Network Operations (6) Flashcards
Which of the following is not a fault tolerance mechanism?
UPS
RAID 1
SNMP
SNMP
Simple Network Monitoring Protocol (SNMP) is a means of tracking the performance and functionality of network components. Software or firmware components called agents are embedded in network devices and communicate with a central monitoring console. SNMP does not provide fault tolerance. A uninterruptible power supply (UPS) is a battery backup device that enables a computer to continue functioning in the event of a power failure. Redundant Array of Independent Disks (RAID) level 1 is a disk mirroring mechanism that provides fault tolerance by maintaining duplicate copies of all stored data. Clustering is a mechanism by which multiple servers function as a single unit, running the same application, so that if a server should fail, the others continue to function
Which of the following types of virtual private networking (VPN) connection is the best solution for connecting a branch office to a corporate headquarters?
Host-to-site
Site-to-site
Host-to-host
Site-to-site
A site-to-site VPN enables one network to connect to another, enabling users on both networks to access resources on the other one. This is usually a more economical solution for branch office connections than a wide area network (WAN) link. A host-to-site VPN is a remote access solution, enabling users to access the corporate network from home or while traveling. A host-to-host VPN enables two individual users to establish a protected connection to each other. An extranet VPN is designed to provide clients, vendors, and other outside partners with the ability to connect to your corporate network with limited access
Ralph is a network administrator for a firm that is allowing employees to telecommute for the first time, and he is responsible for designing a remote access solution that will enable users to access network resources, such as company email and databases, securely. All of the remote users have been issued smartcards and will be connecting using virtual private network (VPN) connections on company-supplied laptop computers running Windows 10 and equipped with card readers. The users will be logging on to the company network using their standard Active Directory Domain Services accounts, so it’s important for Ralph to design a solution that provides the maximum protection for their passwords, both inside and outside the office. Which of the following authentication protocols should you configure the remote access servers and the laptop computers to use?
Password Authentication Protocol (PAP)
Challenge Handshake Authentication Protocol (CHAP)
Extensible Authentication Protocol (EAP)
Extensible Authentication Protocol (EAP)
EAP is the only authentication protocol included with Windows 10 that supports hardware-based authentication, so this is the only viable option. PAP transmits passwords in clear text and is therefore not a viable option, as is CHAP, because it must store passwords using reversible encryption. MSCHAPv2 provides sufficient password protection but does not support hardware-based authentication
Which of the following remote access protocols provides users with full graphical control over a Windows computer? (Choose all correct answers.)
SSH
RDP
VNC
Telnet
RDP
VNC
RDP is a component of Remote Desktop Services, a Windows mechanism that enables a client program to connect to a server and control it remotely. RDP does not carry actual application data; it just transfers keystrokes, mouse movements, and graphic display information. Virtual Network Computing (VNC) is a similar desktop sharing system that is platform independent and open source. Secure Shell (SSH) and Telnet are character-based remote control solutions
Which of the following types of traffic are carried by the Remote Desktop Protocol (RDP)? (Choose all correct answers.)
Keystrokes
Mouse movements
Display information
Application data
Keystrokes
Mouse movements
Display information
RDP is a component of Remote Desktop Services, a Windows mechanism that enables a client program to connect to a server and control it remotely. RDP does not carry actual application data; it just transfers keystrokes, mouse movements, and graphic display information
Which of the following types of traffic are transmitted by Virtual Network Computing (VNC)? (Choose all correct answers.)
Keystrokes
Mouse movements
Display information
Application data
Keystrokes
Mouse movements
Display information
VNC is a graphical desktop sharing system that uses a protocol called Remote Frame Buffer (RFB) to connect a client to a server and control it remotely. VNC does not transmit actual application data; it just transfers keystrokes, mouse movements, and graphic display information
Which of the following types of traffic are carried by Telnet? (Choose all correct answers.)
Keystrokes
Mouse movements
Display information
Application data
Keystrokes
Display information
Telnet is a character-based remote control protocol and application that is available on virtually all computing platforms. Because it is strictly character based, Telnet clients transmit only keystrokes and receive only character-based display information from the server
What is the primary shortcoming of the File Transfer Protocol (FTP) that is addressed by FTPS and SFTP?
Lack of security
Slow file transfers
File size limitations
Lack of security
FTP does provide authentication capabilities, but passwords are transmitted over the network in clear text, which is an unacceptable security condition. FTPS adds security in the form of the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. SFTP adds Secure Shell (SSH) security. File transfer speed and size limitations are not an issue
Which of the following File Transfer Protocol (FTP) variants transmit authentication passwords over the network in clear text?
FTP
FTPS
SFTP
FTP
FTP provides authentication capabilities, but it transmits passwords over the network in clear text, which is an unacceptable security condition. FTPS adds security in the form of the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. SFTP adds Secure Shell (SSH) security. Both of these encrypt authentication passwords before transmitting them. Trivial File Transfer Protocol (TFTP) does not authenticate clients, so it does not transmit passwords at all
Which of the following File Transfer Protocol (FTP) variants is typically used to download boot image files during Preboot Execution Environment (PXE) startup sequences?
FTPS
SFTP
TFTP
TFTP
Trivial File Transfer Protocol (TFTP) is a simplified version of FTP that does not authenticate clients, so systems booting with PXE can download boot images invisibly after being directed to a TFTP server by the Dynamic Host Configuration Protocol (DHCP). FTP, FTPS, and SFTP all require authentication and other interaction, which would be impractical for use with PXE
Which of the following statements about in-band management and out-of-band management are true? (Choose all correct answers.)
Out-of-band management tools do not provide access to the remote system’s BIOS or UEFI firmware.
Out-of-band management tools enable you to reinstall the operating system on a remote computer.
Telnet, Secure Shell (SSH), and Virtual Network Computing (VNC) are in-band management tools.
To perform out-of-band management on a device, it must have an IP address.
Out-of-band management tools enable you to reinstall the operating system on a remote computer.
Telnet, Secure Shell (SSH), and Virtual Network Computing (VNC) are in-band management tools.
Out-of-band management uses a dedicated channel to devices on the network. This means that the device to be managed does not require an IP address. The channel provides access to the BIOS or UEFI firmware and makes it possible to reinstall the operating system on a remote computer. Telnet, SSH, and VNC are not out-of-band management tools
Which of the following statements best defines out-of-band management?
Out-of-band management is a method for accessing network devices from a remote location.
Out-of-band management is method for accessing network devices using a direct cable connection.
Out-of-band management is a method for accessing network devices using a connection to the system other than the production network to which the device is connected.
Out-of-band management is a method for accessing network devices using a connection to the system other than the production network to which the device is connected.
Out-of-band management refers to the use of an alternative channel to a network device. The channel can be a modem connection, a direct cable connection, a wireless or cellular connection, or a dedicated Ethernet connection
Which of the following are the protocols that IPsec uses to secure network traffic? (Choose all correct answers.)
SSH
AH
ESP
SSL
AH
ESP
Authentication Header (AH) is an IPsec protocol that provides authentication and digital integrity services. Encapsulating Security Protocol (ESP) provides encryption services for IPsec. Secure Shell (SSH) is a remote administration tool, and Secure Sockets Layer (SSL) is a security protocol that provides encrypted communications between web browsers and servers
What four components are required for a computer to establish a remote Transmission Control Protocol/Internet Protocol (TCP/IP) connection?
Common protocols
Remote Access Service (RAS)
A physical layer connection
TCP/IP configuration
Point-to-Point Tunneling Protocol (PPTP)
Host and remote software
Common protocols
A physical layer connection
TCP/IP configuration
Host and remote software
A computer requires four components to establish a remote connection. First, a physical-layer wide area network (WAN) connection is needed. Second, two systems must share common protocols from the data link layer and above. Third, if TCP/IP is being used to establish a remote session, then TCP/IP parameters must be configured on the systems. Fourth, host and remote software are needed. The remote client must have software that enables it to establish a remote session, and the server must have software that allows it to receive and grant remote sessions. Microsoft RAS supports both client and server remote access software. However, this is not a required component since other types of software can be used. PPTP is a tunneling protocol and is not a required component for establishing a remote session
Which of the following protocols does IPsec use to digitally encrypt packets before transmitting them over the network?
ESP
SSL
AH
ESP
Encapsulating Security Protocol (ESP) is a protocol in the TCP/IP suite that is capable of providing encryption services for IPsec. Authentication Header (AH) provides digital integrity services for IPsec, in the form of a digital signature. Secure Sockets Layer (SSL) is a security protocol that provides encrypted communications between web browsers and servers. MSCHAP is an authentication protocol used by remote access services
