Networking Basics and Terminology Flashcards
Which network device transmits data between different networks by examining the destination network address in a packet?
Load balancer
Layer 2 switch
Router
Router
Routers examine the destination network address when receiving inbound traffic to transmit packets to different networks
You have been asked to implement a router-based solution that allows inbound SSH traffic from a specific subnet. What should you configure?
NIC
ACL
Proxy
ACL
Access control lists (ACLs) determine what network traffic is allowed to flow through a router
A busy web site has not been responding well because of the large volumes of HTTP connections to the web server. Which solution would increase web server performance?
Add more RAM to the web server.
Install two web servers hosting the same content. Configure a load balancer to distribute incoming HTTP connections between the two web servers.
Place a router between the web server and the Internet to throttle incoming HTTP connections.
Install two web servers hosting the same content. Configure a load balancer to distribute incoming HTTP connections between the two web servers.
Configuring multiple servers behind a load balancer allows for the distribution of incoming network traffic among those servers
Which router security feature drops inbound traffic with a forged source address of an internal network?
Stateless packet inspection
Anti-malware
Anti-spoofing
Anti-spoofing
Anti-spoofing checks that the source IP of external traffic coming into a network does not match the IP range of an internal network; otherwise, this implies that the source IP address has been spoofed and should be dropped
Your web application consists of two back-end servers fronted by a load balancer. As client requests come in you would like the first request to be sent to the first server, the next request to the second, and so on, in a circular pattern. Which load balancer scheduling algorithm should you configure?
Round robin
Weighted round robin
Random
Round robin
Round robin sends traffic to the first back-end node, then the second, the third, back to the first, and so on
During an IT meeting, your colleague Raylee suggests that there is a single point of failure in the single load balancer in place for the company web site ordering system. She suggests having two load balancers configured, with only one in service at a given time. What type of load balancing configuration has Raylee described?
Round robin
Active-active
Active-passive
Active-passive
Active-passive configurations consist of two load balancers, one of which is active. When the active load balancer is unresponsive, the second load balancer takes over
An active-passive load balancer solution is configured on your network. When the standby load balancer determines that the primary load balancer is down, what attribute does it take control of?
Load balancer MAC address
Load balancer IP address
First back-end server MAC address
Load balancer IP address
A virtual IP address is assigned to the active load balancer. This is the externally exposed addresses the DNS names must resolve to
Which of the following statements regarding router ACLs is true?
Rules are processed in a top-down fashion.
Rules are processed in a bottom-up fashion.
The first rule should be a deny-all rule.
Rules are processed in a top-down fashion.
Router ACL rule sets are processed in a top-down fashion. If no rules are matched, then the last rule applies
When writing router ACL rules, which general guideline should be followed?
Do not block traffic based on IP addresses.
The first rule should be a deny-all rule.
The last rule should be a deny-all rule.
The last rule should be a deny-all rule.
If there are no ACL rule matches, the last rule (deny all) will be applied to traffic
Your network requires routers that can block traffic based on the MAC address. What type of ACL rule support must routers support?
Layer 1
Layer 2
Layer 3
Layer 2
Layer 2 of the OSI model deals with MAC, or hardware, addresses
As part of a network security team, you need to capture network transmissions to and from all hosts on an Ethernet network switch. However, after plugging into switch port 24 and beginning a packet-capturing session, you see only broadcast and multicast transmissions from other hosts. What must you do?
Plug into switch port 1.
Configure switch port monitoring on port 24.
Configure switch port monitoring on port 1.
Configure switch port monitoring on port 24.
Most switches have a port-monitoring option whereby all switch traffic is copied to the specified port, in this case, port 24
Which type of network device results in additional broadcast domains?
Hub
Layer 2 switch
Router
Router
Routers result in multiple broadcast domains; in other words, broadcast transmissions do not traverse routers
IT staff stations initiate a large volume of network traffic to and from server 1 and server 2. All staff stations are plugged into four switches that are linked together. What should be done to make more efficient use of network bandwidth?
Place IT staff stations and the servers on their own VLAN.
Place server 1 and server 2 on separate VLANs.
Place a router between IT staff stations and the servers.
Place IT staff stations and the servers on their own VLAN.
Placing IT staff stations and servers 1 and 2 on their own VLAN keeps their traffic isolated from the rest of the network
Which of the following is Telnet used for?
Verifying routers in a transmission path
Performing encrypted remote command-line management
Performing clear-text remote command-line management
Performing clear-text remote command-line management
Telnet uses TCP port 23 and is used for clear-text remote command-line management
Which network protocol is not routable?
HTTP
DNS
NetBIOS
NetBIOS
NetBIOS is not a routable network protocol. NetBIOS over TCP/IP (NBT) is a Microsoft protocol used in the past for purposes such as file and print sharing over port 139
Your wiring closet consists of three 24-port Ethernet switches all linked together. Computers from the Accounting department are plugged into each Ethernet switch, as are computers from the Research department. Your manager asks you to ensure that computers in the Accounting department are on a network different from computers in the Research department. What could you do? (Choose two.)
Replace the Ethernet switches with Ethernet hubs.
Configure all Accounting computers on the same TCP/IP subnet (e.g., 192.268.2.0 /24) and configure all Research computers on their own TCP/IP subnet (e.g., 192.168.3.0 /16).
Configure an Accounting VLAN that includes the Accounting computers and a Research VLAN that includes the Research computers.
Configure all Accounting computers on the same TCP/IP subnet (e.g., 192.168.2.0 /24) and configure all Research computers on their own TCP/IP subnet (e.g., 192.168.3.0 /24).
Configure an Accounting VLAN that includes the Accounting computers and a Research VLAN that includes the Research computers.
Configure all Accounting computers on the same TCP/IP subnet (e.g., 192.168.2.0 /24) and configure all Research computers on their own TCP/IP subnet (e.g., 192.168.3.0 /24).
Placing the Accounting and Research computers each into its own VLAN means Accounting and Research computers would be on different networks. If Accounting computers were on the 192.168.2.0 /24 network and Research computers were on the 192.168.3.0 /24 network, the computers would be on the same physical network but on different logical networks
What type of address is fe80::dca6:d048:cba6:bd06?
IPv4
IPv6
MAC
IPv6
IPv6 addresses are hexadecimal (base 16) addresses with each of the eight hexadecimal portions separated with a colon. Double colons (::) can be used as shorthand for :0000: in place of consecutive 0’s
Which of the following statements regarding DNS are true? (Choose two.)
It resolves NetBIOS computer names to IP addresses.
Client-to-server queries use TCP port 53.
It resolves FQDNs to IP addresses.
Given an IP address, DNS can return an FQDN.
It resolves FQDNs to IP addresses.
Given an IP address, DNS can return an FQDN.
DNS is used to resolve fully qualified domain names (FQDNs) such as www.mhprofessional.com to an IP address. The reverse is also true. An IP address such as 22.33.44.55 could be used to return an FQDN (this is called a DNS reverse lookup)
Which protocol uses TCP port 443?
FTPS
HTTP
HTTPS
HTTPS
Hypertext Transfer Protocol Secure (HTTPS) uses TCP port 443
You are troubleshooting TCP/IP settings on a workstation. The workstation IP address is 10.17.6.8/24, the DNS server setting is set to 199.126.129.86, and the default gateway setting is 10.17.5.6./24. The router has a public IP address of 199.126.129.76/24 and a private internal IP address of 10.17.5.6/24. This workstation is the only station on the network that cannot connect to the Internet. What should you do?
Change the DNS server setting to 10.17.5.6.
Change the router private internal IP address to 10.17.6.6.
Change the workstation IP address to 10.17.5.8.
Change the workstation IP address to 10.17.5.8.
The workstation IP address is currently on a different subnet from the default gateway; changing the workstation IP address to 10.17.5.8 would allow communication with the default gateway
You need a server to store router configuration files. The server must not require a username or password. Which type of server is the best choice?
Windows file server
FTP
TFTP
TFTP
Trivial FTP (TFTP) allows storage of files without requiring a username or password
Which TCP/IP protocol is designed to synchronize time between computers?
SNMP
Windows Time Service
NTP
NTP
Network Time Protocol (NTP) synchronizes time between computers over UDP port 123
Which TCP/IP protocol gives administrators a remote command prompt to a network service?
ARP
UDP
Telnet
Telnet
Telnet gives administrators a remote command prompt to a network service
While capturing network traffic you notice some packets destined for UDP port 69. What type of network traffic is this?
FTP
TFTP
SNMP
TFTP
Trivial File Transfer Protocol (TFTP) uses UDP port 69
Which TCP/IP protocols use encryption to secure data transmissions?
SCP, DNS, SSH
SSH, SCP, Telnet
SSH, SCP, FTPS
SSH, SCP, FTPS
Secure Shell (SSH), Secure Copy Protocol (SCP), and File Transfer Protocol Secure (FTPS) encrypt data transmissions
Which of the following network connectivity devices functions primarily using computer MAC addresses? (Choose two.)
Router
Bridge
Hub
Switch
Bridge
Switch
Bridges and switches optimize network usage by remembering which network segments MAC addresses (network cards) are connected to
Which of the following are considered TCP/IP transport protocols? (Choose two.)
HTTP
TCP
Telnet
UDP
TCP
UDP
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are both considered to be transport protocols. TCP is a connection-oriented (a session is established before transmitting data) and acknowledged transport (each transmission gets an acknowledgment packet), where UDP is connectionless and unacknowledged. Because of reduced overhead, UDP is faster
Your Vancouver users cannot connect to a corporate web server housed in Seattle, but they can connect to Internet web sites. The network technicians in Seattle insist the web server is running because Seattle users have no problem connecting to the Seattle web server. From the Vancouver network, you ping the Seattle web server but do not get a reply. Which tool should you use next?
tracert
ipconfig
Telnet
tracert
Trace Route (tracert) to the Seattle web server will send a reply from each router along the path so you can identify where the transmission is failing
A workstation has an IP address of 169.254.46.86. The server administrators realize the DHCP service is offline, so they start the DHCP service. What command should be used next on the workstation to immediately obtain a valid TCP/IP configuration?
tracert
netstat -a
ipconfig /renew
ipconfig /renew
The command ipconfig should be used with the /renew parameter to get an IP address from the DHCP server
Which of the following is a security best practice for configuring an Ethernet switch?
Disable unused ports and assign MAC addresses to enabled ports.
Disable unused ports and configure enabled ports for half-duplex.
Disable unused ports and configure additional VLANs.
Disable unused ports and assign MAC addresses to enabled ports.
Disabling unused switch ports prevents unwanted network connections. Assigning specific MAC addresses to specific switch ports enables you to control which stations can connect to which switch ports
You are attempting to connect to one of your user’s computers using RDP but cannot get connected. A new firewall has been installed on your network. Which port must be opened on the firewall to allow RDP traffic?
143
389
3389
3389
Remote Desktop Protocol (RDP) uses TCP port 3389
