Network Operations (7) Flashcards
Which of the following are examples of out-of-band device management? (Choose all correct answers.)
Logging on remotely from a network workstation
Plugging a laptop into a console port
Establishing a modem connection
Connecting dedicated ports on each device to a separate switch
Plugging a laptop into a console port
Establishing a modem connection
Connecting dedicated ports on each device to a separate switch
Any method of connecting to a router, switch, or other managed device that does not use the production network is considered to be out-of-band management. This includes connecting a computer or terminal directly to the device, using a point-to-point modem connection, or consolidating dedicated ports on all of the devices by connecting them to an isolated switch. Logging on remotely using a workstation on the production network would be considered in-band management
Which two protocols can be used to create a virtual private network (VPN) tunnel through the Internet? (Choose all correct answers.)
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Point-to-Point Protocol (PPP)
Serial Line Internet Protocol (SLIP)
Point-to-Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Two main VPN tunneling protocols are used to create a secure virtual pipe through the Internet: the PPTP and the L2TP. PPTP is a Microsoft tunneling protocol. L2TP is a Cisco Systems tunneling protocol. SLIP and PPP are not tunneling protocols
Which of the following is not a protocol used to secure virtual private network (VPN) connections?
PPTP
IPsec
FTPS
FTPS
File Transfer Protocol Secure (FTPS) is a variant on FTP that adds security in the form of the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. However, it is not used to secure VPN connections. Point-to-Point Tunneling Protocol (PPTP), IPsec, and Layer 2 Tunneling Protocol (L2TP) are all protocols that provide security for VPN connections
What is the difference when you specify the HTTPS:// prefix in a uniform resource locator (URL) instead of HTTP://? (Choose all correct answers.)
The connection between the web browser and the server is encrypted.
The browser uses a different port number to connect to the server.
The connection uses SSL or TLS instead of HTTP.
The browser uses a different IP address to connect to the server.
The connection between the web browser and the server is encrypted.
The browser uses a different port number to connect to the server.
Using the prefix HTTPS:// causes a web browser to use a different port number to establish a secure connection to the web server. Security is provided by encrypting all data using Secure Sockets Layer (SSL) or Transport Layer Security (TLS). However, SSL and TLS do not replace HTTP; they just augment it. The HTTPS:// prefix does not affect the IP address used to connect to the server
You are a consultant installing a web server application for a client called Adatum. The domain name Adatum.com has been registered in the DNS and the server has one public IP address, so the new website will be accessible to users on the Internet. You want to be able to access the web server application’s administrative site from your remote office, so you configure that site to be encrypted and to use the port number 12354 instead of the default. Which of the following URLs will you have to use to access the administrative website?
http: //www.adatum.com:12354
https: //www.adatum.com:80
https: //www.adatum.com:12354
https://www.adatum.com:12354
Because the ad ministrative site is encrypted, you must use the HTTPS:// prefix to access it. Because the administrative site uses the nondefault port number 12354, you must append that number to the server name with a colon
Which of the following is not an advantage of the Virtual Network Computing (VNC) terminal emulation product over its competitors?
VNC runs on many operating systems.
VNC runs faster than the competition.
VNC can run through a web browser.
VNC runs faster than the competition.
VNC supports many operating systems, can run through a web browser, and is free. However, it is not any faster than the competing products
Which of the following was the first TCP/IP terminal emulation program?
Telnet
SSH
Windows Terminal Services
Telnet
Telnet (TELetype NETwork) was the first TCP/IP terminal emulation program, but it is rarely used today because of its limitations. It is character-based only, and it transmits all data as clear text, which is insecure. Secure Shell (SSH) addresses the security problem, but it too is character-based. Windows Terminal Services and Virtual Network Computing (VNC) were both created to provide graphical terminal emulation
Which of the following are shortcomings of the Telnet terminal emulation program? (Choose all correct answers.)
It is slow.
It is insecure.
It is expensive.
It is not graphical.
It is insecure.
It is not graphical.
Telnet (TELetype NETwork) was the first TCP/IP terminal emulation program, but it is rarely used today because it does not support graphical terminal emulation and because it transmits all data as clear text, which is insecure. Telnet is not appreciably slower than other character-based applications, and it is free
Which of the following prefixes must you use in the URL you type into a web browser when the website you want to access has been secured with Transport Layer Security (TLS)?
TLS://
HTTPS://
HTTP://
HTTPS://
No matter what protocol is used to encrypt a website, you must use the HTTPS:// prefix to access it. HTTP:// is for unencrypted sites, and TLS:// and HTLS:// are nonexistent prefixes
Which of the following techniques do virtual private networks use to secure the data that they transmit over the Internet? (Choose all correct answers.)
Tunneling
Socketing
Message integrity
Authentication
Tunneling
Message integrity
Authentication
Tunneling is the process of encapsulating a data packet within another packet. The outer packet then encrypts the entire data packet. Message integrity enables the recipient to detect any data tampering. Authentication ensures that only the intended recipient can access the data. There is no applicable technique called socketing
SSH was created to be an improvement on the Telnet terminal emulation program. In which of the following ways is it an improvement?
SSH is faster than Telnet.
SSH provides graphical terminal emulation.
SSH encrypts passwords and data.
SSH encrypts passwords and data.
Telnet transmits keystrokes in clear text, including usernames and passwords. It is therefore insecure. Secure Shell (SSH) improves on the performance of Telnet by encrypting the passwords and other data it transmits over the network. Like Telnet, SSH is free and does not support graphical terminal emulation. SSH is also no faster than Telnet
Remote Desktop Protocol (RDP) was created for use with which of the following terminal emulation programs?
Windows Terminal Services
Virtual Network Computing (VNC)
Citrix WinFrame
Telnet
Windows Terminal Services
RDP is the client/server protocol created for use with Windows Terminal Services, now known as Remote Desktop Services. It is not used with VNC, Citrix products, or Telnet
Your company has two users who want to telecommute from home. They don’t have any hardware or software configured or installed. They need to transfer files to the corporate network over a secure link. Your company has a virtual private network (VPN) concentrator using Layer 2 Tunneling Protocol (L2TP) and IPsec. The users want to implement the fastest available service. Both of the users’ homes are within 10,000 feet of a central office. Which of the following solutions addresses this scenario? (Choose all correct answers.)
Each user should install a modem and VPN client software and configure it to dial through a local Internet service provider (ISP) to connect to the company server using L2TP and IPsec.
Each user should establish a Digital Subscriber Line (DSL) connection by either ordering a new line or using the existing line. Each user then needs to install VPN client software and configure it to connect to the company server using L2TP and IPsec.
Each user should establish a cable television (CATV) connection with a local broadband Internet service provider. Each user then needs to install VPN client software and configure it to connect to the company server using L2TP and IPsec.
Each user should install an Integrated Services Digital Network (ISDN) line in his or her house. Each user then needs to install VPN client software and configure it to dial through a local ISP to connect to the company server using L2TP and IPsec.
Each user should establish a Digital Subscriber Line (DSL) connection by either ordering a new line or using the existing line. Each user then needs to install VPN client software and configure it to connect to the company server using L2TP and IPsec.
Each user should establish a cable television (CATV) connection with a local broadband Internet service provider. Each user then needs to install VPN client software and configure it to connect to the company server using L2TP and IPsec.
In this scenario each user wants the fastest service available to connect to the corporate network over a VPN connection. Of all the services listed here, the only ones that will meet this requirement are DSL and CATV Internet. CATV and DSL Internet connections support high data rates and can be used to connect using a VPN tunnel, so they meet the speed requirement. Each user can use his or her existing CATV connection or use an existing telephone line to install DSL. Once the line is installed, each user needs to install and configure a VPN client on his or her computer and configure it to use L2TP and IPsec. Modem connections are slow—the maximum upstream speed is 33.6 Kbps, and the downstream is 56 Kbps. ISDN’s maximum transfer rate for Basic Rate Interface (BRI) is 128 Kbps
Which of the following types of documentation should contain the chemical composition of all cleaning compounds used in a datacenter?
ESD
MSDS
NDA
MSDS
A material safety data sheet (MSDS) is a document created by manufacturers of chemical, electrical, and mechanical products, specifying the potential dangers and risks associated with them, particularly in regard to exposure or fire. A properly documented network should have MSDS documents on file for all of the chemical and hardware products used to build and maintain it. MSDSs can be obtained from the manufacturer or the Environmental Protection Agency (EPA). Electrostatic discharges (ESDs), nondisclosure agreements (NDAs), and Bring Your Own Device (BYOD) policies are not concerned with cleaning compounds
After being hired for a job as an IT administrator, you have been assigned two user accounts, one of which is intended for general use and the other only for administrative tasks. You are also required to sign an agreement that outlines the restrictions for your account use. Specifically, you are not permitted to use the administrative account for anything other than administrative tasks, including browsing the Internet and accessing data for which you are not authorized. Which of the following is the best name for this type of agreement?
Service level agreement
Acceptable use policy
Privileged user agreement
Privileged user agreement
A privileged user agreement specifies the abilities and limitations of users with respect to the administrative accounts and other privileges they have been granted. Remote access policies specify when and how users are permitted to access the company network from remote locations. A service level agreement (SLA) is a contract between a provider and a subscriber specifying the guaranteed availability of the service. Acceptable use policies (AUPs) specify whether and how employees can utilize company-owned hardware and software resources
