Combo with Monitoring and 8 others – Flashcards
Unlock all answers in this set
Unlock answersquestion
You are concerned about attacks directed against your firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use?
answer
Packet sniffer.
question
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
answer
Application log.
question
You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?
answer
Event log.
question
You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch?
answer
Mirroring.
question
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
answer
Protocol analyzer.
question
You decide to use a packet sniffer to identify the type of traffic sent to the router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you only see frames addressed to the four workstations but not to the router. Which feature should you configure?
answer
Mirroring.
question
You have a Web site that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use?
answer
Load tester.
question
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?
answer
Run the packet sniffer application on Host B.
question
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?
answer
Throughput tester.
question
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure?
answer
Promiscuous mode.
question
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
answer
Packet sniffer.
question
You are troubleshooting the connection of a computer in an office to punchdown block in the distribution closet. Which document would you consult to identify the termination of the cable on the punchdown block based on the wall jack location in the office?
answer
Wiring schematic.
question
Which of the following information are you likely to find in a policy document?
answer
A requirement for using encrypted communication for Web transactions.
question
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
answer
Network diagram.
question
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
answer
Regulation.
question
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
answer
Wiring schematic.
question
Which of the following information are you likely to find in a procedure document?
answer
Details on how to test and deploy patches.
question
You are troubleshooting a workstation to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?
answer
Change documentation.
question
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?
answer
Baseline.
question
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
answer
Wiring schematic.
question
Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?
answer
Wiring schematic.
question
You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?
answer
Baseline.
question
A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with the law. Which document type would you update first in response to this new law?
answer
Policy.
question
You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?
answer
Configuration documentation.
question
Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze the data from a central network host. What protocol will the software use to detect the problem?
answer
SNMP.
question
Which protocol uses traps to send notifications from network devices?
answer
SNMP.
question
Which of the following protocols or services would you associate with Windows Remote Desktop Services network traffic?
answer
RDP.
question
You are an administrator for a large company. You are setting up a computer at a worker's house so he can telecommute while he recovers from surgery. You want to connect to the UNIX server at the office to update his account information Which utility should you use to accomplish this task?
answer
Telnet.
question
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem. Which of the following protocols would you use for remote management?q
answer
VNC. ICA.
question
Which of the following features dynamically places switch ports in blocking or forwarding states
answer
Spanning Tree.
question
Angela is the network administrator for a rapidly growing company with a 100BaseT network. Users have recently complained about slow file transfers. In a check of network traffic, Angela discovers a high number of collisions. Which connectivity device would best reduce the number of collisions and provide future growth?
answer
Switch.
question
QoS provides which of the following on a network?
answer
Reduces latency of time-sensative traffic.
question
Which of the following devices accept incoming client requests and distributes those requests to specific servers?
answer
Load balancer.
question
You manage a small network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternative path is available. Which feature should you switch support?
answer
Spanning tree.
question
Which of the following solutions are most likely implemented with VoIP to ensure timely deliver of voice data?
answer
QoS. Traffic shaper.
question
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that the Web site will continue to be available even in a NIC, hard drive, or other problem prevents the server from responding. Which solution should you implement?
answer
Load balancing.
question
What is the purpose of using Ethernet bonding?
answer
Provides a fail over solution for network adapters. Increases network performance.
question
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that a failure of the NIC in the server does not prevent the Web site from being accessible on the Internet. Which solution should you implement?
answer
Ethernet bonding.
question
You have a Web site that uses multiple servers for different types of transactions. For example, one server is responsible for static Web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your Web content. The device should be able to distribute requests between various Web servers using specialized hardware and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create the SSL sessions. Which type of device should you choose?
answer
Content switch.
question
You want to reduce collisions by creating separate collision domains and virtual LANs Which of the following devices should you choose?
answer
Switch.
question
Which of the following devices does NOT segment the network?
answer
Hub
question
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that the static Web content can be offloaded to a different server, while the Web server continues to process dynamic content. Which solution should you implement?
answer
Proxy Server.
question
You manage a server that runs your company Web site. The Web site includes streaming video that shows features of some of your products. The link connecting your server to the Internet charges based on bandwidth use. When the bandwidth spikes, so does your bill. You would like to implement a solution to prevent the amount of traffic sent over the WAN link from exceeding a specific level. Which solution should you implement?
answer
Traffic shaper.
question
You have a network server with two network interface cards. You want both network adapters to be used at the same time to connect the same network to double the amount of data the server can send. Which feature would you use?
answer
Ethernet bonding.
question
Your network conducts training sessions for high-profile clients. As part of the training, clients connect to get a video feed of the instructor and other class activities. You want to make sure that the video traffic related to the training is not delayed on the network. Which solution should you implement?
answer
QoS.
question
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?
answer
Spanning tree.
question
A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?
answer
Send it out all ports except for the port it was received on.
question
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that the second server can respond to requests for Web site content. Which solution should you implement?
answer
Load balancing.
question
Which of the following allows you to save frequently accessed Web sites on your local network for later retrieval?
answer
Proxy.
question
Which of the following devices is capable of performing routing of IP packets at wire speeds using an ASIC module instead of the CPU or software?
answer
Layer 3 switch
question
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
answer
Port scanner.
question
Which of the following devices is capable of detecting and responding to security threats?
answer
IPS.
question
Which of the following functions can a port scanner provide?
answer
Determine which ports are open on a firewall. Discover unadvertised servers.
question
Which of the following devices can monitor a network and detect potential security attacks?
answer
IDS.
question
You are concerned about protecting your network from network-based attacks from the Internet. Specifically, you are concerned about "zero day" attacks (attacks that have not yet been identified or that do not have prescribed protections). Which type of device should you use?
answer
Anomaly based IDS>
question
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?
answer
Signature based.
question
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack Which tool should you use?
answer
IPS.
question
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
answer
Host based IDS.
question
What is the most common form of based IDS that employs signature or pattern matching detection methods?
answer
Anti-virus software.
question
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?
answer
IDS.
question
What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?
answer
IDS.
question
What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack?
answer
An alert is generated and delivered via Email, the console, or an SNMP trap. The IDS logs all pertinent data about the intrusion.
question
Which of the following are improvements to SNMP that are included within SNMP version 3?
answer
Authentication for agents and managers. Encryption of SNMP messages.
question
Which protocol does HTTPS use to offer greater security for Web transactions?
answer
SSL.
question
Talnet is inherently insecure because its communication is in plain text and is easily interpreted. Which of the following is an acceptable alternative to Talnet?
answer
SSH.
question
Which of the protocols is used for securely browsing a Web site?
answer
HTTPS
question
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
answer
Implement version 3 of SNMP.
question
Which of the following protocols can be used to securely manage a network device from a remote connection?
answer
SSH.
question
Which of the following protocols are often added to other protocols to provide secure transmission of data?
answer
TLS. SSL.
question
Which of the following connectivity hardware is used to create a VLAN?
answer
Switch.
question
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
answer
VLAN
question
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
answer
Port authentication.
question
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to a switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?
answer
VLANs.
question
Which type of device is required to implement port authentication throughout a switch?
answer
RADIUS server.
question
Which of the following best describes the concept of virtual LAN?
answer
Devices on the same network logically grouped as if they were on separate networks.
question
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?
answer
Trunking.
question
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches?
answer
Trunking.
question
Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
answer
VLAN.
question
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?q
answer
Routing.
question
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
answer
Switch port.
question
Which switch features are typically used with VoIP
answer
VLAN. PoE.
question
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
answer
Trunk ports.
question
Which of the following do switches and wireless access points use to control access through the device?
answer
MAC filtering.
question
Which of the following authentication protocols uses a three-way handshake to authenticate users to the network?
answer
CHAP. MS-CHAP.
question
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
answer
Ticket.
question
Which of the following authentication methods uses tickets to provide single sign-on?
answer
Kerberos.
question
You want to increase the security of your network by allowing authenticated users to be able to access network devices through a switch. Which of the following should you implement?
answer
802.1x
question
Which of the following is a feature of MS CHAP v2 that is not included in CHAP?
answer
Mutual authentication.
question
Which of the following is a mechanism for granting and validating certificates?
answer
PKI
question
Which of the following are used when implementing Kerberos for authentication and authorization?
answer
Ticket granting server. Time server.
question
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?
answer
EAP.
question
You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?
answer
EAP.
question
Which of the following applications typically uses 802.1x authentication?
answer
Controlling access through a wireless access point. Controlling access through a switch.
question
You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
answer
Obtain a certificate from a public PKI.
