The Basic LAN Flashcards

1
Q

What does a switch use to filter and forward data?

A) IP address
B) MAC address
C) VLAN
D) Depends on the setting

A

B) MAC address

MAC address is correct. Routers use the IP address to filter and forward data, a VLAN can be set up on a router for network segmentation, and switches don’t have settings to control this behavior.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A WAN is the connection of which of the following?

A) Two or more LANs
B) Two or more interconnected PCs
C) A single router connected to the internet
D) All of the above

A

A) Two or more LANs

A WAN is a group of two or more interconnected LANs. Two or more interconnected PCs create a LAN. A single router connected to the Internet might create a WAN but the router itself is not a WAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following will provide domain separation on a LAN behind a firewall for broadcast domains?

A) VLAN
B) WAN
C) VPN
D) Proxy server

A

A) VLAN

A VLAN is the separation of broadcast domains within a LAN. Whether the LAN is behind a firewall is irrelevant. A WAN is an interconnection of two or more LANs via a router, a VPN is a tunnel connection through the Internet to a broadcast domain. A proxy server is a filter device typically considered an edge device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What was the authentication method used in Cisco environments that pre-dated EAP?

A) LEAP
B) PEAP
C) PPP
D) EAP-FAST

A

A) LEAP

LEAP is correct. PEAP was developed by Microsoft; PPP is the data link protocol used to establish the connection (not authenticate it); and EAP-FAST was Cisco’s replacement for LEAP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A stateful firewall filters data based on?

A) Rules
B) Behavior
C) ACLs
D) Internal policies

A

B) Behavior

A stateful firewall filters data based on behavior. Stateful firewalls track data based on the operating state and are able to modify the traffic based on traffic flow or pattern. A stateless firewall will follow rules and policies and can use an access control list (ACL). It is not able to discern traffic patterns but is able to filter based on known conditions like a port number or IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which proxy server provides protection to servers as opposed to clients?

A) Forward proxy
B) Transference proxy
C) Reverse proxy
D) Forward web proxy

A

C) Reverse proxy

A reverse proxy works from the server side to allow traffic flow while protecting the server. For example, it checks if an incoming packet can forward to a server. It also protects the server from exploits such as malicious packets or hacking requests. A forward proxy or a Web proxy works with the client machine to forward the message back to the client on request. There is no such thing as a transference proxy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Where is a typical location of a honeypot or honeynet?

A) With the proxy server
B) In the DMZ
C) Behind the firewall close to the core LAN
D) On the internet side of a firewall

A

B) In the DMZ

Honeypots or honeynets are used to distract hackers to a location that is separated from the target server or service. Usually these will be in the DMZ (demilitarized zone) to get close the source but still isolated to capture the traffic and allow for further analyzing or detecting of the threat source. A honeypot should not be close to essential services. The DMZ is a secure and isolated position for this type of security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of these could connect an entire LAN in one location to a LAN in another location?

A) LAN-to-LAN VPN
B) Office-to-office VPN
C) Site-to-site VPN
D) Location-to-home VPN

A

C) Site-to-site VPN

Site-to-site VPN is correct.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

NIDS is most often configured as what type of device?

A) Out-of-band
B) In-band
C) Web server
D) Print server

A

A) Out-of-band

Network-based intrusion detection system (NIDS) is usually configured out-of-band. This allows for large amounts of collection and monitoring without performance reduction. In-band NIDS would likely throttle the traffic as it is collected. NIDS would not be combined with other functional servers such as Web or print servers. Network-based intrusion prevention system (NIPS) would be in-band to directly monitor and filter traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A SIEM tool provides which of the following?

A) Aggregation of logs
B) Alerts
C) Correlation of data
D) All of the above

A

D) All of the above

The correct answer is all of the above. A SIEM tool provides aggregation of logs and alerts and it correlates data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly