Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
169 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
11.01
You want to improve network performance by increasing the bandwidth available to hosts and limiting the size of the broadcast domains. Which of the following options will achieve this goal? A. Managed hubs B. Bridges C. Switches D. Switches configured with VLANs |
You want to improve network performance by increasing the bandwidth available to hosts and limiting the size of the broadcast domains. Which of the following options will achieve this goal? A. Managed hubs B. Bridges C. Switches D. Switches configured with VLANs |
|
|
|
11.02 The types of ports that can found on a switch are___________________ and ___________________. (Choose two.) A. VLAN Trunk Protocol B. Access C. 802.1Q D. Trunk |
The types of ports that can found on a switch are___________________ and ___________________. (Choose two.) A. VLAN Trunk Protocol B. Access C. 802.1Q D. Trunk |
|
|
|
11.03 Which switching technology reduces the size of a broadcast domain? A. ISL B. 802.1Q C. VLANs D. STP |
Which switching technology reduces the size of a broadcast domain? A. ISL B. 802.1Q C. VLANs D. STP |
|
|
|
11.04 Which of the following are the IEEE version of STP? (Choose 2) A. 802.1x B. VLANs C. 802.1d D. 802.11 E. 802.1w |
Which of the following are the IEEE version of STP? (Choose 2) A. 802.1x B. VLANs C. 802.1d D. 802.11 E. 802.1w |
|
|
|
11.05 You connect a host to a switch port, but the new host cannot log into the server that is plugged into the same switch. What could the problem be? (Choose two.) A. The router is not configured for the new host. B. The STP configuration on the switch is not updated for the new host. C. The host has an invalid MAC address. D. The switch port the host is connected to is not configured to the correct VLAN membership. E. The STP shut down the port |
You connect a host to a switch port, but the new host cannot log into the server that is plugged into the same switch. What could the problem be? (Choose two.) A. The router is not configured for the new host. B. The STP configuration on the switch is not updated for the new host. C. The host has an invalid MAC address. D. The switch port the host is connected to is not configured to the correct VLAN membership. E. The STP shut down the port |
|
|
|
11.06 Which of the following are benefits of VLANs? (Choose three.) A. They increase the size of collision domains. B. They allow logical grouping of users by function. C. They can enhance network security. D. They increase the size of broadcast domains while decreasing the number of collision domains. E. They simplify switch administration. F. They increase the number of broadcast domains while decreasing the size of the broadcast domains. |
Which of the following are benefits of VLANs? (Choose three.) A. They increase the size of collision domains. B. They allow logical grouping of users by function. C. They can enhance network security. D. They increase the size of broadcast domains while decreasing the number of collision domains. E. They simplify switch administration. F. They increase the number of broadcast domains while decreasing the size of the broadcast domains. |
|
|
|
11.07 Which of the following is a Layer 2 protocol used to maintain a loop-free network? A. VTP B. STP C. RIP D. CDP |
Which of the following is a Layer 2 protocol used to maintain a loop-free network? A. VTP B. STP C. RIP D. CDP |
|
|
|
11.08 What is the result of segmenting a network with a bridge (switch)? (Choose two.) A. It increases the number of collision domains. B. It decreases the number of collision domains. C. It increases the number of broadcast domains. D. It decreases the number of broadcast domains. E. It makes smaller collision domains. F. It makes larger collision domains. |
What is the result of segmenting a network with a bridge (switch)? (Choose two.) A. It increases the number of collision domains. B. It decreases the number of collision domains. C. It increases the number of broadcast domains. D. It decreases the number of broadcast domains. E. It makes smaller collision domains. F. It makes larger collision domains. |
|
|
|
11.09 You connect your host to a switch that is running network analyses software. However, you are not seeing any packets from the server. What do you need to implement on the switch to see all the packet information? A. VLANs B. STP C. Port Mirroring D. Authentication |
You connect your host to a switch that is running network analyses software. However, you are not seeing any packets from the server. What do you need to implement on the switch to see all the packet information? A. VLANs B. STP C. Port Mirroring D. Authentication |
|
|
|
11.10 Which of the following features of a switch will allow two switches to pass network information? A. PoE B. VLANs C. Trunking D. STP |
Which of the following features of a switch will allow two switches to pass network information? A. PoE B. VLANs C. Trunking D. STP |
|
|
|
11.11 What are the distinct functions of Layer 2 switching that increase available bandwidth on the network? (Choose three.) A. Address learning B. Routing C. Forwarding and filtering D. Creating network loops E. Loop avoidance F. IP addressing |
What are the distinct functions of Layer 2 switching that increase available bandwidth on the network? (Choose three.) A. Address learning B. Routing C. Forwarding and filtering D. Creating network loops E. Loop avoidance F. IP addressing |
|
|
|
11.12 Which of the following statements is true? A. A switch creates a single collision domain and a single broadcast domain. A router creates a single collision domain. B. A switch creates separate collision domains but one broadcast domain. A router provides a separate broadcast domain. C. A switch creates a single collision domain and separate broadcast domains. A router provides a separate broadcast domain as well. D. A switch creates separate collision domains and separate broadcast domains. A router provides separate collision domains. |
Which of the following statements is true? A. A switch creates a single collision domain and a single broadcast domain. A router creates a single collision domain. B. A switch creates separate collision domains but one broadcast domain. A router provides a separate broadcast domain. C. A switch creates a single collision domain and separate broadcast domains. A router provides a separate broadcast domain as well. D. A switch creates separate collision domains and separate broadcast domains. A router provides separate collision domains. |
|
|
|
11.13 What does a switch do when a frame is received on an interface and the destination hardware address is unknown or not in the filter table? A. Forwards the switch to the first available link B. Drops the frame C. Floods the network with the frame looking for the device D. Sends back a message to the originating station asking for a name resolution |
What does a switch do when a frame is received on an interface and the destination hardware address is unknown or not in the filter table? A. Forwards the switch to the first available link B. Drops the frame C. Floods the network with the frame looking for the device D. Sends back a message to the originating station asking for a name resolution |
|
|
|
11.14 If a switch receives a frame, and the source MAC address is not in the MAC address table but the destination address is, what will the switch do with the frame? A. Discard it and send an error message back to the originating host B. Flood the network with the frame C. Add the source address and port to the MAC address table and forward the frame out the destination port |
If a switch receives a frame, and the source MAC address is not in the MAC address table but the destination address is, what will the switch do with the frame? A. Discard it and send an error message back to the originating host B. Flood the network with the frame C. Add the source address and port to the MAC address table and forward the frame out the destination port |
|
|
|
11.15 Which of the following help isolate network traffic? A. hubs B. VLANs C. Repeaters D. Hosts |
Which of the following help isolate network traffic? A. hubs B. VLANs C. Repeaters D. Hosts |
|
|
|
11.16 When is STP said to be converged? (Choose two.) A. When all ports are in the forwarding state B. When all ports are in the blocking state C. When all ports are in the Listening state D. When all ports are in the Learning state |
When is STP said to be converged? (Choose two.) A. When all ports are in the forwarding state B. When all ports are in the blocking state (The sequence for a switch convergence is blocking, listening, learning and then forwarding. When all ports are in either the blocking or forwarding state, a switch is “converged” according to Lammle.) C. When all ports are in the Listening state D. When all ports are in the Learning state |
|
|
|
11.17 In which two states is the MAC address table populated with addresses? A. Blocked B. Listening C. Learning D. Forwarding |
In which two states is the MAC address table populated with addresses? A. Blocked B. Listening C. Learning D. Forwarding |
|
|
|
11.18 You have multiple departments all connected to switches, with cross-over cables connecting the switches together. However, response time on the network is still very slow because you have upgraded from hubs to switches. What technology should you implement to improve response time on the networks? A. STP B. VLANs C. Convergence D. OSPF |
You have multiple departments all connected to switches, with cross-over cables connecting the switches together. However, response time on the network is still very slow because you have upgraded from hubs to switches. What technology should you implement to improve response time on the networks? A. STP B. VLANs C. Convergence D. OSPF |
|
|
|
11.19 Why are switches better than hubs in your network by default? A. Because they break up broadcast commands by default B. Because each port on a switch is a broadcast domain C. Because each port on a switch is a collision domain D. Because all ports on a hub are broken into broadcast domains by default |
Why are switches better than hubs in your network by default? A. Because they break up broadcast commands by default B. Because each port on a switch is a broadcast domain C. Because each port on a switch is a collision domain D. Because all ports on a hub are broken into broadcast domains by default |
|
|
|
11.20 What is a disadvantage of using port spanning? A. It breaks up broadcast domains on all ports B. It can create overhead on the switch C. It makes the switch one large collision domain D. It makes the switch fast between only two ports instead of all ports |
What is a disadvantage of using port spanning? A. It breaks up broadcast domains on all ports B. It can create overhead on the switch (FYI -- “port spanning” <=> “port mirroring.”) C. It makes the switch one large collision domain D. It makes the switch fast between only two ports instead of all ports |
|
|
|
11.21 VLANs break up ________ domains in a Layer 2 switched network. |
Broadcast |
|
|
|
11.22 Switches, by default, only break up ________ domains. |
Collision |
|
|
|
11.23 What does trunking provide? |
Trunking allows you to make a single port part of multiple VLANs at the same time. |
|
|
|
11.24 You need to power a device, such as an access point or IP phone. What protocol can provide power to these devices over an Ethernet cable? |
|
|
|
|
11.25 You plug a host into a switch port, but the user can’t get to the services it needs. What is probably the problem? |
Power over Ethernet (PoE) |
|
|
|
11.26 If a destination MAC address is not in the forward/filter table, what will the switch do with the frame? |
Flood the frame out all ports except the port it was received on |
|
|
|
11.27 What are the three switch functions at Layer 2? |
Address learning, filtering, and loop avoidance |
|
|
|
11.28 If a frame is received on a switch port and the source MAC address is not in the forward/ filter table, what will the switch do? |
It will add the source MAC address to the forward/filter table. |
|
|
|
11.29 What is used at Layer 2 to prevent switching loops? |
Spanning Tree Protocol (STP) |
|
|
|
11.30 You need to implement a separate network for contractors and guests working at your office. Which technology should you implement? |
Create a VLAN for Contractor and another VLAN for guests |
|
|
|
12.01 You need to install wireless Internet access in an open warehouse environment. After installing the equipment the technician notices varying signal strengths throughout the warehouse. A. Turn on broadcast key rotation B. Change the encryption method used on all the AP’s C. Change the antenna placement D. Use channel bonding E. Use channel shaping |
You need to install wireless Internet access in an open warehouse environment. After installing the equipment the technician notices varying signal strengths throughout the warehouse. A. Turn on broadcast key rotation B. Change the encryption method used on all the AP’s C. Change the antenna placement D. Use channel bonding E. Use channel shaping |
|
|
|
12.02 What is the frequency range of the IEEE 802.11a standard? A. 2.4Gbps B. 5Gbps C. 2.4GHz D. 5GHz |
What is the frequency range of the IEEE 802.11a standard? A. 2.4Gbps B. 5Gbps C. 2.4GHz D. 5GHz |
|
|
|
12.03 What is the frequency range of the IEEE 802.11g standard? A. 2.4Gbps B. 5Gbps C. 2.4GHz D. 5GHz |
What is the frequency range of the IEEE 802.11g standard? A. 2.4Gbps B. 5Gbps C. 2.4GHz (Both 802.11b and 802.11g broadcast at 2.4GHz) D. 5GHz |
|
|
|
12.04 Which devices can interfere with the operation of a wireless network because they operate on similar frequencies? (Choose two.) A. Copier B. Microwave oven C. Toaster D. Cordless phone E. IP phone F. AM radio |
Which devices can interfere with the operation of a wireless network because they operate on similar frequencies? (Choose two.) A. Copier B. Microwave oven C. Toaster D. Cordless phone E. IP phone F. AM radio |
|
|
|
12.05 Which wireless standard allows you to channel bond to increase bandwidth and uses both the 2.4Ghz and 5Ghz frequencies? A. 802.11b B. 802.11g C. 802.11a D. 802.11n |
Which wireless standard allows you to channel bond to increase bandwidth and uses both the 2.4Ghz and 5Ghz frequencies? A. 802.11b B. 802.11g C. 802.11a D. 802.11n |
|
|
|
12.06 How many non-overlapping channels are available with 802.11b? A. 3 B. 12 C. 23 D. 40 |
How many non-overlapping channels are available with 802.11b? A. 3 B. 12 C. 23 D. 40 |
|
|
|
12.07 How many non-overlapping channels are available with 802.11a? A. 3 B. 12 C. 23 D. 40 |
How many non-overlapping channels are available with 802.11a? A. 3 B. 12 C. 23 D. 40 |
|
|
|
12.08 What is the maximum data rate for the 802.11a standard? A. 6Mbps B. 11Mbps C. 22Mbps D. 54Mbps |
What is the maximum data rate for the 802.11a standard? A. 6Mbps B. 11Mbps C. 22Mbps D. 54Mbps |
|
|
|
12.09 You need to install wireless on multiple floors of a large building and maintenance area. What is your first concern before installing the AP’s? A. Authentication B. Encryption C. Channel Overlap D. AP configuration |
You need to install wireless on multiple floors of a large building and maintenance area. What is your first concern before installing the AP’s? A. Authentication B. Encryption C. Channel Overlap D. AP configuration |
|
|
|
12.10 What is the maximum data rate for the 802.11b standard? A. 6Mbps B. 11Mbps C. 22Mbps D. 54Mbps |
What is the maximum data rate for the 802.11b standard? A. 6Mbps B. 11Mbps C. 22Mbps D. 54Mbps |
|
|
|
12.11 You connect a new host to your companies wireless network. The host is set to receives a DHCP address and the WEP key is entered correctly, however, the host cannot connect to the network. What can the problem be? A. DNS is not configured on the host B. MAC filtering is enabled on the AP C. The network has run out of wireless connections D. The host is enabled to run 802.11b and 802.11g |
You connect a new host to your companies wireless network. The host is set to receives a DHCP address and the WEP key is entered correctly, however, the host cannot connect to the network. What can the problem be? A. DNS is not configured on the host B. MAC filtering is enabled on the AP C. The network has run out of wireless connections D. The host is enabled to run 802.11b and 802.11g |
|
|
|
12.12 Which is the highest encryption that WPA2 can use? A. AES-CCMP B. PPK via IV C. PSK D. TKIP/MIC |
Which is the highest encryption that WPA2 can use? A. AES-CCMP B. PPK via IV C. PSK D. TKIP/MIC |
|
|
|
12.13 Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabled? A. Set the SSID value in the client software to public. B. Configure open authentication on the AP and the client. C. Set the SSID value on the client to the SSID configured on the AP. D. Configure MAC address filtering to permit the client to connect to the AP. |
Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabled? A. Set the SSID value in the client software to public. B. Configure open authentication on the AP and the client. C. Set the SSID value on the client to the SSID configured on the AP. D. Configure MAC address filtering to permit the client to connect to the AP. |
|
|
|
12.14 Which spread-spectrum technology does the 802.11b standard define for operation? A. IR B. DSSS C. FHSS D. DSSS and FHSS E. IR, FHSS, and DSSS |
Which spread-spectrum technology does the 802.11b standard define for operation? A. IR B. DSSS C. FHSS D. DSSS and FHSS E. IR, FHSS, and DSSS |
|
|
|
12.15 Which wireless LAN design ensures that a mobile wireless client will not lose connectivity when moving from one access point to another? A. Using adapters and access points manufactured by the same company B. Overlapping the wireless cell coverage by at least 10% C. Configuring all access points to use the same channel D. Utilizing MAC address filtering to allow the client MAC address to authenticate with the surrounding APs |
Which wireless LAN design ensures that a mobile wireless client will not lose connectivity when moving from one access point to another? A. Using adapters and access points manufactured by the same company B. Overlapping the wireless cell coverage by at least 10% C. Configuring all access points to use the same channel D. Utilizing MAC address filtering to allow the client MAC address to authenticate with the surrounding APs |
|
|
|
12.16 You have installed a point-to-point connection using wireless bridges and omni-directional antennas between two buildings. The throughput is low. What can you do to improve the link? A. Replace the bridges with AP’s B. Replace the omni-directional antennas with Yagi’s C. Configure 802.11a on the links D. Install amps to boost the signal |
You have installed a point-to-point connection using wireless bridges and omni-directional antennas between two buildings. The throughput is low. What can you do to improve the link? A. Replace the bridges with AP’s B. Replace the omni-directional antennas with Yagi’s C. Configure 802.11a on the links D. Install amps to boost the signal |
|
|
|
12.17 What does Extended Service Set ID mean (ESS)? A. That you have more than one access point, and they are in the same SSID connected by a distribution system B. That you have more than one access point, and they are in separate SSIDs connected by a distribution system C. That you have multiple access points, but they are placed physically in different buildings D. That you have multiple access points, but one is a repeater access point |
What does Extended Service Set ID mean (ESS)? A. That you have more than one access point, and they are in the same SSID connected by a distribution system B. That you have more than one access point, and they are in separate SSIDs connected by a distribution system C. That you have multiple access points, but they are placed physically in different buildings D. That you have multiple access points, but one is a repeater access point |
|
|
|
12.18 What is one reason that WPA encryption is preferred over WEP? A. A WPA key is longer and requires more special characters than the WEP key. B. The access point and the client are manually configured with different WPA key values. C. WPA key values remain the same until the client configuration is changed. D. The values of WPA keys can change dynamically while the system is used. |
What is one reason that WPA encryption is preferred over WEP? A. A WPA key is longer and requires more special characters than the WEP key. B. The access point and the client are manually configured with different WPA key values. C. WPA key values remain the same until the client configuration is changed. D. The values of WPA keys can change dynamically while the system is used. |
|
|
|
12.19 How wide are the channels used in 802.11n in order to gain the large bandwidth that the specification provides? A. 22MHz B. 20Mhz C. 40Mhz D. 100Mhz |
How wide are the channels used in 802.11n in order to gain the large bandwidth that the specification provides? A. 22MHz B. 20Mhz C. 40Mhz D. 100Mhz |
|
|
|
12.20 802.11n uses MIMO. How does this optimize throughput to gain the high speed advantage that 802.11n provides? A. By specifying an acknowledgment of each and every frame, 802.11n provides better overhead. B. Several frames are sent by several antennae over several paths and are then recombined by another set of antennae. C. One frame at a time is sent, but faster than in 802.11g because multiple antennas are used (multiple-in, multiple-out). D. MIMO packs smaller packets into a single unit, which improves throughput. |
802.11n uses MIMO. How does this optimize throughput to gain the high speed advantage that 802.11n provides? A. By specifying an acknowledgment of each and every frame, 802.11n provides better overhead. B. Several frames are sent by several antennae over several paths and are then recombined by another set of antennae. C. One frame at a time is sent, but faster than in 802.11g because multiple antennas are used (multiple-in, multiple-out). D. MIMO packs smaller packets into a single unit, which improves throughput. |
|
|
|
12.27 APs come set up with what type of security enabled by default? |
None |
|
|
|
12.28 Why would we use WPA instead of basic WEP? |
The values of WPA keys can change dynamically while the system is used. |
|
|
|
12.29 Which IEEE committee has been sanctioned by WPA and is called WPA 2? |
The IEEE 802.11i standard has been sanctioned by WPA and is called WPA version 2. |
|
|
|
12.30 The IEEE 802.11b/g basic standard has how many non-overlapping channels? |
Three (1, 6, 11) |
|
|
|
12.101 Provide the missing information. Wireless Standard: ? Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
|
|
|
12.102 Provide the missing information. Wireless Standard: 802.11a Frequency: ? Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
|
|
|
12.103 Provide the missing information. Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: ? Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
|
|
|
12.104 Provide the missing information. Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: ? Range: 35 m indoors/ 120 outdoors |
Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
|
|
|
12.105 Provide the missing information. Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: ? |
Wireless Standard: 802.11a Frequency: 5 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM Range: 35 m indoors/ 120 outdoors |
|
|
|
12.111 Provide the missing information. Wireless Standard: ? Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: s32 m indoors/ 140 m outdoor |
Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.112 Provide the missing information. Wireless Standard: 802.11b Frequency: ? Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: 32 m indoors/ 140 m outdoors |
Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.113 Provide the missing information. Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: ? Transmission Method: DSSS Range: 32 m indoors/ 140 m outdoors |
Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.114 Provide the missing information. Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: ? Range: 32 m indoors/ 140 m outdoors |
Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.115 Provide the missing information. Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: ? |
Wireless Standard: 802.11b Frequency: 2.4 GHz Maximum Data Rate: 11 Mbps Transmission Method: DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.121 Provide the missing information. Wireless Standard: ? Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.122 Provide the missing information. Wireless Standard: 802.11g Frequency: ? Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.123 Provide the missing information. Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: ? Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.124 Provide the missing information. Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: ? Range: 32 m indoors/ 140 m outdoors |
Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.125 Provide the missing information. Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: ? |
Wireless Standard: 802.11g Frequency: 2.4 GHz Maximum Data Rate: 54 Mbps Transmission Method: OFDM or DSSS Range: 32 m indoors/ 140 m outdoors |
|
|
|
12.131 Provide the missing information. Wireless Standard: ? Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.132 Provide the missing information. Wireless Standard: 802.11n Frequency: ? Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.133 Provide the missing information. Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: ? Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.134 Provide the missing information. Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: ? Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.135 Provide the missing information. Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: ? |
Wireless Standard: 802.11n Frequency: 2.4 or 5 GHz (or both) Maximum Data Rate: >300 Mbps (with channel bonding) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.141 Provide the missing information. Wireless Standard: ? Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.142 Provide the missing information. Wireless Standard: 802.11ac Frequency: ? Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.143 Provide the missing information. Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: ? Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.144 Provide the missing information. Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: ? Range: 70 m indoors/ 250 m outdoors |
Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
12.145 Provide the missing information. Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: ? |
Wireless Standard: 802.11ac Frequency: 5 GHz Maximum Data Rate: >6 Gbps (with MU-MIMO and multiple antennas) Transmission Method: OFDM Range: 70 m indoors/ 250 m outdoors |
|
|
|
13.01 To reduce the possibility of security break-ins from unauthorized users, which should be implemented? A. Packet sniffers B. Firewall C. Port scanners D. Intrusion detection system |
To reduce the possibility of security break-ins from unauthorized users, which should be implemented? A. Packet sniffers B. Firewall C. Port scanners D. Intrusion detection system |
|
|
|
13.02 What is the main difference between a private network and a public network? A. In a private network, everyone has access. In a public network, only authorized users have access. B. In a private network, only authorized users have access. In a public network, only authorized users have access. C. In a private network, only authorized users have access. In a public network, everyone that is connected has access. D. In a private network, everyone has access. In a public network, only the first 100 people have access. |
What is the main difference between a private network and a public network? A. In a private network, everyone has access. In a public network, only authorized users have access. B. In a private network, only authorized users have access. In a public network, only authorized users have access. C. In a private network, only authorized users have access. In a public network, everyone that is connected has access. D. In a private network, everyone has access. In a public network, only the first 100 people have access. |
|
|
|
13.03 You have a remote user that can connect to the Internet but not to the office via their VPN client. After determining the problem, which should be your next step? A. Have the client reboot their host B. Make sure the user has the correct VPN address and password C. Have the client reinstall their VPN software D. Reboot the router at the corporate office |
You have a remote user that can connect to the Internet but not to the office via their VPN client. After determining the problem, which should be your next step? A. Have the client reboot their host B. Make sure the user has the correct VPN address and password C. Have the client reinstall their VPN software D. Reboot the router at the corporate office |
|
|
|
13.04 Which IP Address should you deny into your internetwork? A. 126.10.10.0/8 B. 168.0.0.0/8 C. 128.0.0.0/8 D. 127.0.0.0/8 |
Which IP Address should you deny into your internetwork? A. 126.10.10.0/8 B. 168.0.0.0/8 C. 128.0.0.0/8 D. 127.0.0.0/8 (This is an address from the restriced loopback |
local host range.)
|
|
|
13.05 Which of the following is a tunneling protocol? A. Layer 2 Tunneling Protocol (L2TP) B. Internet Protocol Security (IPSec) C. Secure Sockets Layer (SSL) D. All of the above |
Which of the following is a tunneling protocol? A. Layer 2 Tunneling Protocol (L2TP) B. Internet Protocol Security (IPSec) C. Secure Sockets Layer (SSL) D. All of the above |
|
|
|
13.06 Which tunneling protocol is based on RSA public-key encryption? A. SSL B. L2TP C. IPSec D. SSL VPN |
Which tunneling protocol is based on RSA public-key encryption? A. SSL B. L2TP C. IPSec D. SSL VPN |
|
|
|
13.07 What is the minimum number of characters you should use when creating a secure password? A. 6 B. 7 C. 8 D. 15 |
What is the minimum number of characters you should use when creating a secure password? A. 6 B. 7 C. 8 D. 15 |
|
|
|
13.08 Which layer of the OSI model does IPSec operate in? A. Physical B. Network C. Transport D. Application |
Which layer of the OSI model does IPSec operate in? A. Physical B. Network C. Transport D. Application |
|
|
|
13.09 Which protocol works in both the transport mode and tunneling mode? A. SSL B. L2TP C. PPTP D. IPSec |
Which protocol works in both the transport mode and tunneling mode? A. SSL B. L2TP C. PPTP D. IPSec |
|
|
|
13.10 Companies that want to ensure their data is secure during transit should follow what practice? A. Firewalls B. Encryption C. Data accounting D. Routing table |
Companies that want to ensure their data is secure during transit should follow what practice? A. Firewalls B. Encryption C. Data accounting D. Routing table |
|
|
|
13.11 Which network utilities do not have the ability to encrypt passwords? (Select two.) A. FTP B. SSH C. Telnet D. SCP |
Which network utilities do not have the ability to encrypt passwords? (Select two.) A. FTP B. SSH C. Telnet D. SCP |
|
|
|
13.12 To encode or read an encrypted message, what tool is necessary? A. Routing table B. Internet access C. Encryption key D. Email address |
To encode or read an encrypted message, what tool is necessary? A. Routing table B. Internet access C. Encryption key D. Email address |
|
|
|
13.13 Which keys are known as symmetrical keys? A. Private B. Public C. Diffie-Hellman D. RSA |
Which keys are known as symmetrical keys? A. Private B. Public C. Diffie-Hellman D. RSA |
|
|
|
13.14 Which of the following is not a type of public-key encryption? A. Diffie-Hellman algorithm B. RSA Data Security C. Pretty Good Privacy (PGP) D. DES |
Which of the following is not a type of public-key encryption? A. Diffie-Hellman algorithm B. RSA Data Security C. Pretty Good Privacy (PGP) D. DES |
|
|
|
13.15 Which of the following VPN protocols runs over port 1723 and allows encryption to be done at the data level, and allows secure access? A. RAS B. Radius C. PPPoE D. PPTP |
Which of the following VPN protocols runs over port 1723 and allows encryption to be done at the data level, and allows secure access? A. RAS B. Radius C. PPPoE D. PPTP |
|
|
|
13.16 At which stage of PPPoE are the MAC addresses of each of the end points of the connection given to each other so that a PPP connection can be made? A. Session B. Discovery C. Transport D. Final |
At which stage of PPPoE are the MAC addresses of each of the end points of the connection given to each other so that a PPP connection can be made? A. Session B. Discovery (FYI -- The second stage is the Session stage) C. Transport D. Final |
|
|
|
13.17 A network administrator wanting to assign passwords to individual files, folders, or printers would implement which type of security? A. Building password B. Group password C. Share-level security D. User-level security |
A network administrator wanting to assign passwords to individual files, folders, or printers would implement which type of security? A. Building password B. Group password C. Share-level security D. User-level security |
|
|
|
13.18 Which of the following authentication methods allows for domain level authentication on both wired and wireless networks? A. RADIUS B. TACACS+ C. PKI D. RDP |
Which of the following authentication methods allows for domain level authentication on both wired and wireless networks? A. RADIUS (RADIUS is capable of delivering both authentication and encryption in either wired or wireless networks.) B. TACACS+ C. PKI D. RDP |
|
|
|
13.19 Which user-client-server authentication software system combines user authentication and authorization into one central database and maintains user profiles? A. RADIUS B. TACACS+ C. Kerberos D. PKI |
Which user-client-server authentication software system combines user authentication and authorization into one central database and maintains user profiles? A. RADIUS B. TACACS+ C. Kerberos D. PKI |
|
|
|
13.20 Which of the following is not a Network Access Control method? A. CHAP B. 802.1x C. EAP D. ICA |
Which of the following is not a Network Access Control method? A. CHAP B. 802.1x C. EAP D. ICA (ICA -- Independent Computing Architecture -- is a protocol to enable remote desktops. It does not control access.) |
|
|
|
13.21 What two types of addresses can access control lists filter? |
IP addresses and MAC addresses |
|
|
|
13.22 Which encryption protocol works with both IPv4 and IPv6? |
IPSec |
|
|
|
13.23 Which encryption protocol or standard allows you to create a virtual subnet on an intranet? |
SSL VPN |
|
|
|
13.24 Which user-authentication method uses a public key and private key pair? |
PKI |
|
|
|
13.25 In an authentication system that uses private and public keys, who should have access to the private key? |
Only the owner of the key |
|
|
|
13.26 Which authentication method relies on tickets to grant access to resources? |
Kerberos |
|
|
|
13.27 In computer security, what does AAA stand for? |
Authentication, authorization, and accounting |
|
|
|
13.28 Which network-access security method is commonly used in wireless networks? |
802.1x |
|
|
|
13.29 Which user-authentication method is available only in an all-Windows environment? |
MS-CHAP |
|
|
|
13.30 Which user-authentication method utilizes the TCP protocol? |
TACACS+ |
|
|
|
14.01 Which of the following is a type of denial of service attack? A. Ping of Death B. Stacheldraht C. SYN flood D. All of the above |
Which of the following is a type of denial of service attack? A. Ping of Death B. Stacheldraht C. SYN flood D. All of the above |
|
|
|
14.02 Which is not a type of threat that can affect your network? A. Worm B. Phishing C. Access control list D. Rogue access point |
Which is not a type of threat that can affect your network? A. Worm B. Phishing C. Access control list D. Rogue access point |
|
|
|
14.03 Which type of virus impacts .COM, .EXE, and .DLL files? A. File viruses B. SYN flood C. Smurf D. Tribe Flood Network |
Which type of virus impacts .COM, .EXE, and .DLL files? A. File viruses (Though the attacks below may employ a virus or backdoor to create zombie nets, they are DoS attacks… and not machine-specific.) B. SYN flood C. Smurf D. Tribe Flood Network |
|
|
|
14.04 Which type of virus uses the Visual Basic macro-scripting language to perform malicious or mischievous functions in data files? A. IP spoofing B. File C. Macro D. None of the above |
Which type of virus uses the Visual Basic macro-scripting language to perform malicious or mischievous functions in data files? A. IP spoofing B. File C. Macro D. None of the above |
|
|
|
14.05 Monkey B, Michelangelo, Stoned, and Stealth Boot are examples of which type of virus? A. IP spoofing B. Multipartite C. Macro D. Boot sector |
Monkey B, Michelangelo, Stoned, and Stealth Boot are examples of which type of virus? A. IP spoofing B. Multipartite C. Macro D. Boot sector |
|
|
|
14.06 Which type of virus affects both the boot sector and files on a computer? A. Mulipartite B. Macro C. Tribe Flood Network 2000 (TFN2K) D. Smurf |
Which type of virus affects both the boot sector and files on a computer? A. Mulipartite B. Macro C. Tribe Flood Network 2000 (TFN2K) D. Smurf |
|
|
|
14.07 What is the main difference between a worm and a virus? A. Worms require user action for replication. B. Viruses do not require user intervention for replication. C. Worms can replicate without user intervention. D. None of the above |
What is the main difference between a worm and a virus? A. Worms require user action for replication. B. Viruses do not require user intervention for replication. C. Worms can replicate without user intervention. D. None of the above |
|
|
|
14.08 What kind of attack could a hacker use to target a network that tries to log in to some type of shared network resource? A. Packet sniffers B. Brute-force attack C. Worm D. Backdoor |
What kind of attack could a hacker use to target a network that tries to log in to some type of shared network resource? A. Packet sniffers B. Brute-force attack (This is the only attack type that “tries to log in.”) C. Worm D. Backdoor |
|
|
|
14.09 What type of security threat allows an attacker to learn your password through the use of an email or phone call? A. Phishing B. Trust-exploration attack C. Man-in-the-middle attack D. Rogue access point |
What type of security threat allows an attacker to learn your password through the use of an email or phone call? A. Phishing B. Trust-exploration attack C. Man-in-the-middle attack D. Rogue access point |
|
|
|
14.10 Which type of policy should be implemented to secure important company documents and materials when employees leave their workstations? A. Clean housekeeping B. Clean desk C. Security audit D. Proactive defense |
Which type of policy should be implemented to secure important company documents and materials when employees leave their workstations? A. Clean housekeeping B. Clean desk C. Security audit D. Proactive defense |
|
|
|
14.11 If you implement a set of policies and procedures that define corporate information as confidential and then train employees on these procedures prevents what type of attack? A. DoS B. Man-in-the-middle attacks C. Smurf D. Social engineering |
If you implement a set of policies and procedures that define corporate information as confidential and then train employees on these procedures prevents what type of attack? A. DoS B. Man-in-the-middle attacks C. Smurf D. Social engineering |
|
|
|
14.12 If an employee leaves a company voluntarily, what type of interview should be conducted? A. Entrance B. Application C. Exit D. Manager rating |
If an employee leaves a company voluntarily, what type of interview should be conducted? A. Entrance B. Application C. Exit D. Manager rating |
|
|
|
14.13 What defines the appropriate response to a security event on a network? A. Implementing security procedures B. Installing a new router C. Turning off the network D. HR policy for dress code |
What defines the appropriate response to a security event on a network? A. Implementing security procedures B. Installing a new router C. Turning off the network D. HR policy for dress code |
|
|
|
14.14 What type of virus works its way into the master boot record and changes the pointer to your operating system? A. DoD virus B. Boot-sector virus C. File-system virus D. Macro virus |
What type of virus works its way into the master boot record and changes the pointer to your operating system? A. DoD virus B. Boot-sector virus C. File-system virus D. Macro virus |
|
|
|
14.15 What process allows you to update your Windows-based operating system? A. Technet B. Windows Update C. Text message D. Hot fix |
What process allows you to update your Windows-based operating system? A. Technet B. Windows Update C. Text message D. Hot fix |
|
|
|
14.16 Why is it important to keep your system patched and up to date? A. To completely stop your need for security B. To increase the functionality of your applications C. To fix system vulnerabilities D. To make Windows completely safe and worry free |
Why is it important to keep your system patched and up to date? A. To completely stop your need for security B. To increase the functionality of your applications C. To fix system vulnerabilities D. To make Windows completely safe and worry free |
|
|
|
14.17 A network administrator wanting to assign passwords to network resources only would implement which type of security? A. Building password B. Group password C. Share-level security D. User-level security |
A network administrator wanting to assign passwords to network resources only would implement which type of security? A. Building password B. Group password C. Share-level security D. User-level security |
|
|
|
14.18 Which type of scanning allows an antivirus program to search for a virus even if there is no definition for it? A. Update scan B. Signature-file scan C. Database scan D. Heuristic scan |
Which type of scanning allows an antivirus program to search for a virus even if there is no definition for it? A. Update scan B. Signature-file scan C. Database scan D. Heuristic scan |
|
|
|
14.19 What type of files need to be updated in order for your antivirus program to have the latest information about attacks and viruses? A. Definition files B. Email files C. .doc files D. .exe files |
What type of files need to be updated in order for your antivirus program to have the latest information about attacks and viruses? A. Definition files B. Email files C. .doc files D. .exe files |
|
|
|
14.20 What type of scan can be done by an antivirus program? A. Emergency B. On-demand C. On-access D. All of the above |
What type of scan can be done by an antivirus program? A. Emergency B. On-demand C. On-access D. All of the above (Note that in the Emergency mode, only the AV and OS are running. All other applications are shut down. This is accessed via the AV’s emergency disk.) |
|
|
|
14.21 The Ping of Death and SYN floods are examples of what types of attack? |
Denial of service (DoS) |
|
|
|
14.22 How often should you update your virus definitions in your antivirus software? |
Once per week |
|
|
|
14.23 What is the U.S. Department of Defense standard for individual computers? |
Trusted computer system |
|
|
|
14.24 What type of virus attacks executable programs? |
A file virus |
|
|
|
14.25 What kind of tool could a hacker use to intercept traffic on your network? |
Packet sniffer |
|
|
|
14.26 What type of virus uses Microsoft’s Visual Basic scripting language? |
A macro virus |
|
|
|
14.27 What is it called when someone intercepts traffic on your network that’s intended for a different destination computer? |
Man-in-the-middle attack |
|
|
|
14.28 If someone installed a wireless router on your network without your knowledge, that would be called___________________. |
A rogue access point |
|
|
|
14.29 What software application can help automatically ensure that your Windows-based computers have the most current security patches? |
Windows Update |
|
|
|
14.30 The two different types of virus scans are ___________________. |
On-demand and on-access |
|
|
|
15.01 In general, firewalls work by ___________________. A. Rejecting all packets regardless of security restrictions B. Forwarding all packets regardless of security restrictions C. Allowing only packets that pass security restrictions to be forwarded D. None of the above |
In general, firewalls work by ___________________. A. Rejecting all packets regardless of security restrictions B. Forwarding all packets regardless of security restrictions C. Allowing only packets that pass security restrictions to be forwarded D. None of the above |
|
|
|
15.02 Which layer of the OSI model do software firewalls operate in? (Choose all that apply.) A. Application B. Presentation C. Physical D. Network |
Which layer of the OSI model do software firewalls operate in? (Choose all that apply.) A. Application B. Presentation C. Physical D. Network |
|
|
|
15.03 What is the main difference between a network-based firewall and a host-based firewall? A. A network-based firewall protects the Internet from attacks. B. A network-based firewall protects a network, not just a single host. C. A network-based firewall protects the network wires. D. A network-based firewall protects a CD from data loss. |
What is the main difference between a network-based firewall and a host-based firewall? A. A network-based firewall protects the Internet from attacks. B. A network-based firewall protects a network, not just a single host. C. A network-based firewall protects the network wires. D. A network-based firewall protects a CD from data loss. |
|
|
|
15.04 What is one advantage that a stateless firewall has over its stateful counterparts? A. It’s faster. B. It utilizes less memory. C. It’s better at preventing network attacks. D. It works better on external networks. |
What is one advantage that a stateless firewall has over its stateful counterparts? A. It’s faster. B. It utilizes less memory. C. It’s better at preventing network attacks. D. It works better on external networks. |
|
|
|
15.05 A network administrator needs to filter unwanted packets when implementing the company's’ security policies. What should be implemented to help exercise control over future network traffic? A. Access control list (ACL) B. Proxy server C. Intrusion Prevention System D. VPN concentrator |
A network administrator needs to filter unwanted packets when implementing the company's’ security policies. What should be implemented to help exercise control over future network traffic? A. Access control list (ACL) (ACL’s allow routers to filter packets, and give admins greater control over network traffic.) B. Proxy server C. Intrusion Prevention System D. VPN concentrator |
|
|
|
15.06 What is the benefit of using a firewall? A. Protects external users B. Protects external hardware C. Protects LAN resources D. Protects hardware from failure |
What is the benefit of using a firewall? A. Protects external users B. Protects external hardware C. Protects LAN resources D. Protects hardware from failure |
|
|
|
15.07 Your company uses a custom TCP port number of 9080 that is hosted on your DMZ server. Users can no longer access a custom application that uses this port. You’ve verified that the firewall is permitting this TCP port. Which command can you use to verify the DMZ server is still accepting connections on TCP port 9080? A. ping B. telnet C. nbtstat D. netstat E. ipconfig |
Your company uses a custom TCP port number of 9080 that is hosted on your DMZ server. Users can no longer access a custom application that uses this port. You’ve verified that the firewall is permitting this TCP port. Which command can you use to verify the DMZ server is still accepting connections on TCP port 9080? A. ping B. telnet C. nbtstat D. netstat E. ipconfig |
|
|
|
15.08 Which device can limit traffic on a network and allow access onto specific TCP/IP port numbers when security is a concern? A. Hub B. Firewall C. DNS D. Modem |
Which device can limit traffic on a network and allow access onto specific TCP/IP port numbers when security is a concern? A. Hub B. Firewall C. DNS D. Modem |
|
|
|
15.09 Which is not a type of access control list (ACL)? A. Standard B. Extended C. Referred D. Outbound |
Which is not a type of access control list (ACL)? A. Standard B. Extended C. Referred D. Outbound |
|
|
|
15.10 A network administrator is creating an outbound ACL. Which of the following is not a general access-list guideline that should be followed when the network administrator is creating and implementing ACLs on the router? A. Use only one ACL per interface per protocol per direction. B. Place IP-extended ACLs as far away from the source as possible. C. Create ACLs and then apply them to an interface. D. Every list should have at least one permit statement or it will deny all traffic. |
A network administrator is creating an outbound ACL. Which of the following is not a general access-list guideline that should be followed when the network administrator is creating and implementing ACLs on the router? A. Use only one ACL per interface per protocol per direction. B. Place IP-extended ACLs as far away from the source as possible. C. Create ACLs and then apply them to an interface. D. Every list should have at least one permit statement or it will deny all traffic. |
|
|
|
15.11 What is the best explanation for a DMZ? A. To separate a security zone for an IPS and IDS server B. To create a security zone for VPN terminations C. To create a security zone that allows public traffic but is isolated from the private inside network D. To create a security zone that allows private traffic but is isolated from the public network |
What is the best explanation for a DMZ? A. To separate a security zone for an IPS and IDS server B. To create a security zone for VPN terminations C. To create a security zone that allows public traffic but is isolated from the private inside network D. To create a security zone that allows private traffic but is isolated from the public network |
|
|
|
15.12 Which of the following are types of services that firewalls can provide? (Choose all that apply.) A. Content filtering B. Segregate network segments C. Signature identification D. Scanning services E. All of the above |
Which of the following are types of services that firewalls can provide? (Choose all that apply.) A. Content filtering B. Segregate network segments C. Signature identification D. Scanning services E. All of the above |
|
|
|
15.13 Which type of security device monitors network traffic, looking for signs of an intrusion? A. Intrusion Detection System B. Demilitarized zone (DMZ) C. Firewall D. VPN concentrator |
Which type of security device monitors network traffic, looking for signs of an intrusion? A. Intrusion Detection System B. Demilitarized zone (DMZ) C. Firewall D. VPN concentrator |
|
|
|
15.14 Which of these application-layer protocols is not secure? A. SSH B. HTTP C. HTTPS D. SNMPv3 |
Which of these application-layer protocols is not secure? A. SSH B. HTTP C. HTTPS D. SNMPv3 |
|
|
|
15.15 Which of these application-layer protocols is secure? A. SFTP B. RSH C. SNMPv1 D. SNMPv2 |
Which of these application-layer protocols is secure? A. SFTP (Note that SMTPv3 is secure, but v1 and v2 are not.) B. RSH C. SNMPv1 D. SNMPv2 |
|
|
|
15.16 Changing network configurations, terminating sessions, and deceiving the attacker are actions that can be taken from what type of security device? A. Access control list (ACL) B. Content filtering C. Security zones D. Intrusion Prevention System (IPS) |
Changing network configurations, terminating sessions, and deceiving the attacker are actions that can be taken from what type of security device? A. Access control list (ACL) B. Content filtering C. Security zones D. Intrusion Prevention System (IPS) |
|
|
|
15.17 Which of the following are access-control principles that should be followed? (Choose all that apply.) A. Use implicit deny or allow. B. Follow the least-privilege model. C. Separate out administrative duties. D. Rotate administrator jobs. E. All of the above |
Which of the following are access-control principles that should be followed? (Choose all that apply.) A. Use implicit deny or allow. B. Follow the least-privilege model. C. Separate out administrative duties. D. Rotate administrator jobs. E. All of the above<.b> |
|
|
|
15.18 Which protocol uses port 22 by default? A. Telnet B. FTP C. SSH D. HTTPS |
Which protocol uses port 22 by default? A. Telnet B. FTP C. SSH D. HTTPS |
|
|
|
15.19 A network administrator needs to transfer files from one computer to another. What protocol would most likely be used in this scenario? A. Telnet B. FTP C. HTTP D. RCP |
A network administrator needs to transfer files from one computer to another. What protocol would most likely be used in this scenario? A. Telnet B. FTP C. HTTP D. RCP |
|
|
|
15.20 What protocol can be used to transfer files and is similar to FTP but not secure? A. SCP B. SFTP C. SSH D. TFTP |
What protocol can be used to transfer files and is similar to FTP but not secure? A. SCP B. SFTP C. SSH D. TFTP (This question is phrased odd, since FTP is not secure either.) |
|
|
|
15.21 Which type of security device employs a redirection device known as a honeypot? |
Intrusion Prevention System |
|
|
|
15.22 Which type of firewall keeps track of existing connections passing through it? |
Stateful |
|
|
|
15.23 If you wanted to ensure that your firewall could block inflammatory email, which type of service would you look for? |
Content filtering |
|
|
|
15.24 A firewall’s list of rules that it uses to block traffic is called ___________________. |
Access Control List (ACL) |
|
|
|
15.25 If you wanted to allow remote access to 500 users, which type of device is recommended? |
A VPN concentrator |
|
|
|
15.26 If data from one of your subnets should be restricted from entering another subnet, the subnets should be configured as different ___________________. |
Security zones |
|
|
|
15.27 Which unsecure protocol uses port 80 by default? |
HTTP |
|
|
|
15.28 Which unsecure protocol utilizes arbitrary port numbers to complete its work? |
FTP |
|
|
|
15.29 What port number does Secure Shell (SSH) use by default? |
22 |
|
|
|
15.30 Logging, notification, and shunning are what types of reactions from what type of security device? |
Passive reactions from an IDS |
|
