14.3.9 Practice exam

Flashcard maker : Lily Taylor
Members off the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks.
You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed.
Which solution should you use?
NAC
You have a company network with a single switch. All devices connect to the network through the switch.
You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download.
Which of the following components will be part of your solutions? select two
802.1a authentications
Remediation servers
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch.
You want to make sure that visitors cannot plug their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network.
What feature should you configure?
Port authentication
In which of the following situations would you use port security?
You want to restrict the devices that could connect through a switch port.
You are the network administrator for a city library. Thought the library are several groups of computers that provide public access to the internet…..
The library computers are in croups of four. each group of four computers is connected to a hub that is connected to the library network…
What can you do?
Configure port security on the switch
Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access.
You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented.
VLAN
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organizations firewall.
As a result, the switch drops the DHCP message from that server.
Which security feature was enabled on the switch to accomplish this?
DHCP snooping
A network switch is configured to perform the following checks on its ports.
-all ARP requests
-each intercepted request
-if the packet has a valid Binding
-if the packet has an invalid binding
What security feature was enabled on the switch to accomplish this?
Dynamic ARP inspection
Which type of security uses MAC addresses to identify devices that are allowed or denied a connection to a switch?
Port security
Match the port security MAC address type on the left with its description on the right
MAC address manually identified as an allowed address SecureConfigured

MAC address that has been learned and allowed by the switch SecureDynamic

MAC address that is manually configured or dynamically learned that is saved in the config file
SecureSticky

You are in the process of implementing a Network Access Protection (NAP) infrastructure to increase your networks security.
You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. the remediation network needs to be isolated from the secure network.
Which should you implement to do this?
Network segmentation
Match the network Access Protection (NAP) component on the left with is description on the right.
Generates a stament of Health (SoH) that reports the client configuration for health requirements.
NAP Client
Runs the System Health Validator (SHV)
NAP Server
Is the connection point for clients to the network
Enforcement Server (ES)
Contain resources accessible to non-compliant computers on the limited-access network.
Remediation Server

Get instant access to
all materials

Become a Member