Practice (7) Flashcards
Which of the following is not an application layer protocol that network attached storage (NAS) devices can use to serve shared files to clients on the network?
RDMA
CIFS
HTTP
RDMA
Remote Direct Memory Access (RDMA) provides high-speed network data transfers, but it is not an application layer file sharing protocol. Common Internet File System (CIFS), Network File System (NFS), and Hypertext Transfer Protocol (HTTP) are all file sharing protocols supported by many NAS devices
Your supervisor wants you to disable all of the ports on the network’s switches that are not in use. You tell her that this is not necessary; she wants to know why you think so. Which of the following are valid reasons not to disable unused switch ports? (Choose all correct answers.)
The unused ports are not patched in to wall jacks.
The datacenter is already secured from unauthorized access.
The switch is configured to use a MAC-based access control list.
Leaving some ports enabled facilitates the on-boarding of new users.
The datacenter is already secured from unauthorized access.
The switch is configured to use a MAC-based access control list.
If there is no way for unauthorized people to access the datacenter, then there is no danger of someone plugging a device into a port that is left enabled. If the switch uses an access control list (ACL) that specifies the MAC addresses of systems permitted to connect to it, then there is no need to disable unused ports because any unknown devices plugged into open ports will not be granted access to the network. The other two options are not valid reasons. Ports that are not patched in can still be compromised at the switch location. Enabling ports is not difficult, so accommodating new users is not a valid reason for leaving them enabled
Despite having imposed password policies on your network that compel users to change their passwords frequently, create passwords of a specific length, and use complex passwords, you have still had several reports of account penetrations. After investigating the incidents, you determine that the victims had all apparently shared a “tip” suggesting that users cycle through the names of their children, nephews, nieces, and other relatives when forced to create new passwords, changing letters to numbers as needed. Which of the following actions can you take to remedy the situation without creating a larger problem?
Modify the password policies to force users to change passwords more frequently.
Change the minimum password age policy to a larger value.
Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc.
Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc.
There are no policies that can prevent users from creating easily guessed passwords. The only action that can help is to educate users that attackers are frequently able to guess passwords by using information such as familiar names and dates. Forcing more frequent password changes would not compel users to alter their method for choosing passwords, nor would increasing the minimum password age value. Assigning random passwords would address the issue, but user complaints and forgotten passwords would likely create greater problems than it would solve
Which of the following network devices can employ access control lists to restrict access? (Choose all correct answers.)
Routers
Servers
Switches
Hubs
Wireless access points
Routers
Servers
Switches
Wireless access points
ACLs restrict access to network devices by filtering user names, MAC addresses, IP addresses, or other criteria. Routers, servers, switches, and wireless access points all can use ACLs to control access to them. Hubs are purely physical layer devices that relay electrical or optical signals. They have no access control mechanisms
Which of the following terms is used to describe the threat mitigation technique of deploying individual applications and services on separate virtual servers so that no more than one is endangered at any one time, rather than deploying multiple applications on a single server?
Network segmentation
VLAN hopping
Role separation
Role separation
Role separation is the practice of creating a different virtual server for each server role or application. In addition to providing other benefits as well, this forces intruders to mount attacks on multiple servers to disable an entire network. Geofencing is a technique for limiting access to a wireless network. Network segmentation describes the process of creating multiple VLANs or deploying firewalls to isolate part of a network. VLAN hopping is a type of attack in which an intruder sends command messages to a switch to transfer a port from one VLAN to another. None of these last three options refers to virtual machine deployment
Which of the following statements about DHCP snooping are true? (Choose all correct answers.)
DHCP snooping is implemented in network switches.
DHCP snooping prevents DNS cache poisoning.
DHCP snooping detects rogue DHCP servers.
DHCP snooping drops DHCP messages arriving over the incorrect port.
DHCP snooping is implemented in network switches.
DHCP snooping detects rogue DHCP servers.
DHCP snooping drops DHCP messages arriving over the incorrect port.
DHCP snooping is a feature found in some network switches that prevents rogue DHCP servers from assigning IP addresses to clients. It can also detect when DHCP release or decline messages arrive over a port other than the one on which the DHCP transaction originated. While DHCP snooping can prevent DHCP clients from being assigned an incorrect IP address, it does not directly prevent the poisoning of DNS server caches with erroneous information
A user reports that she can’t connect to a server on her network. You want to identify the scope of the problem, so you try to reproduce the problem on the user’s computer. The problem still remains. No other users are reporting this problem. What is the next logical step that you should perform to identify the affected area?
Verify that the local router is forwarding traffic.
Verify that the switch the client is connected to is functioning.
Try performing the same task on a computer attached to the same segment.
Try performing the same task on a computer attached to the same segment.
In this scenario, only one user is reporting a problem. Therefore, the likeliest next step is to perform the same task on another computer attached to the same segment. If you can perform the task successfully, the problem most likely lies within the user’s computer or the connection to the switch. Since no other users are reporting the same problem, the server and switches on the network are probably up and functioning. Checking the router isn’t necessary since the user and server are on the same network
A wide area network (WAN) connection between two sites typically uses the Point-to-Point Protocol (PPP) at the data link layer. Which of the following statements are not true about PPP? (Choose all correct answers.)
PPP supports encrypted authentication only.
PPP supports both clear text and encrypted authentication.
PPP supports multiple network layer protocols.
PPP supports Internet Protocol (IP) traffic only.
PPP supports both clear text and encrypted authentication.
PPP supports multiple network layer protocols.
PPP supports both clear text and encrypted password authentication. It also supports the user of multiple network layer protocols
n the standard troubleshooting methodology, you begin by taking steps to identify the problem. After you have done this, which of the following steps should you perform next?
Verify full system functionality
Establish a theory of probable cause
Establish a plan of action
Establish a theory of probable cause
After identifying the problem, the next step is to establish a theory for the probable cause of the problem. After that, you can test your theory, establish a plan of action, implement a solution, verify the functionality of the system, and document the entire process
The secured version of the Hypertext Transfer Protocol (HTTPS) uses a different well-known port from the unsecured version (HTTP). Which of the following ports are used by HTTP and HTTPS by default? (Choose all correct answers.)
25
80
110
443
80
443
The well-known port for HTTPS is 443. The port for unsecured HTTP is 80. Port 25 is used for the Simple Mail Transfer Protocol (SMTP). Port 110 is used for the Post Office Protocol (POP3)
Which of the following are criteria typically used by load balancers to direct incoming traffic to one server out of a group of servers? (Choose all correct answers.)
Which server has the fastest response time
Which server has the fastest processor
Which server has the lightest load
Which server is next in an even rotation
Which server has the fastest response time
Which server has the lightest load
Which server is next in an even rotation
A load balancing router typically works by processing incoming traffic based on rules set by an administrator. The rules can distribute traffic among a group of servers using various criteria, such as each server’s current load or response time or which server is next in a given rotation. Load balancers generally do not use the hardware configuration of the servers to direct traffic, as this is a factor that does not change over time
You are responsible for a network that has a Domain Name System (DNS) server, a proxy server, and an Internet router. A user is reporting that she can’t connect to hosts on her own local area network (LAN) or other internal LANs, and she also can’t access hosts on the Internet. No one else has reported a problem. What is the likeliest location of the issue preventing the user’s access to the network?
The DNS server
The proxy server
The user’s local configuration
The user’s local configuration
Since only one user is reporting difficulty, the problem is most likely to be in the user’s computer and its configuration. A DNS server, proxy server, or router problem would affect more than one user
Virtual LAN (VLAN) hopping is a type of attack directed at network switches. Which of the following best describes how VLAN hopping a potential threat?
VLAN hopping enables an attacker to access different VLANs using 802.1q spoofing.
VLAN hopping enables an attacker to scramble a switch’s patch panel connections.
VLAN hopping enables an attacker to change the native VLAN on a switch.
VLAN hopping enables an attacker to access different VLANs using 802.1q spoofing.
VLAN hopping is a method for sending commands to switches to transfer a port from one VLAN to another. This can enable the attacker to connect his or her device to a potentially sensitive VLAN. VLAN hopping does not modify the switch’s patch panel connections, only its VAN assignments. It is not possible to rename a switch’s default VLAN. VLAN hopping does not enable an attacker to change a switch’s native VLAN
ou are a first-tier support technician working the IT help desk at your company. In your first hour of duty, you receive four trouble calls. Your job is to assign the calls priorities based on their severity. Which of the following should be the problem that receives the lowest priority?
A fatal error that causes a single computer to fail
A problem with a mission-critical backbone router that affects an entire network
A problem with an application server that affects a single LAN
A fatal error that causes a single computer to fail
A problem that affects the entire network should be given highest priority. This includes the issue with the mission-critical backbone router. Problems that affect multiple LANs or an entire department are generally given the next highest priority. A problem that affects a shared application server on a LAN should be given the next highest priority. A problem with a single user’s computer should be given the lowest priority, compared to the other problems that have been reported
You are attempting to access a Domain Name System (DNS) server located on the other side of a router, but your attempt fails with an error stating that the destination port UDP 53 is unreachable. Your first step in troubleshooting the problem is to try using the Nslookup utility to access that specific DNS server. This attempt also fails. Next, you use the Ping utility with the DNS server’s IP address. The Ping test is successful, indicating that the server is up and running. Which of the following are possible causes of the problem? (Choose all correct answers.)
The TCP/IP host settings on your computer are improperly configured.
The router connecting the networks is not running DNS and will not forward this type of datagram.
There is a firewall blocking the DNS server’s UDP 53 port.
The DNS process on the remote server is not running.
The TCP/IP host settings on the DNS server are improperly configured.
There is a firewall blocking the DNS server’s UDP 53 port.
The DNS process on the remote server is not running.
One possible cause of the problem is that the DNS process on the remote server is corrupted or not running. Another possible cause is that there is a firewall blocking access to the DNS server’s UDP port 53. Both of these would render the port unreachable. The TCP/IP client on the server is operating, as verified by the ping utility. This means that the IP host settings on your computer and on the DNS server are both configured properly and functioning. A router does not need to be running DNS to forward datagrams
