Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
60 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
System and network administrators should perform ______ to avoid the risk of losing crucial network-accessed resources and business continuity.
|
performance monitoring
|
|
|
|
True or False? Effective network monitoring should be proactive and thorough.
|
True
|
|
|
|
Which of the following is NOT a protocol for monitoring network activity?
a. SNMP b. SMTP c. WMI d. IMPI |
b. SMTP
|
IMPI= Intelligent Platform Management Interface WMI=Windows Management Instrumentation SNMP=Simple Network Management Protocol is a popular protocol for network management. SMTP=Simple Mail Transfer Protocol |
|
|
WMI is a(n) ______ that provides for the control and management of network devices and systems.
|
application program interface (API)
|
Windows Management Instrumentation is a core Windows management technology; you can use WMI to manage both local and remote computers. WMI provides a consistent approach to carrying out day-to-day management tasks with programming or scripting languages. For example, you can: *Start a process on a remote computer. *Schedule a process to run at specific times on specific days. *Reboot a computer remotely. *Get a list of applications installed on a local or remote computer. *Query the Windows event logs on a local or remote computer. |
|
|
True or False? IPMI is a standard system interface that allows network administrators to connect to remote operating systems.
|
False
|
The IPMI specification was developed by Intel and allows system administrators to manage and monitor computer systems remotely in the absence of physical access to them. IPMI supports multiple-communication protocols and operates independently of the operating system running on the computer. Its central part is a microcontroller called the Baseboard Management Controller (BMC) that is usually embedded into the motherboard and is directly connected to its southbridge and a variety of sensors. |
|
|
True or False? The standard utility for logging computer system messages is SMTP
|
False
|
Syslog is an Internet Engineering Task Force (IETF) standard for logging computer system messages supported by a variety of network device |
|
|
A(n) ______ is automatically sent by a system resource to notify of a fault, failure, or potential issue.
|
alert notification
|
The primary default notification method of monitoring systems is email. However, most also offer support for any number of notification methods or provide an interface for third-party notification systems |
|
|
What is the percentage of a resource assigned to a process called?
a. Share b. Reservation c. Quota d. Hard limit |
a. Share
|
In the context of CPU utilization, a CPU share is the prorated percentage of CPU resource given to each process. While the common default for a process is eight shares |
|
|
What is the specific percentage of a system resource allocated to a process called?
a. Share b. Reservation c. Quota d. Hard limit |
b. Reservation
|
In the context of CPU utilization, a CPU share is the prorated percentage of CPU resource given to each process. While the common default for a process is eight shares, how much of the available CPU time a process gets can depend on the number of processes the CPU is servicing. On the other hand, a CPU reservation allocates a specific percentage of the CPU resource to a process. |
|
|
A ______ sets an upper limit on the amount of a resource a process can consume.
|
hard limit
|
Both soft limits and hard limits can be set for almost any service, including CPU resource utilization. A quota on a service limits the amount of time a subscriber can exceed the soft limit without going over the hard limit. |
|
|
True or False? Monitoring systems use notification filters to avoid unnecessary notifications.
|
True
|
Network management, monitoring, and maintenance protocols and utilities are available to assist network administrators in monitoring network activity. The primary three, are Simple Network Management Protocol (SNMP), Windows Management Instrumentation (WMI), and Intelligent Platform Management Interface (IPMI). |
|
|
What establishes the acceptable levels of system performance against which system monitoring can measure actual performance?
a. Performance objects b. Performance counters c. Performance baseline d. Performance quota |
c. Performance baseline
|
A baseline establishes the normal, acceptable levels of operation for the system, network, devices, or services against which a monitoring system can measure abnormal performance. |
|
|
Monitoring systems use performance objects and _____.
|
counters
|
Counters Available Memory Page Faults Page Reads % Processor Time Working Set % User Time Processor Queue Disk Reads Bytes Total % Broadcasts Segments |
|
|
True or False? A resource quota limits the amount of time a process can exceed the soft limit.
|
True
|
resource quota specifies how many resources should be allocated to each site collection within a tenant |
|
|
What technology or method can cloud service providers use to verify and control resource licensing utilization?
a. Device fingerprinting b. Software fingerprinting c. Biometric identification d. User authentication |
a. Device fingerprinting
|
Device fingerprinting operates under two primary principles: diversity and stability. Diversity requires that all remote hosts (web clients) have a universally different fingerprint value, and no two remote hosts have the same device fingerprint. Stability requires that the value assigned to each remote host does not change during a computing session |
|
|
______ is the processing architecture of a multiprocessor with multiple cores.
|
SMP
|
SMP (symmetric multiprocessing) is the processing of programs by multiple processors that share a common operating system and memory. In symmetric (or "tightly coupled") multiprocessing, the processors share memory and the I/O bus or data path. A single copy of the operating system is in charge of all the processors. SMP, also known as a "shared everything" system, does not usually exceed 16 processors |
|
|
True or False? Shares, reservations, and limits specify the resource allocations for a VM
|
True
|
resource sharing creates shares that designate the relative priority of a VM or a particular resource pool. A VM that has more resource shares than any other VM will have priority over the other VM should they compete for a resource. |
|
|
What is the standard that defines serial data ports?
a. ISO 9002 b. TIA 568b c. IEEE 1284 d. RS-232C |
d. RS-232C
|
A serial port conforms to the RS-232C standard. |
|
|
A(n) ______ is an ordered stream of instructions.
|
thread
|
Thread: Short for "thread of execution," a thread is an ordered stream of instructions |
|
|
True or False? Through hyperthreading, a physical processor core may have multiple vCPUs assigned.
|
True
|
Each of the physical or logical cores of a multicore CPU can have multiple vCPUs assigned through hyperthreading, meaning a single physical core supports two logical cores. SMP processors can also divide a thread into multiple physical or logical cores in support of virtualized processes. |
|
|
What configuration setting ties a process or thread to one or more specific CPUs?
a. CPU socket b. CPU affinity c. CPU mapping d. CPU kin |
b. CPU affinity
|
CPU affinity, also called CPU pinning, ties a process or thread to one or more specific CPUs. Once configured with affinity, a process or thread runs only on the designated processor(s). The purpose of CPU affinity is to bypass the queue scheduling of an SMP environment operating system. |
|
|
______ occurs when an operating system combines the main memory of networked servers into a single memory pool.
|
Sharing
|
Memory virtualization occurs when an operating system combines the main memory of networked servers into a single memory pool that any application running on networked resources can share. |
|
|
True or False? Dynamic resource allocation includes resource pooling and resource clustering.
|
True
|
One of the newer features in virtualization systems is dynamic resource allocation, which includes resource pooling and resource clustering. Dynamic resource assignment is not exclusive to VMware; |
|
|
What is the maximum memory allocation for a VM running on a 32-bit host?
a. 4 GB b. 8 GB c. 16 GB d. 64 GB |
b. 8 GB
|
On a 64-bit host, the memory allocation maximum is 64 GB and on a 32-bit host, the limit is 8 GB. In VMware, for example, if you allocate more than the limit to a VM, the system does not start the VM |
|
|
The provisioning technique under which a process uses less than the total resource allocated to it, allowing for overallocation, is ______.
|
thin provisioning
|
Thin provisioning, also called overallocation or oversubscription, avoids the inherent waste of storage resources of the more traditional method. In thin provisioning, a process uses much less of the disk resource than the amount allocated to it. |
|
|
True or False? RDS is a Windows service that allows a user to control a remote computer or VM via PuTTY.
|
False
|
Remote Desktop Services (RDS) To use Secure Shell (SSH) or another terminal emulation utility like PuTTY to access the VMware hypervisor (ESXi) shell, you must first enable it on the shell. |
|
|
A defined system entity on a Linux system that allows two VMs to pass data or instructions is a(n) ______.
a. Unnamed pipe b. Named pipe c. Tunnel d. Shared memory |
b. Named pipe
|
A named pipe can provide for two VMs running on different hosts to communicate via a serial connection. |
|
|
Resource ______ allows applications to operate with virtually infinite resources, including data storage, bandwidth, and memory.
|
pooling
|
Resource pooling applies to data storage, bandwidth, memory, and other processing support resources. The basic objective of resource pooling is to create a computing environment for the cloud service subscriber or the virtual environment user that can flex to meet her processing needs without the requirement to interact with system administrators. |
|
|
True or False? A VM controls the physical CPU and manages the assignment and allocation of the physical cores and vCPUs.
|
False
|
|
|
|
What is the TCP/UDP port for the VMware console port?
a. Port 80 b. Port 443 c. Port 902 d. Port 1135 |
c. Port 902
|
Port: 1135/TCP Port 902 (tcp/udp) Port 443 HTTPS Port 80 HTTP |
|
|
Securing data resources must include security for ______ and ______.
|
data at rest, data in motion
|
The goal of securing data must include the protection of data at rest and data in motion.
|
|
|
Which of the following is NOT a security control type?
a. Corrective controls b. Detective controls c. Stabilizing controls d. Preventive controls |
c. Stabilizing controls
|
Preventive controls,
Detective controls, Corrective controls. |
|
|
True or False? A good data program for data at rest includes redundancy and encryption.
|
True
|
Storage Security Concepts
data at rest (data on storage devices) |
|
|
The term for masking data to hide its values is ______.
|
obfuscation
|
In the context of data security, obfuscation refers to camouflaging certain stored data to protect it |
|
|
Which of the following best describes an active attack on a system?
a. An attempt to gain access to resources to observe data b. An attempt to gain access to resources to alter their contents c. An attempt to eavesdrop on network media d. An attempt to gain a password by observation |
b. An attempt to gain access to resources to alter their contents
|
An active attack attempts to gain access to system resources to alter their contents or change how they operate |
|
|
The access control type that uses a person's position or tasks is ______.
|
role-based
|
|
|
|
True or False? The security services of IPsec include network peer authentication, data origination authentication, and data integrity and confidentiality.
|
True
|
|
|
|
A network server is not responding to client requests from within the network. What type of attack may be in progress?
a. Phishing attack b. Overflow attack c. DoS d. PKI |
c. DoS
|
A denial of service (DoS) attack attempts to consume all the processing capability of a server or network connectivity device so that the server or device is unavailable to its associated network |
|
|
The message encryption and authentication method that uses a secret key is ______.
|
asymmetric or PKI
|
Also called asymmetric encryption, public key infrastructure (PKI) encryption requires two distinct encryption keys (hence asymmetric). One of the keys is private (secret), and the other is public. |
|
|
True or False? 3DES is three times faster than DES.
|
False
|
3DES applies the DES algorithm three times to encrypt encrypted data and make it secure. However, this process proved to be too slow for software implementation, especially since its design is for hardware implementation, and it is not as widely used as another DES successor, AES. |
|
|
The process of reducing the attack surface of a host or server is
a. Securing b. Hardening c. Isolating d. Bounds checking |
b. Hardening
|
Hardening, in the context of computer or network security, is the process of increasing the security level of a host or server while lowering its vulnerability to attack. The general vulnerability of a computer is its attack surface, and the goal of hardening the computer is to reduce this exposure. Attackers target computers, and especially servers, because they provide easily defeated gateways to valuable data and services. |
|
|
The security controls that should exist for all stored data are sensitivity, data handling, and ______.
|
criticality
|
The security controls for all stored data are criticality, sensitivity, and data handling |
|
|
True or False? The two types of IDPS approaches are signature based and role based.
|
False
|
The two types of IDPS systems are network based and host based. IDPS uses two approaches: signature-based detection and anomaly-based detection. |
|
|
What type of encryption method converts plaintext bits, one at a time, into ciphertext?
a. Stream cipher b. Asymmetric cipher c. Symmetric cipher d. Block cipher |
a. Stream cipher
|
A stream cipher converts plaintext bits into ciphertext by combining them with a pseudorandom keystream. A block cipher converts a fixed-length block of bits. |
|
|
True or False? PKI encryption uses the same key for the encryption/decryption processes.
|
False
|
The two types of encryption are symmetric key and PKI. Symmetric key encryption uses the same key for both ends of the encryption process. PKI encryption requires two distinct encryption keys. |
|
|
Network and IP planning create a network plan from a ______ perspective.
|
software
|
Network and IP planning creates a network plan from a software perspective. The specific network elements in this planning include network domain, IP network number, IP address assignment, name service, and physical design. |
|
|
Which of the following are elements of network and IP planning?
a. Network domain b. Network number/name c. Name service d. All of the above |
d. All of the above
|
|
|
|
True or False? IPv4 classful addressing limits the number of network IDs and hosts per network by address classes.
|
True
|
|
|
|
IPv4 extracts the network ID of an IP address using a(n) ______.
|
subnet mask or network mask
|
IPv4 can use a classful or a classless addressing method. In classful addressing, the number of network IDs and hosts per network of the address classes is predefined. In classless addressing, the number of bits designated as the network ID is open for choice. |
|
|
What is the length of an IPv6 address in bits?
a. 32 b. 64 c. 128 d. 256 |
c. 128
|
|
|
|
True or False? Using CIDR notation, the /n appended to the address indicates the length of the host ID.
|
False
|
Classless IP addressing supports routing. CIDR notation determines the network mask that extracts the network ID. |
|
|
A(n) ______ is the address of a single network node in IPv6.
|
unicast
|
A unicast address is the address of a single network node. A link-local unicast address addresses only the local network. |
|
|
Which of the following is not an IPv6 address notation form?
a. Dotted decimal b. Leading zero suppression c. Hexadecimal d. Hybrid mode |
d. Hybrid mode
|
|
|
|
True or False? A dash (-) is the symbol used to separate hex pairs in an IPv6 address.
|
False
|
The decimal octets combine into a pair of hex values in the hexadecimal conversion. A colon (:) separates each of the paired elements. |
|
|
The network ID in an IPv6 address is its ______.
|
prefix
|
The leftmost fields of the IPv6 address contain the prefix, which is used for routing IPv6 packets. The site prefix of an IPv6 address occupies up to 48 of the leftmost bits of the IPv6 address |
|
|
After applying leading zero compression notation to the IPv6 address shown below, which of the following is the resulting form?FE80:0000:0000:0808:87DF:056B:0000:08E5/11
a.FE80::87DF::08E5/11 b. FE80::808:87DF:56B::8E5/11 c. FE8:0:0:0808:87DF:056B::08E5/11 d.::56B:8E5/26 |
b. FE80::808:87DF:56B::8E5/11
|
|
|
|
True or False? Routers forward link-local IPv6 addresses.
|
False
|
A link-local unicast address indicates a packet intended only for the local network. Routers do not forward link-local addresses |
|
|
The IPv6 interface identifier combines the network prefix with the Layer 2 address of the interface. The resulting address is a(n) ______.
|
EUI-64
|
The IPv6 standard defines a 64-bit extended unique identifier (EUI-64).
|
|
|
Which process specifically manages the submission, recording, analysis, decision-making, and approval of changes?
a. Change control b. Configuration management c. System life cycle management d. Configuration standardization |
a. Change control |
|
|
|
True or False? Capacity management ensures a computing environment has the processing and resource capacity to service existing and defined plans.
|
True
|
Capacity is on three levels: business capacity, service capacity, and resource capacity.Service and component capacity management requires the monitoring of start-to-finish capacity against a defined level of service.
|
