Udemy Net+ Practice Test 3 Flashcards
Which of the following layers within software-defined networking focuses on providing network administrators the ability to oversee network operations, monitor traffic conditions, and display the status of the network?
- management
- infrastructure
- application
- control
Management plane
Dion Training believes there may be a rogue device connected to their network. They have asked you to identify every host, server, and router currently connected to the network. Which of the following tools would allow you to identify which devices are currently connected to the network?
- port scanner
- protocol analyzer
- netflow analyzer
- IP scanner
IP Scanner
OBJ-5.3: An IP scanner is used to monitor a network’s IP address space in real-time and identify any devices connected to the network. Essentially, the tool will send a ping to every IP on the network and then creates a report of which IP addresses sent a response. A NetFlow analyzer is used to perform monitoring, troubleshooting, inspection, interpretation, and synthesis of network traffic flow data. A port scanner is used to determine which ports and services are open and available for communication on a target system. A protocol analyzer is used to capture, monitor, and analyze data transmitted over a communication channel
Ted, a file server administrator at Dion Training, has noticed that many sensitive files have been transferred from a corporate workstation to an IP address outside of the local area network. Ted looks up the IP address and determines that it is located in a foreign country. Ted contacts his company’s security analyst, verifying that the workstation’s anti-malware solution is up-to-date and the network’s firewall is properly configured. What type of attack most likely occurred to allow the exfiltration of the files from the workstation?
- session hijacking
- impersonation
- zero-day
- mac spoofing
zero-day
OBJ-4.1: Since the firewall is properly configured and the anti-malware solution is up-to-date, this signifies that a zero-day vulnerability may have been exploited. A zero-day vulnerability is an unknown vulnerability, so a patch or virus definition has not been released yet. A zero-day vulnerability refers to a hole in software that is unknown to the vendor. Hackers then exploit this security hole before the vendor becomes aware and hurries to fix it. This exploit is therefore called a zero-day attack. Zero-day attacks include infiltrating malware, spyware, or allowing unwanted access to user information. Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. Impersonation is the act of pretending to be someone or something else. A session hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the webserver.
Which of the following errors would be received if raw data is accidentally changed as it transits the network?
CRC or checksum error
You have been asked to troubleshoot a router which uses label-switching and label-edge routers to forward traffic. Which of the following types of protocols should you be familiar with to troubleshoot this device?
- OSPF
- BGP
- EIGRP
- MPLS
MPLS
Multi-protocol label switching (MPLS) is a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol. Border Gateway Protocol (BGP) refers to a gateway protocol that enables the internet to exchange routing information between autonomous systems (AS). Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. Enhanced Interior Gateway Routing Protocol (EIGRP) is an advanced distance-vector routing protocol that is used on a computer network for automating routing decisions and configuration. BGP, OSPF, and EIGRP do not use label-switching technology.
What happens when convergence on a routed network occurs?
all routers learn the route to all connected routers
A company is setting up a brand new server room and would like to keep the cabling infrastructure out of sight but still accessible to the network administrators. Infrastructure cost is not an issue. Which of the following should be installed to meet the requirements?
- patch pannels
- conduit
- cable trays
- raised floor
raised floor
Raised floors allow the cabling to be placed under the floor, but still accessible to the network administrators. A conduit is a tube through which power or data cables pass. Conduits are usually metal or plastic pipes, and it makes accessing the cables difficult when maintenance is going to be performed. Cable trays are a mechanical support system that can support electrical cables used for power distribution, control, and communication. Cable trays can be installed on the ceiling or under the floor if you are using a raised floor system. If cable trays are installed in the ceiling, they can be difficult to reach and work on. Patch panels are useful in a cable distribution plant, but they will not allow the cables to be distributed throughout the entire work area. A patch panel is a piece of hardware with multiple ports that helps organize a group of cables. Each of these ports contains a wire that goes to a different location. Patch panels and cable trays may be used to form the backbone of your cable distribution plant, but to meet the requirements of the question you should use raised floors in conjunction with these.
A company needs to implement stronger authentication by adding an authentication factor to its wireless system. The wireless system only supports WPA with pre-shared keys, but the back-end authentication system supports EAP and TTLS. What should the network administrator implement?
- 802.1x using PAP
- WPA2 with a pre-shared key
- PKI with user auth
- MAC address filtering with IP filtering
802.1x using PAP
OBJ-4.3: The network administrator can utilize 802.1x using EAP-TTLS with PAP for authentication since the backend system supports it. Password Authentication Protocol (PAP) is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users. MAC address filtering does not filter based on IP addresses, but instead, it filters based on the hardware address of a network interface card, known as a MAC address. WPA2 is a secure method of wireless encryption that relies on the use of a pre-shared key or the 802.1x protocol. In the question, though, it states that the system only supports WPA, therefore WPA2 cannot be used. PKI with user authentication would be extremely secure, but it is only used with EAP-TLS, not EAP-TTLS. EAP-TTLS only works with credential-based authentication, such as a username and password. Therefore, 802.1x using PAP is the best answer.
Which of the following open-source remote access tools allows users to connect to their desktop remotely, see what is on their screen, and control it with their mouse and keyboard?
- Telnet
- RDP
- VNC
- SSH
VNC
OPEN SOURCE
VNC (virtual network computing) is a remote access tool and protocol. It is used for screen sharing on Linux and macOS. RDP is not open-source. SSH and telnet are text-based remote access tools. Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection but sends its data in plaintext making it an insecure protocol.
You have configured your network into multiple segments by creating multiple broadcast domains. Which of the following devices should you use to allow the different network segments to communicate with each other?
- bridge
- switch
- router
- hub
router
L3 switch would also work, but the question didn’t specify that so assume L2
Students at Dion Training have been reporting extreme performance degradation across the network every Friday morning. Which of the following should the network technician review FIRST to identify the root cause of the network performance issues?
- bottleneck
- link status
- utilization
- baseline
utilization
OBJ-5.5: The technician should first review the utilization on the network during the time period where network performance issues are being experienced. This will then be compared to the average performance of the network throughout the rest of the week. In turn, this could be compared against the baseline. Since the issue is only occurring during a specific time period at a recurring interval (every Friday morning), it is likely an over-utilization issue causing the decreased performance. The link status could be checked to ensure the link is up and operational, but it is unlikely to determine the root cause of the slower network performance being experienced. Bottlenecks are points within a network through which data flow becomes limited thanks to insufficient computer or network resources. But, again, since this is occurring at a specific time and interval, it is likely a high utilization which in turn is affected by any network bottlenecks that may exist. Reviewing the network utilization can help the technician identify why the slowness is being experienced every Friday, such as placing additional load on the network by streaming videos or something similar.
An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. What protocol is likely to be used with this cable?
- token ring
- rs-232
- atm
- 802.3
rs-232
RS-232 is a standard for serial communication transmission of data. It formally defines the signals connecting a DTE (data terminal equipment) such as a computer terminal and a DCE (data circuit-terminating equipment or data communication equipment). A DB-9 connector is often found on a rollover or console cable and is used to connect a router to a laptop using the RS-232 serial transmission protocol for configuring a network device. IEEE 802.3 is the standard for Ethernet. Ethernet commonly uses twisted pair, fiber optic, and coaxial connections, not a DB-9 serial connector. Asynchronous Transfer Mode (ATM) uses a fiber or twisted pair cable similar to an ethernet connection. Token ring usually uses a fiber optic cable, not a DB-9 serial cable.
You are assisting the company with developing a new business continuity plan. What would be the BEST recommendation to add to the BCP?
- build redundant links between core devices
- physically secure all network equipment
- perform recurring vulerabilty scans
- maintain up to date configuration backups
build redundant links between core devices
continuity, not recovery. this question is about how to ensure critical business functions continue to operate.
A network architect is designing a highly redundant network with a distance vector routing protocol to prevent routing loops. The architect wants to configure the routers to advertise failed routes with the addition of an infinite metric. What should the architect configure to achieve this?
- split horizon
- route poisoning
- spanning tree
- hold down timers
route poisoning
Route poisoning is a method to prevent a router from sending packets through a route that has become invalid within computer networks. This is achieved by changing the route’s metric to a value that exceeds the maximum allowable hop count so that the route is advertised as unreachable. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks and operates at layer 2 of the OSI model. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. A split-horizon route advertisement is a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned. A hold down timer is a function of a router that prevents a route from being updated for a specified length of time (in seconds). A hold down timer allows for the routers in a topology to have sufficient time to reach convergence and be updated when a route fails.
Eduardo, a network technician, needs to protect IP-based servers in the network DMZ from an intruder trying to discover them. What should the network technician do to protect the DMZ from ping sweeps?
- block all icmp traffic to and from dmz
- disable udp on servers in the dmz
- block inbound echo replies to the dmz
- disable tcp/ip on the servers in the dmz
block icmp
