Network pro chapter 12 – Flashcards

You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update? Change documentation Configuration documentation Wiring schematic Network diagram

You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update? Wiring schematic logical network diagram Baseline Procedure

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device? Change management resources allocation SLA acceptable use

Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet? Wiring schematic Policy Baseline Procedure

You need to find out what kind of laws might apply to the design and operation of your network which type of document would you consult? Baseline Procedure Policy Regulation

In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet address of each connected subnet. Which type of document would most likely have this information? Procedure Policy Wiring schematic Baseline Network diagram

Which of the following information are you likely to find in a policy document? Steps for completing and validating nightly backups Average performance statistics for router A requirement for using encrypted communications for web transactions The IP address assigned to a router interface

Which of the following information are you likely to find in a procedure document An inventory of the hardware components in a specific device a record of the repairs made to the specific device The relationship of routers to other routers on the network Details on how to test and deploy patches

Which of the following documents would likely identify that drop cables on your network use the T568A standard? Policy Baseline Change log Network diagram Wiring schematic

You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check? Wiring schematic Policy Configuration documentary baseline

A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law? Change documentation Configuration documentation Procedure Policy

You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic? Network diagram History log Baseline Event log

You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change? Configuration documentation Wiring schematic Baseline Change log Network diagram

Which of the following terms describes a test lab environment that does not require the use of physical hardware? offsite virtual storage VLAN Network as a service (NaaS) Virtual sandbox

You manage a network with a single switch. All hosts connect to the network through the switch. You want to increase the security of devices that are part of the accounting department. You want to make sure that broadcast traffic sent by an accounting computer is only received by other accounting computer , and you want to implement ACLs to control traffic sent to accounting computers through the network. What should you do? Configure MAC address filtering on the switch for the accounting computers Implement NAC with 802.1x authentication for the accounting computers. Configure a VLAN on the switch for the accounting computers. Use a router to configure a subnet for the accounting computers.

You walk by the server room and notice a fire started. What should you do first? Make sure everyone has cleared the area Turn on the overhead sprinklers. Grab a fire extinguisher and try to put out the fire. call the fire department

Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components? Class A Class B Class C Class D

Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components? Soda acid Water-based Carbon dioxide (CO2) Dry powder

Which of the following fire extinguisher types poses a safety risk to users in the area? (Select two.) Halon CO2 Water Foam

Which of the following statements about ESD is not correct? ESD damage is more likely to occur in low humidity Measuring the moisture content in the air can be helpful in avoiding ESD One of the greatest threats to computer equipment is ESD ESD is much more likely to occure when the relative humidity is above 50%

Which is the recommended humidity level for server rooms? 10% or lower 30% 50% 70%

You are adding a new rack to your data center, which will house two new blade servers and a new switch., The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run through the suspended tile ceiling of the data center. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server, The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit. There are problems with this plan. What should you do? User standard (non-plenum) UTP cabling for runs that go through suspended tile ceilings. Use a cross-over cable to connect the two switches together Hire an electrician to install a wall outlet near the new rack Use 4u server for virtualization. Implement the UPS and power supplies externally to the rack

The power supply in a tower server system has malfunctioned. To get the server back on line, you decide to open the server case and open it. You place the server on a static mat. ground the server's case to the mat. and then ground yourself to the mat with a wristband. Next, you remove the power supply unit from the server and open it up. To identify which component has failed. you plug in the power supply to the wall outlet and then use a multi meter to test the various components within it. Which safety rules were violated in this scenario?(select two.) You should unplug a device from the wall outlet before connecting yourself to it with a static wristband You should never open a computer supply. You should never use a static wristband when working on computer systems you should never use a static mat when working on computer systems. A toner probe should be used to test a power supply, not a multi meter

You have just started a new job as a network team leader for a small company. You are responsible for overseeing the work of help Desk technicians, as well as doing your own share of the administrative work. To improve the safety of your organization, you decide to assemble material safety data sheets (MSDS) for all chemicals used in your organization. How should you get them? Ask you manager for them Download them from the chemical manufacturers' websites. Request them from you local workforce safety & insurance office write them yourself after researching the chemicals

Which of the following is an example of an internal threat? A server backdoor allows an attacker on the Internet to gain accesss to the intranet site A delivery man is able to walk into a controlled area and steal a laptop A water pipe in the server room break A user accidentally deletes the new product designs

Which of the following is an example of privilege escalation? Separation of duties Creeping privileges Principle of least privilege Mandatory vacations

What is the greatest threat to the confidentiality of data in most secure organizations? Malware USB devices Hacker intrusion Operator error

When would choosing to do nothing about an identified risk be acceptable? When the threat is likely to occur less than once a year When the asset is an intangible asset instead of tangible asset When the cost of protecting the asset is greater than the potential loss when the threat is most likely to come from an internal source instead of an external source

When analyzing assets, which analysis method assigns financial values to assets? Acceptance Quantitative Qualitative Transfer

Your company has developed and implemented counter measures for the greatest risks to their assets. How ever, there is still some risk left. What is the remaining risk called? residual risk Exposure loss risk

Which of the following is not a valid response to a risk discovered during a risk analysis? Denial Acceptance Assignment Mitigation

If an organization shows sufficient due care, which burden is eliminated in the event of a security breach? Investigation Negligence Liability Asset loss

Purchasing insurance is what type of response to risk? Acceptance Transference Rejection Deployment of a countermeasure

When recovery is being performed due to a disaster, which services are to be stabilized first? Mission critical Outside communications Financial support Least business critical

In business continuity planning, what is the primary focus of the scope? Human life and safety Business processes Recovery time objective Company assets

What is the primary goal of business continuity planning? Protecting an organization from major computer services failure Maintaining business operations with reduced or restricted infrastructure capabilities or resources Minimizing the risk to the organization from delays and interruptions in providing services Minimize decision making during the development process

Which of the following network strategies connects multiples servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service? Mirroring Clustering Adapter bonding Storage Area Networks (SANs)

You manage the website for your company. The web1 server hosts the website. This server has the following configuration: Duel core processor Dual power supplies RAID 5 volume One RAID controller two 1000 Mbps network adapters Which component is a single point of failure for the website? power supply Disk storage Disk controller Network adapter

You manage a website for your company. The website uses three servers configured in a cluster. Incoming requested are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component a single point of failure? web server power supply website storage network adapter

Match each third-party integration phase on the left with the tasks that need to be complete during that phase on the right. Each phase may be used once, more than once, or not at all Communicate vulnerability assessment findings with the other party. Compare your organization's security policies against the partner's policies. Disable VPN configurations that allow partner access to your network. Communicate vulnerability assessment findings with the other party. Disable the domain trust relationship between networks. Identify how privacy will be protected. Draft an ISA. Conduct regular security audits choices Ongoing operations Off-boarding Onboarding

Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all. Specifies exactly which services will be performed by each party Creates an agreement with a vendor to provide services on an ongoing basis Provides a summary of which party is responsible for performing specific tasks Documents how the networks will be connected Defines how disputes will be managed Specifies a preset discounted pricing structure Choices SLA BPO MOU ISA

Your organization is in the process of negotiating an Interoperability Agreement (IA) with another organization. As part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow the users in their domain to access resources in your domain and vice versa. As a security administrator, which tasks should you complete during this phase?(Select two.) Conduct security audit on the partner organization Reset all passwords used by the third party to access data or applications on your network Identify how data ownership will be determined verify compliance with the IA documents Identify how data will be shared

What is the most common failure of a security policy in an environment? Improperly outlined procedures overlooked critical assets lack of user awareness failure to assign responsibilities

Which business document is a contract that defines a set of terms that will govern future agreements between two parties? Master service agreement statement of work memorandum of understanding interconnection security agreement

A user named Bob smith has been assigned a new desktop workstation to complete his day-to-day work. the computer runs Windows 7. When provisioning Bob's user account in your organization's Romain, you assigned an account name of BSmith with an initial password of bw2Fs3D. On first logon, Bob is prompted to change his password, so he change it to Fido, the name of his dog. What should you do to increase the security of Bob's account?(select two) Require users to set a stronger password upon initial logon. Configure user account names that are easy to guess. Upgrading the workstation to windows 8 Do not allow users to change their own passwords. Train user not to use password that are easy to guess

You have installed anti-virus software on computes at your business. Within a few days. however, you notice one computer has a virus, When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. she admits she did not scan the file before running it. What should you add to your security measures to help prevent this from happening again? Account lockout proxy server close unused firewall ports user awareness training

What is the main difference between vulnerability scanning and penetration testing? The goal of vulnerability scanning is to identify potential weaknesses; the goal of penetration testing is to attack a system. Vulnerability scanning is performed with a detailed knowledge of the system; penetration testing starts with no knowledge of the system. Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter. Vulnerability scanning uses approved methods and tools; penetration testing uses hacking tools.

What is the primary purpose of penetration testing? test the effectiveness of security perimeter Infiltrate a competitor's network Evaluate newly deployed firewalls Assess the skill level of new IT security staff

A security administrator logs on to a Windows server on her organization's network. She then runs a vulnerability scan on that server. What type of scan was conducted in this scenario? Ping scan TCP SYN scan Credentialed scan Non-Credentialed scan

A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called? Quarantine Port security Posture assessment Remediation

You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device? Change management Resource allocation Acceptable use SLA

Which component of a Change and Configuration Management policy identifies technical and budgetary considerations associated with a proposed change and also identifies any potential impacts to the network? Authorized downtime Rollback Feasibility analysis Change request

Arrange the steps in the Change and Configuration Management process on the left in the correct order in which they should be completed on the right. Identify the need for a change. Conduct a feasibility analysis. Define the procedure for implementing the change. Notify affected parties of the pending change. Implement the change. Test the implementation. Document the change.

Which of the following is an example of privilege escalation? Separation of duties Creeping privileges Principle of least Privilege Mandatory vacations