrictive to be practical in business. For instance, using teachers as an example, some more experienced teachers might have more responsibility than others and might require increased access to a particular network object. Customizing access to each individual is a time-consuming
process.

A

Least privilege

586
Q

_____ is a remote-access solution included with Windows Server products. It is a feature-rich, easy-to-configure, easy-to-use method of configuring remote
access.

A

Remote Access Service RAS

587
Q

____ is the standard remote-access protocol in use today. PPP is actually a family of protocols that work together to provide connection services.

A

point-to-point protocol PPP:
During the establishment of a PPP connection between the remote system
and the server, the remote server needs to authenticate the remote user. It
does so by using the PPP authentication protocols.

588
Q

___ _____ ____is a protocol used to connect multiple network users on an Ethernet local area network to a remote site through a common device.

A

Point-to-Point Protocol over Ethernet (PPPoE):
For example, using PPPoE, you can have all users
on a network share the same link, such as a DSL, cable modem, or wireless
connection to the Internet. PPPoE is a combination of PPP and the Ethernet
protocol, which supports multiple users in a local area network (hence the
name). The PPP information is encapsulated within an Ethernet frame.

589
Q

___ ___ ___is a method to restrict access to the network
based on identify or posture (discussed later in this chapter). This was created by Cisco to enforce privileges and make decisions on a client device based on information gathered from it (such as the vendor and version of the antivirus
software running).

A

Network Access Control (NAC)

590
Q

A ____assessment is any evaluation of a system’s security based on settings
and applications found.

A

posture

591
Q

Be able to identify posture assessment.

A

ExamAlert

592
Q

Remote-Control Protocols:
____ is a low-bandwidth protocol used to send mouse movements, keystrokes, and bitmap images of the screen
on the server to the client computer. It does not actually send data over the connection—only screenshots and client keystrokes.

A

Remote Desktop Protocol (RDP),

593
Q

____ is a tunneling protocol originally created for UNIX systems. It uses encryption to establish a secure connection between two systems and provides
alternative, security-equivalent applications for such utilities as Telnet, FTP, and other communications-oriented applications. Although it is available with
Windows and other operating systems, it is the preferred method of security for Telnet and other cleartext-oriented programs in the UNIX environment. It uses port 22 and TCP for connections.

A

Secure Shell (SSH),

594
Q

Be sure you know the port associated with SSH.

A

Citrix

EXAMALERT

595
Q

_____ enables clients to access and run applications on a server, using the
server’s resources. Only the user interface, keystrokes, and mouse movements
transfer between the client system and the server. In effect, even though you
work at the remote computer, the system functions as if you were actually sitting
at the computer itself. As with Terminal Services and RDP, it is an
example of thin client computing.

A

Independent Computing Architecture (ICA)

596
Q

Three protocols described in this chapter enable access to remote systems and enable users to run applications on the system, using that system’s resources. Only the user interface, keystrokes, and mouse movements transfer between the client system and the remote computer.

A

ExamAlert

597
Q

When configuring security for wireless networks, filtering by MAC address is a
common practice. Typically, in MAC filtering security, MAC addresses can be
added to an “allow” ACL or “deny” ACL.

A

ExamAlert

598
Q
1. Which of the following protocols is used in thin-client computing?
❍ A. RDP
❍ B. PPP
❍ C. PPTP
❍ D. RAS
A
  1. A. RDP is used in thin-client networking, where only screen, keyboard, and
    mouse input is sent across the line. PPP is a dialup protocol used over serial
    links. PPTP is a technology used in VPNs. RAS is a remote-access service.
599
Q
  1. Which of the following statements best describes the function of PPP?
    ❍ A. It is a secure technology that enables information to be securely
    downloaded from a website.
    ❍ B. It is a dialup protocol used over serial links.
    ❍ C. It is a technology that enables a secure tunnel to be created through
    a public network.
    ❍ D. It provides a public key/private key exchange mechanism.
A
  1. B. PPP is a protocol that can be used for dialup connections over serial links.
    Answer A describes SSL, answer C describes a VPN, and answer D describes
    PKI.
600
Q
  1. Your company wants to create a secure tunnel between two networks over the
    Internet. Which of the following protocols would you use to do this?
    ❍ A. PAP
    ❍ B. CHAP
    ❍ C. PPTP
    ❍ D. SLAP
A
  1. C. To establish the VPN connection between the two networks, you can use
    PPTP. PAP and CHAP are not used to create a point-to-point tunnel; they are
    authentication protocols. SLAP is not a secure dialup protocol.
601
Q
  1. Because of a recent security breach, you have been asked to design a security
    strategy that will allow data to travel encrypted through both the Internet and
    intranet. Which of the following protocols would you use?
    ❍ A. IPSec
    ❍ B. SST
    ❍ C. CHAP
    ❍ D. FTP
A
  1. A. IPSec is a nonproprietary security standard used to secure transmissions both
    on the internal network and when data is sent outside the local LAN. IPSec provides
    encryption and authentication services for data communications. Answer B
    is not a valid protocol. Answer C, CHAP, is a remote-access authentication protocol.
    Answer D is incorrect because FTP is a protocol used for large data transfers,
    typically from the Internet.
602
Q
  1. What does the acronym AAA stand for?
A
  1. AAA refers to authentication, authorization, and accounting services.
603
Q
  1. What are some of the policies that can usually be set for passwords?
A
  1. Common password policies typically include a minimum length of password,
    password expiration, prevention of password reuse, and prevention
    of easy-to-guess passwords.
604
Q

___ refers to the mechanisms used to verify the identity of the computer or user attempting to access a particular resource. It is usually done with a set of credentials—most commonly a username and
password.

A

Authentication

605
Q

_____determines if the person, previously identified and authenticated,
is allowed access to a particular resource. This is commonly determined
through group association. In other words, a particular group may have a specific
level of security clearance.

A

Authorization

606
Q

_______ refers to the tracking mechanisms used to keep a record of events on a system. One tool often used for this purpose is auditing. Auditing is the process of monitoring occurrences and keeping a log of what has occurred on
a system.

A

Accounting

607
Q

Be sure you can identify the purpose of authentication, authorization, and
accounting.

A

ExamAlert

608
Q

In a Windows environment, two pieces of information are required to access the
network: a valid username and a valid password. Both are required to gain access.

A

ExamAlert

609
Q

You need to identify an effective password policy. For example, a robust password
policy would include forcing users to change their passwords on a regular basis.

A

ExamAlert

610
Q

_______ is an Internet Engineering Task Force (IETF) standard for providing authentication. It is an integral part of network security. Networks, including the Internet, can connect people from all over the world. When data travels from one point to another across a network, it can be lost, stolen, corrupted, or misused. Much of the data sent over networks is sensitive, whether it is medical, financial, or otherwise. A key consideration for those responsible for the network is maintaining the confidentiality of the data.

A

Kerberos:
Kerberos was designed to fix such problems by using a method requiring only
a single sign-on. This single sign-on enables a user to log into a system and
access multiple systems or resources without the need to repeatedly re-enter
the username and password. Additionally, Kerberos is designed to have entities
authenticate themselves by demonstrating possession of secret information.

611
Q

Kerberos is a nonproprietary protocol and is used for cross-platform authentication.
It’s the main authentication protocol used with Windows servers.

A

ExamAlert

612
Q

Kerberos enables secure authentication over an insecure network such as the
Internet.

A

ExamAlert

613
Q

Kerberos uses ___ ___ ___ in which both client and server use the same encryption key to cipher and decipher data.

A

symmetric key cryptography,

614
Q

Another cryptography method in use is asymmetric key cryptography, or public key
cryptography. In this method, a device has both a public and private key. The private
key is never shared. The public key is used to encrypt the communication, and
the private key is used for decrypting.

A

ExamAlert

615
Q

You should know that the security tokens used in Kerberos are known as tickets.

A

ExamAlert

616
Q

_______ is a collection of software, standards, and
policies combined to enable users from the Internet or other unsecured public
networks to securely exchange data.

A

Public Key Infrastructure (PKI):
PKI uses a public and private cryptographic
key pair obtained and shared through a trusted authority. Services and
components work together to develop the PKI. Some of the key components
of a PKI include the following: Certficates, Certificat authorities (CAs), Certificate templates, Certificate Revocation List (CRL)

617
Q

In PKI:

A nonsecret key that forms half of a cryptographic key pair
used with a public key algorithm. The public key is freely given to all
potential receivers.

A

Public Key

618
Q

In PKI:
The secret half of a cryptographic key pair used with a
public key algorithm. The private part of the public key cryptography
system is never transmitted over a network.

A

Private Key

619
Q

Certificatess are the cornerstones of the PKI. A certificate is essentially a form of
electronic credential that validates users, computers, or devices on the network. A
certificate is a digitally signed statement that associates the credentials of a public
key to the identity of the person, device, or service that holds the corresponding
private key.

A

ExamAlert

620
Q

RADIUS is a protocol that enables a single server to become responsible for all
remote-access authentication, authorization, and auditing (or accounting) services.

A

ExamAlert

621
Q

_____ is a security
protocol designed to provide centralized validation of users who are attempting
to gain access to a router or Network Access Server (NAS).

A

Terminal Access Controller Access Control System+ (TACACS+):
Like
RADIUS, TACACS+ is a set of security protocols designed to provide
authentication, authorization, and accounting (AAA) of remote users.
TACACS uses TCP port 49 by default.

622
Q

RADIUS functions as a client/server system. The remote user dials in to the
remote-access server, which acts as a RADIUS client, or network access server
(NAS), and connects to a RADIUS server. The RADIUS server performs
authentication, authorization, and auditing (or accounting) functions and
returns the information to the RADIUS client (which is a remote-access server
running RADIUS client software); the connection is either established or
rejected based on the information received.

A

KNOW THIS

623
Q

Both RADIUS and TACACS+ provide authentication, authorization, and accounting
services. One notable difference between TACACS+ and RADIUS is that TACACS+
relies on the connection-oriented TCP, whereas RADIUS uses the connectionless
UDP.

A

ExamAlert

624
Q

Authenticates remote Windows workstations, providing the
functionality to which LAN-based users are accustomed while integrating
the hashing algorithms used on Windows networks

A

Microsoft Challenge Handshake Authentication Protocol (MSCHAP): MS-CHAP works with PPP, PPTP, and L2TP network connections. MS-CHAP
uses a challenge/response mechanism to keep the password from being sent during the authentication process. MS-CHAP uses the Message Digest 5 (MD5) hashing algorithm and the Data Encryption Standard
(DES) encryption algorithm to generate the challenge and response. It provides mechanisms for reporting connection errors and for changing the user’s password.

625
Q

____ Brings with it enhancements over its predecessor. These enhancements include support for two-way authentication
and a few changes in how the cryptographic key is analyzed.

A

Microsoft Challenge Handshake Authentication Protocol version 2
(MS-CHAP v2)::

626
Q

An extension of PPP that
supports authentication methods that go beyond the simple submission
of a username and password. _____ was developed in response to an
increasing demand for authentication methods that use other types of
security devices such as token cards, smart cards, and digital certificates.

A

Extensible Authentication Protocol (EAP):

627
Q

____supports non-
Microsoft remote-access clients. enables for authentication without
actually having the user send his password over the network.
Because it’s an industry standard, it enables Windows Server 2008/2003
and Windows 7/Vista to behave as a remote client to almost any thirdparty
PPP server.

A

Challenge Handshake Authentication Protocol (CHAP):

628
Q

____ is a simple authentication protocol in which the username and password
are sent to the remote-access server in clear text, making it possible
for anyone listening to network traffic to steal both.

A

Password Authentication Protocol (PAP):
PAP typically is
used only when connecting to older UNIX-based remote-access servers
that do not support any additional authentication protocols.

629
Q

Users are allowed to log on without authentication.

A

Unauthenticated access:

630
Q

You should be familiar with the different remote-access authentication methods and
know where and when they may be used.

A

ExamAlert

631
Q

A protocol for uploading and downloading files
to and from a remote host. Also accommodates
basic file management tasks.

A

FTP File Transfer Protocol

632
Q

A Protocol for securely uploading and downloading files to and from a remote host. Based on SSH security

A

Secure File Transfer Protocol (SFTP)

633
Q

A [rptpcp; fpr retrieving files from a web server. Data is sent in clear text

A

Hypertext Transfer Protocol (HTTP)

634
Q

A secure protocol for retrieving files from a web server. Uses SSL to encrypt data between client and host

A

Hypertext Transfer Protocol Secure

635
Q

Enables sessions to be opened on a remote host

A

Telnet

636
Q

A secure alternative to Telnet that enables secure sessions toe be opened on a remote host

A

SSH

637
Q

A cyrtographic protocol whose purpose is to verify that secure communications between a server and a client remain secure. It is an enhancement/replacement for SSL

A

Transport Layer Security

638
Q

Provides an independent framework for authentication and key exchange. The actual implementation is usually done by IPSec but could be handled by any implementation capable of negotiating, modifying, and deleting security associations.

A

Internet Security Association and Key Management Protocol (ISAKMP)

639
Q

Replaced by SSH because it sends all data clear text

A

RSH- a UNIX utility used to run a command on a remote machine

640
Q

Enables files to be securely copied between two systems. Uses Secure SHell (SSH) technology to provide encryption services

A

Secure Copy Protocol (SCP)

641
Q

Copies files between systems, but transport is not secured

A

Remote Copy Protocol (RCP)

642
Q

A network monitoring system used to monitor the network’s condition. is not secured

A

Simple Network Management Protocol version 1 and 2 (SNMPv1/2)

643
Q

An enhanced version of its predecessors offering both encryption and authentication services

A

SNMPv3

644
Q

You will most certainly be asked questions on secure protocols and when they
might be used. Review Table 10.1 before taking the Network+ exam.

A

ExamAlert

645
Q
1. Which of the following protocols is used with HTTPS?
❍ A. SSH
❍ B. SSL
❍ C. Proxy
❍ D. IPSec
A
  1. B. HTTPS uses SSL to create secure connections over the Internet. Answer A is
    incorrect because SSH provides a secure multiplatform replacement for Telnet.
    Answer C is invalid because it is a service and not a protocol. Answer D is incorrect
    because IPSec is designed to encrypt data during communication between
    two computers.
646
Q
2. Which of the following is not an authentication protocol?
❍ A. IPSec
❍ B. CHAP
❍ C. PAP
❍ D. EAP
A
  1. A. IPSec is not an authentication protocol. All the other protocols listed are
    authentication protocols.
647
Q
3. Which of the following is the strongest password?
❍ A. password
❍ B. WE300GO
❍ C. l00Ka1ivE
❍ D. lovethemusic
A
  1. C. Strong passwords include a combination of letters and numbers and upperand
    lowercase letters. Answer C is by far the strongest password. Answer A is
    not a strong password because it is a standard word, contains no numbers, and
    is all lowercase. Answer B mixes letters and numbers, and it is not a recognized
    word, so it is a strong password, but it is not as strong as answer C. Answer D is
    too easy to guess and contains no numbers.
648
Q
  1. You are onsite as a consultant. The client’s many remote-access users experience
    connection problems. Basically, when users try to connect, the system
    cannot service their authentication requests. What kind of server might you recommend
    to alleviate this problem?
    ❍ A. RADIUS server
    ❍ B. IPSec server
    ❍ C. Proxy server
    ❍ D. Kerberos server
A
  1. A. By installing a RADIUS server, you can move the workload associated with
    authentication to a dedicated server. A proxy server would not improve the
    dialup connection’s performance. There is no such thing as a Kerberos server or
    an IPSec server.
649
Q
  1. Which of the following services or protocols use SSH technology to provide
    additional security to communications? (Choose two.)
    ❍ A. SCP
    ❍ B. SFTP
    ❍ C. SNMP
    ❍ D. SMTP
A
  1. A and B. Secure Shell (SSH) technology is used by both Secure Copy Protocol
    (SCP) and Secure File Transfer Protocol (SFTP). Answers C and D are incorrect
    because Simple Network Management Protocol (SNMP) and Simple Mail
    Transfer Protocol (SMTP) do not use SSH technology for additional security.
650
Q
  1. What are some of the more common potential risks to computer
    systems?
A
  1. Viruses, Trojan horses, and worms all present a potential risk to computer
    systems.
651
Q
  1. What type of malware covertly gathers system information through the
    user’s Internet connection without his or her knowledge, usually for advertising
    purposes?
A
  1. Spyware covertly gathers system information through the user’s Internet
    connection without his or her knowledge, usually for advertising purposes.
652
Q

In a____ attack, spoofed UDP packets are sent to a network’s broadcast
address. These packets are directed to specific ports, such as port 7 or port 19,
and, after they are connected, can flood the system.

A

Fraggle

653
Q

The _____ attack is similar to a Fraggle attack. However, a ping request is sent
to a broadcast network address, with the sending address spoofed so that many ping replies overload the victim and prevent it from processing the
replies.

A

Smurf

654
Q

Software programs or code loaded onto a computer without the user’s knowledge. After it is loaded, the ____ performs some form of
undesirable action on the computer.

A

virus

655
Q

Although they are still a form of virus, ___ viruses are

specifically designed to damage office or text documents.

A

macro

656
Q

___ are a nasty form of software that automatically and
silently propagate without modifying software or alerting the user. After
they are inside a system, they can carry out their intended harm,
whether it is to damage data or relay sensitive information

A

WORMS

657
Q

appear as helpful or harmless programs
but when installed carry and deliver a malicious payload. A___ ___
virus might, for example, appear to be a harmless or free online game
but when activated is actually malware.

A

Trojan horse

658
Q

____ covertly gathers system information through the
user’s Internet connection without his or her knowledge, usually for advertising purposes. These applications typically are bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet.

A

Spyware

659
Q

A __ virus installs itself into the operating system and stays there. It typically places itself in memory and from there infects and does damage. The resident loads with the operating system
on boot.

A

resident

660
Q

Like any other applications, from time to time viruses are enhanced to make them harder to detect and to modify the damage they do. Modifications to existing viruses are called ____ because they are
rereleased versions of known viruses.

A

variants

661
Q

One particularly hard-to-handle type of virus is the
____. It can change its characteristics to avoid detection. These viruses are some of the most difficult types to detect and remove.

A

polymorphic

662
Q

____ can hide itself to avoid detection. Such
viruses often fool detection programs by appearing as legitimate programs
or hiding within legitimate programs.

A

Stealth virus:

663
Q

___viruses are designed to infect and corrupt documents.
Because documents are commonly shared, these viruses can
spread at an alarming rate.

A

Macro Virus

664
Q

Be prepared to identify the types of viruses and the differences between a virus,
Trojan horse, and worm.

A

ExamAlert

665
Q

_____ attacks are designed to tie up network bandwidth and resources and eventually bring the entire network to a halt. This type of
attack is done simply by flooding a network with more traffic than it can handle. This attack is not designed to steal data but rather to cripple a network
and, in doing so, cost a company huge amounts of dollars.

A

Denial of service (DoS)

666
Q

____ attacks are one of the most common types of attacks. Typically, usernames
are easy to obtain. Matching the username with the password allows
the intruder to gain system access to the level associated with that particular
user.

A

Password

667
Q

____is a common form of cracking. It can be used by both outsiders and people within an organization. Social engineering is a hacker term for tricking people into revealing their password or some form of security information. It might include trying to get users to send passwords or other information over email, shoulder surfing, or any other method that tricks users into divulging information. It is an attack that attempts to take advantage of human behavior.

A

Social engineering

668
Q

____ involves an intruder who obtains sensitive
information such as passwords, data, and procedures for performing functions
by intercepting, listening to, and analyzing network communications.

A

eavesdropping

669
Q

In a ___ attack, an attacker gains access to a computer or program by
bypassing standard security mechanisms.

A

back door attack,: For instance, a programmer might
install a back door so that the program can be accessed for troubleshooting or
other purposes. Sometimes, as discussed earlier, nonessential services are
installed by default, and it is possible to gain access using one of these unused
services.

670
Q

In a ___ attack, the intruder places himself between the sending and receiving devices and captures the communication as it passes by. The
interception of the data is invisible to those actually sending and receiving the
data. The intruder can capture the network data and manipulate it, change it,
examine it, and then send it on. Wireless communications are particularly susceptible
to this type of attack.

A

man-in-the-middle attack

671
Q

_____ is a technique in which the real source of a transmission, file, or email is concealed or replaced with a fake source. This technique enables an attacker, for example, to misrepresent the original source of a file available for download. Then he can trick users into accepting a file from an untrusted
source, believing it is coming from a trusted source.

A

Spoofing

672
Q

A ___ ___ ___ describes a situation in which a wireless access point has
been placed on a network without the administrator’s knowledge.

A

rogue access point:

The result is
that it is possible to remotely access the rogue access point because it likely
does not adhere to company security policies. So all security can be compromised
by a cheap wireless router placed on the corporate network. An evil twin
attack is one in which a rogue wireless access point poses as a legitimate wireless
service provider to intercept information users transmit.

673
Q

These attacks start with war driving—driving around with a laptop looking for
open wireless access points with which to communicate and looking for weak
implementations that can be cracked (WEP cracking or WPA cracking). They
then lead to war chalking—those who discover a way in to the network leave signals (often written in chalk) on, or outside, the premise to notify others
that the vulnerability is there. The marks can be on the sidewalk, the side of
the building, a nearby signpost, and so on.

A

Advertising Wireless Weaknesses

674
Q

Often users receive a variety of emails offering products, services, information,
or opportunities. Unsolicited email of this type is called ____. This technique involves a bogus offer sent to hundreds of thousands
or even millions of email addresses. The strategy plays the odds. For
every 1,000 emails sent, perhaps one person replies. Phishing can be dangerous
because users can be tricked into divulging personal information such as
credit card numbers or bank account information.

A

phishing (pronounced

“fishing”)

675
Q

Be ready to identify the types of attacks just described. You can expect a question
on the exam about these types of attacks.

A

ExamAlert

676
Q
1. What type of virus can hide itself to avoid detection?
❍ A. Macro
❍ B. Stealth
❍ C. Partite
❍ D. Worm
A
  1. B. A stealth virus can hide itself to avoid detection. Such viruses often fool
    detection programs by appearing as legitimate programs or hiding within legitimate
    programs.
677
Q
  1. Which of the following is an attack in which a rogue wireless access point poses
    as a legitimate wireless service provider to intercept information users transmit?
    ❍ A. Pharming
    ❍ B. Phishing
    ❍ C. Evil twin
    ❍ D. Social Engineering
A
  1. C. An evil twin attack is one in which a rogue wireless access point poses as a
    legitimate wireless service provider to intercept information users transmit.
678
Q
  1. Which of the following is a type of denial of service attack that occurs when
    more data is put into a buffer than it can hold?
    ❍ A. Dictionary attack
    ❍ B. Buffer overflow
    ❍ C. Worm
    ❍ D. Trojan horse
A
  1. B. A buffer overflow is a type of denial of service (DoS) attack that occurs when
    more data is put into a buffer than it can hold.
679
Q
  1. Which of the following is an attack in which something that appears as a helpful
    or harmless program carries and delivers a malicious payload?
    ❍ A. Worm
    ❍ B. Phish
    ❍ C. Evil twin
    ❍ D. Trojan horse
A
  1. D. Trojan horses appear as helpful or harmless programs but, when installed,
    carry and deliver a malicious payload.
680
Q
  1. Which of the following is an attack in which users are tricked into revealing their
    passwords or some form of security information?
    ❍ A. Pharming
    ❍ B. Phishing
    ❍ C. Evil twin
    ❍ D. Social Engineering
A
  1. D. Social engineering is a term for tricking people (users) into revealing their
    passwords or some form of security information.
681
Q
  1. What are some of the services a firewall often provides?
A
  1. A firewall often provides such services as NAT, proxy, and packet filtering.
682
Q
  1. What is the primary difference between an IDS and an IPS?
A
  1. An IDS is a passive security measure, and the IPS is a reactive security
    measure.
683
Q
  1. What is the scope of a firewall?
A
  1. A firewall can be either host-based, on a single system, or networkbased,
    protecting systems networkwide.
684
Q

Security is represented well in the Network+ objectives. You can expect to see
exam questions on the types of firewalls and their characteristics. For example, you
should know the differences between software and hardware firewalls and understand
stateful inspection versus packet filtering firewalls.

A

ExamAlert

685
Q

A stateless firewall examines the information within a data packet and rejects or
accepts the packet based on the source or destination address or port number listed
in the packet header. Stateful firewalls have features allowing them not only to
examine individual packets but also to examine packet streams at the application
layer (DNS, SMTP, POP3, SNMP).

A

ExamAlert

686
Q

Application layer firewalls offer a proxy service between the sending and receiving
devices. Using proxy services, the firewall can filter the content to and from source
and destination.

A

ExamAlert

687
Q

The three firewall methods described in this chapter are often combined into a single
firewall application. Packet filtering is the basic firewall function. Circuit-level
functionality provides NAT, and an application firewall provides proxy functionality.
This is a good point to remember for the exam.

A

ExamAlert

688
Q
  1. What is the basic reason for implementing a firewall?
    ❍ A. It reduces the costs associated with Internet access.
    ❍ B. It provides NAT functionality.
    ❍ C. It provides a mechanism to protect one network from another.
    ❍ D. It allows Internet access to be centralized.
A
  1. C. Implementing a firewall gives you protection between networks, typically from
    the Internet to a private network. All the other answers describe functions offered
    by a proxy server. Some firewall systems do offer NAT functionality, but NAT is
    not a firewall feature; it is an added benefit of these systems.
689
Q
  1. Which of the following statements best describes a VPN?
    ❍ A. It is any protocol that enables remote clients to log in to a server over
    a network such as the Internet.
    ❍ B. It provides a system whereby only screen display and keyboard and
    mouse input travel across the link.
    ❍ C. It is a secure communication channel across a public network such
    as the Internet.
    ❍ D. It is a protocol used to encrypt user IDs and passwords.
A
  1. C. A VPN provides a secure communication path between devices over a public
    network such as the Internet.
690
Q
  1. While reviewing the security logs for your server, you notice that a user on the
    Internet has attempted to access your internal mail server. Although it appears
    that the user’s attempts were unsuccessful, you are concerned about the possibility
    that your systems might be compromised. Which of the following solutions
    are you most likely to implement?
    ❍ A. A more secure password policy
    ❍ B. A firewall system at the connection point to the Internet
    ❍ C. File-level encryption
    ❍ D. Kerberos authentication
A
  1. B. To prevent unauthorized access to a private network from the Internet, you
    can use a firewall server to restrict outside access. Implementing a more secure
    password policy (answer A) is a good idea, but it is not the best choice.
    Implementing a file-level encryption system (answer C) is a good idea, but it is
    not the best choice. Kerberos (answer D) is an authentication system, not a
    method to prevent unauthorized access to the system.
691
Q
  1. You have enabled HTTPS because of concerns about the security of your web
    server application, which runs on a web server system in the DMZ of your corporate
    network. However, remote users are now unable to connect to the application.
    Which of the following is the most likely reason for the problem?
    ❍ A. Port 80 is being blocked on the corporate firewall.
    ❍ B. Port 443 is being blocked on the corporate firewall.
    ❍ C. Remote users need to enable HTTPS support in their web browsers.
    ❍ D. Port 110 is being blocked on the corporate firewall.
A
4. B. The most likely explanation is that port 443, the HTTPS default port, is being
blocked by a corporate firewall. Port 80 (answer A) is used by HTTP. All modern
web browsers automatically support HTTPS; therefore, answer C is incorrect.
Port 110 (answer D) is used by POP3.
692
Q
5. Which of the following is not a commonly implemented feature of a firewall
system?
❍ A. NAT
❍ B. Packet filtering
❍ C. Proxy
❍ D. NAS
A
  1. D. A firewall can provide several services to the network, including NAT, proxy
    services, and packet filtering. NAS is not a function of a firewall server; the
    acronym stands for network attached storage.
693
Q
  1. When a system running TCP/IP receives a data packet, which of the following
    does it use to determine which service to forward the packet to?
    ❍ A. Port number
    ❍ B. Packet ID number
    ❍ C. Data IP number
    ❍ D. IP protocol service type
A
  1. A. The service for which a data packet is destined is determined by the port
    number to which it is sent.
694
Q
  1. What are the key sources from which you can gain information about a
    computer problem?
A
  1. It is important to get as much information as possible about the problem.
    You can glean information from three key sources: the computer (in the
    form of logs and error messages), the computer user experiencing the
    problem, and your own observation.
695
Q
  1. What is the final step in the network troubleshooting methodology
    CompTIA expects test takers to follow?
A
  1. Document the findings, the actions, and the outcomes.
696
Q

You should expect questions asking you to identify the troubleshooting steps in
exact order.

A

ExamAlert

697
Q
  1. A user reports that she can no longer access a legacy database. What should be
    one of the first questions you ask?
    ❍ A. What has changed since the last time you accessed that database?
    ❍ B. How many help calls have you placed in the past few months?
    ❍ C. Who originally installed or created that database?
    ❍ D. How long have you worked here?
A
  1. A. Establishing any recent changes to a system can often lead you in the right
    direction to isolate and troubleshoot a problem.
698
Q
  1. You’ve spent 2 hours trying to fix a problem and then realize that it falls
    outside of your area of expertise and ability to fix. What should you do in most
    organizations?
    ❍ A. Let the user immediately know that she needs to call someone else;
    then exit the scene so another person can help.
    ❍ B. Formulate a workaround; then document the problem and bring it up
    at the next meeting.
    ❍ C. Escalate the issue with a supervisor or manager.
    ❍ D. Continue working on the problem, trying as many solutions as you
    can find, until you solve the problem.
A
  1. C. When a problem is outside of your ability to fix, you must escalate the issue.
    Unless otherwise specified by the organization, the general rule is to start with
    the closest help and work out from there. None of the other options are acceptable
    choices.
699
Q
  1. You get numerous calls from users who cannot access an application. Upon
    investigation, you find that the application crashed. You restart the application,
    and it appears to run okay. What is the next step in the troubleshooting process?
    ❍ A. Email the users to let them know that they can use the application
    again.
    ❍ B. Test the application to ensure that it correctly operates.
    ❍ C. Document the problem and the solution.
    ❍ D. Reload the application executables from the CD, and restart it.
A
  1. B. After you fix a problem, you should test it fully to ensure that the network correctly
    operate before you allow users to log back on. The steps described in
    answers A and C are valid but only after the application has been tested. Answer
    D is incorrect because you would reload the executable only as part of a systematic
    troubleshooting process. Because the application loads, it is unlikely that
    the executable has become corrupted.
700
Q
  1. A user tells you that she is having a problem accessing her email. What is the
    first step in the troubleshooting process?
    ❍ A. Document the problem.
    ❍ B. Make sure that the user’s email address is valid.
    ❍ C. Discuss the problem with the user.
    ❍ D. Visit the user’s desk to reload the email client software.
A
  1. C. Not enough information is provided for you to come up with a solution. In
    this case, the next troubleshooting step would be to talk to the user and gather
    more information about exactly what the problem is. All the other answers are
    valid troubleshooting steps but only after the information gathering has been
    completed.
701
Q
  1. You have successfully fixed a problem with a server and have tested the application
    and let the users back onto the system. What is the next step in the troubleshooting
    process?
    ❍ A. Document the problem.
    ❍ B. Restart the server.
    ❍ C. Document the problem and the solution.
    ❍ D. Clear the error logs of any reference to the problem.
A
  1. C. After you have fixed a problem, tested the fix, and let users back on to the
    system, you should create detailed documentation that describes the problem
    and the solution. Answer A is incorrect because you must document both the
    problem and the solution. You do not need to restart the server, so Answer B is
    incorrect. Answer D would be performed only after the system’s documentation
    has been created.
702
Q
  1. What commonly used protocol is designed to prevent switching loops?
A
  1. Switching loops are simply the result of having more than one path
    between two switches in a network. Spanning Tree Protocol (STP) is
    designed to prevent these loops from occurring.
703
Q
  1. What can occur when a network is overwhelmed with constant broadcasts
    or multicast traffic?
A
  1. A broadcast storm occurs when a network is overwhelmed with constant
    broadcasts or multicast traffic.
704
Q

Wiring problems are related to the actual cable used in a network. For the purposes
of the exam, infrastructure problems are classified as those related to network
devices such as hubs, switches, and routers.

A

ExamAlert

705
Q

___ ___are simply the result of having more than one path between
two switches in a network. Spanning Tree Protocol (STP) is designed to prevent
these loops from occurring. If the packet in the loop is a broadcast message,
the loop can create a full broadcast storm (as discussed at the end of this
list). Switching loops occur at the data link layer (Layer 2) of the OSI model.

A

switching loops

706
Q

You should be able to associate STP with switching loops. (spanning tree protocol)

A

ExamAlert

707
Q

As the name suggests, a___ ___ occurs when data packets continue to be
routed in an endless circle.

A

routing loop

708
Q
  1. What is the scope of a firewall?
A
  1. A firewall can be either host-based, on a single system, or networkbased,
    protecting systems networkwide.
709
Q

___ typically occur when routing tables contain information that
does not reflect the correct topology of the internetwork.

A

Route problems

710
Q
  1. What is the primary difference between an IDS and an IPS?
A
  1. An IDS is a passive security measure, and the IPS is a reactive security
    measure.
711
Q

In a ___ ARP configuration, one system
or network device answers ARP requests for another system. It is proxy ARP
because one network system is proxying for another’s ARP communications.

A

proxy

712
Q
  1. What are some of the services a firewall often provides?
A
  1. A firewall often provides such services as NAT, proxy, and packet filtering.
713
Q

A ___ ___ occurs when a network is overwhelmed

with constant broadcast or multicast traffic.

A

broadcast storm: Broadcast storms can eventually
lead to a complete loss of network connectivity as the network is bogged
down with the broadcast storm. As with other network problems, you may
suspect a broadcast storm when network response times are poor and people
are complaining about the slow network. These broadcast storms can be
caused by faulty hardware such as a NIC that continually sends data, switching
loops, or even faulty applications running on the network. Baselines work
well for identifying broadcast storms.

714
Q
  1. Which of the following is an attack in which users are tricked into revealing their
    passwords or some form of security information?
    ❍ A. Pharming
    ❍ B. Phishing
    ❍ C. Evil twin
    ❍ D. Social Engineering
A
  1. D. Social engineering is a term for tricking people (users) into revealing their
    passwords or some form of security information.
715
Q

On the router, the ___ ___ dictates what traffic is allowed to flow through. The router can be configured to enable individual port traffic in, out, or both and is referred to as port forwarding. If a port is blocked (such as 80 for HTTP or 21 for FTP), the data will not be allowed through, and users will be affected.

A

port configuration

716
Q
  1. Which of the following is an attack in which something that appears as a helpful
    or harmless program carries and delivers a malicious payload?
    ❍ A. Worm
    ❍ B. Phish
    ❍ C. Evil twin
    ❍ D. Trojan horse
A
  1. D. Trojan horses appear as helpful or harmless programs but, when installed,
    carry and deliver a malicious payload.
717
Q

Think of port configuration and port forwarding as the same when it comes to the
router.

A

ExamAlert

718
Q
  1. Which of the following is a type of denial of service attack that occurs when
    more data is put into a buffer than it can hold?
    ❍ A. Dictionary attack
    ❍ B. Buffer overflow
    ❍ C. Worm
    ❍ D. Trojan horse
A
  1. B. A buffer overflow is a type of denial of service (DoS) attack that occurs when
    more data is put into a buffer than it can hold.
719
Q

A condition known as a ___ ___ can occur when a router does not send back an expected message that the data has been received. It is known as a this from the view that data is being sent, but is essentially being lost.

A

black hole: This condition occurs when the packet the router receives is larger than the
configured size of the Maximum Transmission Unit (MTU) and the Do Not
Fragment flag is configured on that packet. When this occurs, the router is supposed to send a Destination Unreachable message back to the host. If the
packet is not received, the host does not know that the packet did not go
through.

720
Q
  1. Which of the following is an attack in which a rogue wireless access point poses
    as a legitimate wireless service provider to intercept information users transmit?
    ❍ A. Pharming
    ❍ B. Phishing
    ❍ C. Evil twin
    ❍ D. Social Engineering
A
  1. C. An evil twin attack is one in which a rogue wireless access point poses as a
    legitimate wireless service provider to intercept information users transmit.
721
Q

Identify a black hole.

A

ExamAlert

722
Q
1. What type of virus can hide itself to avoid detection?
❍ A. Macro
❍ B. Stealth
❍ C. Partite
❍ D. Worm
A
  1. B. A stealth virus can hide itself to avoid detection. Such viruses often fool
    detection programs by appearing as legitimate programs or hiding within legitimate
    programs.
723
Q

When the ___ ___is incorrect, the router thinks the network is divided into segments other than it is actually configured. Because the purpose of the router is to route traffic, a wrong value here can cause it to try to route traffic to subnets that don’t exist.

A

subnet mask

724
Q

Be ready to identify the types of attacks just described. You can expect a question
on the exam about these types of attacks.

A

ExamAlert

725
Q

If you have a wrong gateway problem:
When you have the gateway(s) configured, use the ping and tracert/traceroute
utilities to verify connectivity and proper configuration.

A

EXAM ALERT

726
Q

____ refers to interference between adjacent wire pairs within the twistedpair
cable at the near end of the link (the end closest to the origin of the data
signal). This occurs when an outgoing data transmission leaks over to an
incoming transmission. In effect, the incoming transmission overhears the signal
sent by a transmitting station at the near end of the link. The result is that
a portion of the outgoing signal is coupled back into the received signal.

A

Near End Crosstalk (NEXT)

727
Q

___ occurs when a receiving station overhears a data signal being sent by a
transmitting station at the other end of a transmission line. This identifies
the interference of a signal through a wire pair to an adjacent pair at the farthest
end from the interfering source (the end where the signal is received).

A

Far End Crosstalk (FEXT)

728
Q

NOTE: As mentioned, crosstalk occurs when the signals sent through media interfere with
data signals on adjacent wires. Within the twisted-pair cable, each wire pair is
twisted to help reduce crosstalk; the tighter the twist, the more effective the cable
is at managing crosstalk. This is one reason to buy high-quality cable.

A

KNOW TIS

729
Q

For the Network+ objective referencing cable problems associated with distance,
think of attenuation.

A

ExamAlert

730
Q

Private Address Range for Class A TCP/IP

A

Address Rang: 10.0.0.0 to 10.255.255.255 /Subnet Mask 255.0.0.0

731
Q

Private Address Range for Class B

A

172.16.0.0 to 172.31.255.255/ Subnet mask 255.255.0.0

732
Q

Private Address Range for Class C

A

192.168.0.0 to 192.168.255.255/ subnet mask 255.255.255.0

733
Q

You need to know the private address ranges in Table 11.2.

A

ExamAlert

734
Q

The ___ ___ enables the system to determine what
portion of the IP address represents the network address and what portion
represents the node address.

A

subnet mask

735
Q

The ___ ___ enables internal systems to communicate with systems on a remote network. In home use, this would likely be the DSL or cable modem, which acts as a router. In a business environment it is the device that routes traffic from

A

default gateway

736
Q

___ enable dynamic hostname resolution
to be performed. It is common practice to have two of these defined so that if one server becomes unavailable, the other
can be used. The client system must be configured with the IP address of the local one of these. If a client system has the wrong one listed, hostname resolution is impossible.

A

DNS Server Addresses

737
Q

At the very minimum, an IP address and subnet mask are required to connect to a
TCP/IP network. With just this minimum configuration, connectivity is limited to the
local segment, and DNS resolution is impossible.

A

ExamAlert

738
Q

f you manually enter IP information on client systems, remember that entering a
duplicate IP address may prevent a client system from logging on to the network. If
this happens, the second system attempting to log on to the network with the
duplicate address is denied.

A

ExamAlert

739
Q

VLAN assignment is one of the troubleshooting topics you should expect to see a
question about on the exam.

A

ExamAlert

740
Q
  1. Which of the following best describes the function of the default gateway?
    ❍ A. It converts hostnames to IP addresses.
    ❍ B. It converts IP addresses to hostnames.
    ❍ C. It enables systems to communicate with systems on a remote network.
    ❍ D. It enables systems to communicate with routers.
A
  1. C. The default gateway enables the system to communicate with systems on a
    remote network, without the need for explicit routes to be defined. The default
    gateway can be assigned automatically using a DHCP server or can be input
    manually.
741
Q
4. Which of the following bits of IP information are mandatory to join the network?
(Choose two.)
❍ A. Subnet mask
❍ B. IP address
❍ C. DNS address
❍ D. Default gateway
A
  1. A and B. Configuring a client requires at least the IP address and a subnet mask.
    The default gateway, DNS server, and WINS server are all optional, but network
    functionality is limited without them.
742
Q
  1. You are wiring a new network. Due to space limitations, you need to run several
    cables close to each other. After the setup, you find that the signals from each
    cable are overlapping. Which term describes what is happening?
    ❍ A. Attenuation
    ❍ B. Crosstalk
    ❍ C. Near crosstalk
    ❍ D. EMI
A
  1. B. Crosstalk can occur when the signal from one cable overlaps with the signal
    from another. This can sometimes happen when cables are run too close together.
    The remedy is to run the cables farther apart and use quality shielded cable.
743
Q
6. Which of the following should you consider when troubleshooting wiring problems?
(Choose the three best answers.)
❍ A. The distance between devices
❍ B. Interference
❍ C. Atmospheric conditions
❍ D. Connectors
A
  1. A, B, and D. When you troubleshoot a wiring problem, consider the distance
    between devices, interference such as crosstalk and EMI, and the connection
    points. Answer C is incorrect because bound media (that is, cables) are unaffected
    by atmospheric conditions.
744
Q

Often users receive a variety of emails offering products, services, information,
or opportunities. Unsolicited email of this type is called ____. This technique involves a bogus offer sent to hundreds of thousands
or even millions of email addresses. The strategy plays the odds. For
every 1,000 emails sent, perhaps one person replies. Phishing can be dangerous
because users can be tricked into divulging personal information such as
credit card numbers or bank account information.

A

phishing (pronounced

“fishing”)

745
Q

These attacks start with war driving—driving around with a laptop looking for
open wireless access points with which to communicate and looking for weak
implementations that can be cracked (WEP cracking or WPA cracking). They
then lead to war chalking—those who discover a way in to the network leave signals (often written in chalk) on, or outside, the premise to notify others
that the vulnerability is there. The marks can be on the sidewalk, the side of
the building, a nearby signpost, and so on.

A

Advertising Wireless Weaknesses

746
Q

A ___ ___ ___ describes a situation in which a wireless access point has
been placed on a network without the administrator’s knowledge.

A

rogue access point:

The result is
that it is possible to remotely access the rogue access point because it likely
does not adhere to company security policies. So all security can be compromised
by a cheap wireless router placed on the corporate network. An evil twin
attack is one in which a rogue wireless access point poses as a legitimate wireless
service provider to intercept information users transmit.

747
Q

_____ is a technique in which the real source of a transmission, file, or email is concealed or replaced with a fake source. This technique enables an attacker, for example, to misrepresent the original source of a file available for download. Then he can trick users into accepting a file from an untrusted
source, believing it is coming from a trusted source.

A

Spoofing

748
Q

In a ___ attack, the intruder places himself between the sending and receiving devices and captures the communication as it passes by. The
interception of the data is invisible to those actually sending and receiving the
data. The intruder can capture the network data and manipulate it, change it,
examine it, and then send it on. Wireless communications are particularly susceptible
to this type of attack.

A

man-in-the-middle attack

749
Q

In a ___ attack, an attacker gains access to a computer or program by
bypassing standard security mechanisms.

A

back door attack,: For instance, a programmer might
install a back door so that the program can be accessed for troubleshooting or
other purposes. Sometimes, as discussed earlier, nonessential services are
installed by default, and it is possible to gain access using one of these unused
services.

750
Q

____ involves an intruder who obtains sensitive
information such as passwords, data, and procedures for performing functions
by intercepting, listening to, and analyzing network communications.

A

eavesdropping

751
Q

____is a common form of cracking. It can be used by both outsiders and people within an organization. Social engineering is a hacker term for tricking people into revealing their password or some form of security information. It might include trying to get users to send passwords or other information over email, shoulder surfing, or any other method that tricks users into divulging information. It is an attack that attempts to take advantage of human behavior.

A

Social engineering

752
Q

____ attacks are one of the most common types of attacks. Typically, usernames
are easy to obtain. Matching the username with the password allows
the intruder to gain system access to the level associated with that particular
user.

A

Password

753
Q

_____ attacks are designed to tie up network bandwidth and resources and eventually bring the entire network to a halt. This type of
attack is done simply by flooding a network with more traffic than it can handle. This attack is not designed to steal data but rather to cripple a network
and, in doing so, cost a company huge amounts of dollars.

A

Denial of service (DoS)

754
Q

Be prepared to identify the types of viruses and the differences between a virus,
Trojan horse, and worm.

A

ExamAlert

755
Q

___viruses are designed to infect and corrupt documents.
Because documents are commonly shared, these viruses can
spread at an alarming rate.

A

Macro Virus

756
Q

____ can hide itself to avoid detection. Such
viruses often fool detection programs by appearing as legitimate programs
or hiding within legitimate programs.

A

Stealth virus:

757
Q

One particularly hard-to-handle type of virus is the
____. It can change its characteristics to avoid detection. These viruses are some of the most difficult types to detect and remove.

A

polymorphic

758
Q

Like any other applications, from time to time viruses are enhanced to make them harder to detect and to modify the damage they do. Modifications to existing viruses are called ____ because they are
rereleased versions of known viruses.

A

variants

759
Q

A __ virus installs itself into the operating system and stays there. It typically places itself in memory and from there infects and does damage. The resident loads with the operating system
on boot.

A

resident

760
Q

____ covertly gathers system information through the
user’s Internet connection without his or her knowledge, usually for advertising purposes. These applications typically are bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet.

A

Spyware

761
Q

appear as helpful or harmless programs
but when installed carry and deliver a malicious payload. A___ ___
virus might, for example, appear to be a harmless or free online game
but when activated is actually malware.

A

Trojan horse

762
Q

___ are a nasty form of software that automatically and
silently propagate without modifying software or alerting the user. After
they are inside a system, they can carry out their intended harm,
whether it is to damage data or relay sensitive information

A

WORMS

763
Q

Although they are still a form of virus, ___ viruses are

specifically designed to damage office or text documents.

A

macro

764
Q

The _____ attack is similar to a Fraggle attack. However, a ping request is sent
to a broadcast network address, with the sending address spoofed so that many ping replies overload the victim and prevent it from processing the
replies.

A

Smurf

765
Q
  1. What type of malware covertly gathers system information through the
    user’s Internet connection without his or her knowledge, usually for advertising
    purposes?
A
  1. Spyware covertly gathers system information through the user’s Internet
    connection without his or her knowledge, usually for advertising purposes.
766
Q
  1. Which of the following services or protocols use SSH technology to provide
    additional security to communications? (Choose two.)
    ❍ A. SCP
    ❍ B. SFTP
    ❍ C. SNMP
    ❍ D. SMTP
A
  1. A and B. Secure Shell (SSH) technology is used by both Secure Copy Protocol
    (SCP) and Secure File Transfer Protocol (SFTP). Answers C and D are incorrect
    because Simple Network Management Protocol (SNMP) and Simple Mail
    Transfer Protocol (SMTP) do not use SSH technology for additional security.
767
Q
3. Which of the following is the strongest password?
❍ A. password
❍ B. WE300GO
❍ C. l00Ka1ivE
❍ D. lovethemusic
A
  1. C. Strong passwords include a combination of letters and numbers and upperand
    lowercase letters. Answer C is by far the strongest password. Answer A is
    not a strong password because it is a standard word, contains no numbers, and
    is all lowercase. Answer B mixes letters and numbers, and it is not a recognized
    word, so it is a strong password, but it is not as strong as answer C. Answer D is
    too easy to guess and contains no numbers.
768
Q
1. Which of the following protocols is used with HTTPS?
❍ A. SSH
❍ B. SSL
❍ C. Proxy
❍ D. IPSec
A
  1. B. HTTPS uses SSL to create secure connections over the Internet. Answer A is
    incorrect because SSH provides a secure multiplatform replacement for Telnet.
    Answer C is invalid because it is a service and not a protocol. Answer D is incorrect
    because IPSec is designed to encrypt data during communication between
    two computers.
769
Q

An enhanced version of its predecessors offering both encryption and authentication services

A

SNMPv3

770
Q

Copies files between systems, but transport is not secured

A

Remote Copy Protocol (RCP)

771
Q

Replaced by SSH because it sends all data clear text

A

RSH- a UNIX utility used to run a command on a remote machine

772
Q

A cyrtographic protocol whose purpose is to verify that secure communications between a server and a client remain secure. It is an enhancement/replacement for SSL

A

Transport Layer Security

773
Q

Enables sessions to be opened on a remote host

A

Telnet

774
Q

A [rptpcp; fpr retrieving files from a web server. Data is sent in clear text

A

Hypertext Transfer Protocol (HTTP)

775
Q

A protocol for uploading and downloading files
to and from a remote host. Also accommodates
basic file management tasks.

A

FTP File Transfer Protocol

776
Q

Users are allowed to log on without authentication.

A

Unauthenticated access:

777
Q

____supports non-
Microsoft remote-access clients. enables for authentication without
actually having the user send his password over the network.
Because it’s an industry standard, it enables Windows Server 2008/2003
and Windows 7/Vista to behave as a remote client to almost any thirdparty
PPP server.

A

Challenge Handshake Authentication Protocol (CHAP):

778
Q

____ Brings with it enhancements over its predecessor. These enhancements include support for two-way authentication
and a few changes in how the cryptographic key is analyzed.

A

Microsoft Challenge Handshake Authentication Protocol version 2
(MS-CHAP v2)::

779
Q

Both RADIUS and TACACS+ provide authentication, authorization, and accounting
services. One notable difference between TACACS+ and RADIUS is that TACACS+
relies on the connection-oriented TCP, whereas RADIUS uses the connectionless
UDP.

A

ExamAlert

780
Q

_____ is a security
protocol designed to provide centralized validation of users who are attempting
to gain access to a router or Network Access Server (NAS).

A

Terminal Access Controller Access Control System+ (TACACS+):
Like
RADIUS, TACACS+ is a set of security protocols designed to provide
authentication, authorization, and accounting (AAA) of remote users.
TACACS uses TCP port 49 by default.

781
Q

Certificatess are the cornerstones of the PKI. A certificate is essentially a form of
electronic credential that validates users, computers, or devices on the network. A
certificate is a digitally signed statement that associates the credentials of a public
key to the identity of the person, device, or service that holds the corresponding
private key.

A

ExamAlert

782
Q

Software programs or code loaded onto a computer without the user’s knowledge. After it is loaded, the ____ performs some form of
undesirable action on the computer.

A

virus

783
Q

In a____ attack, spoofed UDP packets are sent to a network’s broadcast
address. These packets are directed to specific ports, such as port 7 or port 19,
and, after they are connected, can flood the system.

A

Fraggle

784
Q
  1. What are some of the more common potential risks to computer
    systems?
A
  1. Viruses, Trojan horses, and worms all present a potential risk to computer
    systems.
785
Q
  1. You are onsite as a consultant. The client’s many remote-access users experience
    connection problems. Basically, when users try to connect, the system
    cannot service their authentication requests. What kind of server might you recommend
    to alleviate this problem?
    ❍ A. RADIUS server
    ❍ B. IPSec server
    ❍ C. Proxy server
    ❍ D. Kerberos server
A
  1. A. By installing a RADIUS server, you can move the workload associated with
    authentication to a dedicated server. A proxy server would not improve the
    dialup connection’s performance. There is no such thing as a Kerberos server or
    an IPSec server.
786
Q
2. Which of the following is not an authentication protocol?
❍ A. IPSec
❍ B. CHAP
❍ C. PAP
❍ D. EAP
A
  1. A. IPSec is not an authentication protocol. All the other protocols listed are
    authentication protocols.
787
Q

You will most certainly be asked questions on secure protocols and when they
might be used. Review Table 10.1 before taking the Network+ exam.

A

ExamAlert

788
Q

A network monitoring system used to monitor the network’s condition. is not secured

A

Simple Network Management Protocol version 1 and 2 (SNMPv1/2)

789
Q

Enables files to be securely copied between two systems. Uses Secure SHell (SSH) technology to provide encryption services

A

Secure Copy Protocol (SCP)

790
Q

Provides an independent framework for authentication and key exchange. The actual implementation is usually done by IPSec but could be handled by any implementation capable of negotiating, modifying, and deleting security associations.

A

Internet Security Association and Key Management Protocol (ISAKMP)

791
Q

A secure alternative to Telnet that enables secure sessions toe be opened on a remote host

A

SSH

792
Q

A secure protocol for retrieving files from a web server. Uses SSL to encrypt data between client and host

A

Hypertext Transfer Protocol Secure

793
Q

A Protocol for securely uploading and downloading files to and from a remote host. Based on SSH security

A

Secure File Transfer Protocol (SFTP)

794
Q

You should be familiar with the different remote-access authentication methods and
know where and when they may be used.

A

ExamAlert

795
Q

____ is a simple authentication protocol in which the username and password
are sent to the remote-access server in clear text, making it possible
for anyone listening to network traffic to steal both.

A

Password Authentication Protocol (PAP):
PAP typically is
used only when connecting to older UNIX-based remote-access servers
that do not support any additional authentication protocols.

796
Q

An extension of PPP that
supports authentication methods that go beyond the simple submission
of a username and password. _____ was developed in response to an
increasing demand for authentication methods that use other types of
security devices such as token cards, smart cards, and digital certificates.

A

Extensible Authentication Protocol (EAP):

797
Q

Authenticates remote Windows workstations, providing the
functionality to which LAN-based users are accustomed while integrating
the hashing algorithms used on Windows networks

A

Microsoft Challenge Handshake Authentication Protocol (MSCHAP): MS-CHAP works with PPP, PPTP, and L2TP network connections. MS-CHAP
uses a challenge/response mechanism to keep the password from being sent during the authentication process. MS-CHAP uses the Message Digest 5 (MD5) hashing algorithm and the Data Encryption Standard
(DES) encryption algorithm to generate the challenge and response. It provides mechanisms for reporting connection errors and for changing the user’s password.

798
Q

RADIUS functions as a client/server system. The remote user dials in to the
remote-access server, which acts as a RADIUS client, or network access server
(NAS), and connects to a RADIUS server. The RADIUS server performs
authentication, authorization, and auditing (or accounting) functions and
returns the information to the RADIUS client (which is a remote-access server
running RADIUS client software); the connection is either established or
rejected based on the information received.

A

KNOW THIS

799
Q

RADIUS is a protocol that enables a single server to become responsible for all
remote-access authentication, authorization, and auditing (or accounting) services.

A

ExamAlert