Practice (2) Flashcards
Which of the following protocols does IPsec use to provide data origin authentication by digitally signing packets before transmitting them over the network?
AH
SSL
ESP
AH
Authentication Header (AH) is a protocol in the TCP/IP suite that provides digital integrity services, in the form of a digital signature, which ensures that an incoming packet actually originated from its stated source. Encapsulating Security Protocol (ESP) provides encryption services for IPsec. Secure Sockets Layer (SSL) is a security protocol that provides encrypted communications between web browsers and servers. Remote Desktop Protocol (RDP) is a component of Remote Desktop Services, a Windows mechanism that enables a client program to connect to a server and control it remotely
You have constructed a network on which all of the computers are connected to a single switch. You then create virtual local area networks (VLANs) on the switch, corresponding to the company’s departments, and add the switch port for each user workstation and department server to the appropriate VLAN. Later, users report that while they can access their departmental servers and the workstations of other users in the same department, they cannot communicate with any of the other departments. What is the problem, and what must you do to correct it?
There is a faulty VLAN configuration on the switch. You must re-create all of the VLANs and configure each VLAN for routing.
VLANs are limited to data link layer communication only. To enable communication between the VLANs, you must install a router or a layer 3 switch on the network and configure it to route traffic between the VLANs.
The VLANs are using different data link layer protocols. You must configure the VLANs to use the same data link layer protocol in order for them to communicate with each other.
VLANs are limited to data link layer communication only. To enable communication between the VLANs, you must install a router or a layer 3 switch on the network and configure it to route traffic between the VLANs.
VLANs are virtual layer 2 (data link layer) LANs defined within switches. As with physical LANs, only devices in the same VLAN can communicate with each other until a layer 3 device, such as a router or a layer 3 switch, is added to the network. Re-creating and reconfiguring the VLANs will not correct the problem. Traffic filters are usually implemented on routers, not switches. Once a router is in place, VLANs do not have to use the same data link protocol to communicate with each other
The TCP/IP term socket consists of which of the following elements? (Choose all correct answers.)
Port number
MAC address
IP address
Subnet mask
Port number
IP address
The term for an IPv4 address and port number in combination, which identifies an application running on a specific host, is socket. A MAC address is an address hard-coded into a network adapter. It is not a TCP/IP element. A subnet mask is not needed to identify a host or an application running on it
You are installing a cable modem to provide your home network with access to the Internet through your cable television provider. The cable modem is a multifunction device that the cable company says provides everything you need for a home network. Which of the following network functions does a home cable modem typically provide? (Choose all correct answers.)
DHCP server
Wireless access point
Broadband router
Ethernet switch
Proxy server
RADIUS server
DHCP server
Wireless access point
Broadband router
Ethernet switch
A cable modem must function as a broadband router to provide access to the cable provider’s network. Many cable modems are also wireless access points, enabling users to construct a LAN without a cable installation. Many cable modems have switched Ethernet ports for connections to wired devices, such as printers and computers. Most cable modems use DHCP to assign IP addresses to devices on the home network. Cable modems for home use typically do not function as proxy servers or Remote Authentication Dial-In User Service RADIUS servers, which are devices generally used on large networks
Which of the following Domain Name System (DNS) resource records is not used for forward name resolution?
PTR
CNAME
AAAA
PTR
Like A and AAAA records, which are used for forward name resolution, Pointer (PTR) records contain hostnames and IP addresses. However, PTR records are used only for reverse name resolution—that is, resolving IP addresses into hostnames. A Mail Exchange (MX) record specifies the mail server that the domain should use. Canonical name (CNAME) records specify aliases for a given hostname. An AAAA resource record maps a hostname to an IPv6 address for name resolution purposes. All of these records except PTR are used for forward name resolution
Which of the following are tasks that can be performed by a protocol analyzer that could provide potential intruders with information about the network? (Choose all correct answers.)
A protocol analyzer can decrypt protected information in packets captured from the network.
A protocol analyzer can detect open ports on network systems and launch attacks against them.
A protocol analyzer can display the IP addresses of the systems on the network.
A protocol analyzer can display the application data in packets captured from the network.
A protocol analyzer can display the IP addresses of the systems on the network.
A protocol analyzer can display the application data in packets captured from the network.
Protocol analyzers capture packets from the network and interpret their contents, which can include displaying the application layer payload. Depending on the application, the payload can conceivably include confidential information, such as passwords. Protocol analyzers also display the IP addresses of the systems involved in packet transmissions. Although this in itself might not be a great security threat, intruders might use the IP address information to launch other types of attacks. Protocol analyzers cannot decrypt the protected information they find in captured packets. Vulnerability scanners detect open ports and launch attacks against them; protocol analyzers do not do this
Which of the following services are provided by a RADIUS server? (Choose all correct answers.)
Attenuation
Authentication
Assistance
Authorization
Accounting
Authentication
Authorization
Accounting
A Remote Authentication Dial-In User Service (RADIUS) server, also known as an AAA server, provides authentication, authorization, and accounting services. Assistance and attenuation are not functions provided by RADIUS or AAA servers
Some users are having a problem connecting to an application server on their local network. You go to their department and start to troubleshoot the problem by testing connectivity using the ping tool at one of the user workstations. You discover that you can ping the server successfully using its computer name, but pinging the computer’s fully qualified domain name (FQDN) fails. As a result of these tests, which of the following can you determine is the most likely source of the problem?
EMI
DHCP
DNS
DNS
Only Domain Name System (DNS) servers perform FQDN resolutions, so that is likely to be the source of the problem. It is possible to successfully ping a device on the local network using its computer name without the use of DNS. Dynamic Host Configuration Protocol (DHCP) cannot be the problem, or you would not be able to ping the server at all. Electromagnetic interference (EMI) would inhibit all network communication, and access control lists (ACLs) have no effect on ping tests
You have been given the job of devising a plan to provide a 500-node private internetwork with access to the Internet. The primary objective of the project is to provide all of the network users with access to web and email services while keeping the client computers safe from unauthorized users on the Internet. There are two secondary objectives for the project: one is to provide a means of monitoring and regulating the users’ Internet activities, and the other is to avoid having to manually configure IP addresses on each one of the client computers. You submit a proposal that calls for the use of private IP addresses on the client computers and a series of proxy servers with public, registered IP addresses, which are connected to the Internet. Which of the following statements about your proposed Internet access solution is true?
The proposal satisfies the primary objective and both of the secondary objectives.
The proposal satisfies the primary objective and one of the secondary objectives.
The proposal satisfies the primary objective but neither of the secondary objectives.
The proposal satisfies the primary objective and one of the secondary objectives.
Proxy servers provide network users with access to Internet services, and the unregistered IP addresses on the client computers protect them from unauthorized access by users on the Internet, which satisfies the primary objective. The proxy servers also make it possible for network administrators to monitor and regulate users’ access to the Internet, which satisfies one of the two secondary objectives. However, proxy servers are not capable of assigning IP addresses to the client computers, and the proposal makes no mention of a Dynamic Host Configuration Protocol (DHCP) server or any another automatic TCP/IP configuration mechanism. Therefore, the proposal does not satisfy the other secondary objective
Which of the following cloud service models provides the consumer with the least amount of control over the cloud resources?
IaaS
PaaS
SaaS
SaaS
Software as a Service (SaaS) provides the least amount of control. Consumers receive access to a specific application running on the provider’s servers, but they have no control over the operating system, the servers, or the underlying resources. The Infrastructure as a Service (IaaS) model provides the consumers with the most control, as the provider furnishes processing, storage, and networking resources that the consumer can use as needed. Platform as a Service (PaaS) provides consumers with the ability to install applications of their choice on a server furnished by the provider, but they have only limited control over the server and no control over the underlying resources
The jumbo frame capability is associated with which networking protocol?
Ethernet
Internet Protocol (IP)
Point-to-Point Protocol (PPP)
Ethernet
Ethernet uses jumbo frames at the data link layer to transfer large amounts of data more efficiently. Ethernet typically restricts frame size to 1,500 bytes, but jumbo frames enable Ethernet systems to create frames up to 9,000 bytes. PPP does not support the use of jumbo frames. Frames are protocol data units associated only with the data link layer, so they do not apply to IP and TCP, which operate at the network and transport layers, respectively
You are working your company’s IT help desk, where you are required to follow a specific troubleshooting protocol when handling calls from users. In which of the following troubleshooting steps would you create a trouble ticket?
Establish a theory of probable cause
Verify full system functionality and, if applicable, implement preventive measures
Identify the problem
Test the theory to determine cause
Document findings, actions, and outcomes
Implement the solution or escalate as necessary
Establish a plan of action to resolve the problem and identify potential effects
Identify the problem
The first step in the troubleshooting protocol involves identifying the problem by questioning the user and creating a trouble ticket. You complete the other steps in the troubleshooting protocol after the trouble ticket has been prioritized
You are working your company’s help desk when a user calls to report that he can’t access any of the data on his computer. He says that a message has appeared on his screen stating that all of his data has been encrypted by the FBI and that it will be decrypted only after he pays $768 in Bitcoin to an unknown address. The user wants to know if he is responsible for making the payment. Which of the following types of attacks has the user experienced?
Denial of service
War driving
Ransomware
Ransomware
The user has experienced a ransomware attack. Ransomware is a type of attack in which a user’s access to his or her data is blocked unless a certain amount of money is paid to the attacker. The blockages can vary from simple screen locks to data encryption. War driving is an attack method that consists of driving around a neighborhood with a computer scanning for unprotected wireless networks. Denial of service is a type of attack that overwhelms a computer with traffic, preventing it from functioning properly. ARP poisoning is the deliberate insertion of fraudulent information into the ARP cache stored on computers and switches
Which of the following wide area network (WAN) services provide unequal amounts of upstream and downstream bandwidth? (Choose all correct answers.)
SDSL
CATV
ADSL
ISDN
CATV
ADSL
The word asymmetric in Asymmetric Digital Subscriber Line (ADSL) means that the service provides different amounts of bandwidth in each direction. In nearly all cases, asymmetric WAN services provide more downstream bandwidth than upstream. Cable television (CATV) networks are also asymmetrical. The word symmetric in Symmetric Digital Subscriber Line (SDSL) means that the service provides equal amounts of bandwidth in both directions. Integrated Services Digital Network (ISDN) is also symmetrical
Network cable runs generally connect office endpoints, such as wall plates, to a central cabling nexus, which is typically where the runs are joined to a backbone network that links them together. Which of the following are terms for such places where network cabling connections are found? (Choose all correct answers.)
RDP
IDF
MDF
MTBF
IDF
MDF
A large enterprise network will—at minimum—have demarcation points for telephone services and a connection to an Internet service provider’s network. In many cases, these services enter the building in the same equipment room that houses the backbone switch, which enables all the devices on the network to access those resources. This room is then called the main distribution frame (MDF). An intermediate distribution frame (IDF) is a place where localized telecommunications equipment, such as the interface between the horizontal cabling and the backbone, is located. For example, an enterprise network housed in a single building might have its MDF in the basement and an IDF on each floor. Mean Time Between Failures (MTBF) and Remote Desktop Protocol (RDP) are not network cabling locations
