Network Pro CH 12.1.8 Practice Exam, CH 12.2.8 Practice Exam, CH 12.3.5 Practice Exam – Flashcards
Unlock all answers in this set
Unlock answersquestion
You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?
answer
Change documentation
question
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
answer
Wiring schematic
question
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
answer
Change Management
question
Which type pf documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?
answer
Wiring Schematic
question
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
answer
Regulation
question
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
answer
Network Diagram
question
Which of the following information are you likely to find in a policy document?
answer
A requirement of using encrypted communications for web transactions.
question
Which of the following information are you likely to find in a procedure document?
answer
Details on how to test and deploy patches
question
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
answer
Wiring Schematics
question
You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?
answer
Configuration documentation
question
A new law was recently passed that states that lll businesses must keep a history of emails sent between members of the board of directors. You need to ensure that you organization complies with this law. Which document type would you update first in response to this new law?
answer
Policy
question
You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?
answer
Baseline
question
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month? Which type of document should you update to reflect the change?
answer
Baseline
question
Which of the following terms describes a test lab environment that does not require the use of physical hardware?
answer
Virtual Sandbox
question
You manage a network with a single switch. All host connect to the network through the switch. You want to increase the security of devices that are part of the accounting dept. You want to make sure that broadcast traffic sent by an accounting computer is only received by the other accounting computers, and you want to implement ACLs to control traffic sent to accounting computers through the network. What should you do?
answer
Use a router to configure a subnet for the accounting computers.
question
You walk by a server room and notice a fire has started. What should you do first?
answer
Make sure everyone has cleared the area.
question
Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components?
answer
Class C
question
Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components?
answer
Carbon Dioxide(CO2)
question
Which of the following fire extinguisher types poses a safety risk to users in the area? (select two)
answer
CO2 Halon
question
Which of the following statements about ESD is NOT correct?
answer
ESD is much more likely to occur when the humidity is above 50%.
question
What is the recommend humidity level for server rooms?
answer
70%
question
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch and a router. You plan to configure a trunk port on each switch and connect them with a straight-through plenum UTP cable that will be run though the suspended tile ceiling of the data center. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit. There are problems with this plan. What should you do?
answer
Hire an electrician to install a wall outlet near the rack.
question
The power supply in a tower server system had malfunctioned. To get the server back on line, you decide to open the server case and open it. You place the server on a static mat, ground the server's case to the mat, and then ground yourself to the mat with a wrist band. Next you remove the power supply unit from the server and open it up. To identify which component has failed you plus in the power supply to the wall outlet and then use a multimeter to test the various components within it. Which safety rules were violated during this scenario? (select two)
answer
You should unplug a device from the wall outlet before connecting yourself to it with a static wristband. You should never open a computer power supply.
question
You have just started a new job as a network team leader for a small company. You are responsible for overseeing the work of Help Desk technicians, as well as doing your own share of the administrative work. To improve the safety of your organization, you decide to assemble Material Safety Data Sheets(MSDS) for all chemicals used in your organization. How should you get them?
answer
Download them from the chemical manufacturer's websites.
question
Which of the following is an example of an Internal Threat?
answer
A user accidentally deleted the new product designs.
question
Which of the following is an example of privilege escalation?
answer
Creeping Privileges
question
What is the greatest threat to the confidentiality of data in most secure organizations?
answer
USB devices
question
When would choosing to do nothing about an identified risk be acceptable?
answer
When the cost of protecting the asset is greater than the potential loss
question
When analyzing assets, which analysis method assigns financial values to assets?
answer
Quantitative
question
Your company has developed and implemented countermeasures for the greatest risk to their assets. However, there is still some risk left. What is the remaining risk called?
answer
Residual risk
question
Which of the following is NOT a valid response to a risk discovered during a risk analysis?
answer
Denial
question
If an organization shows sufficient due car, which burden is eliminated in the event of a security breach?
answer
Negligence
question
Purchasing insurance is what type of response to risk?
answer
Transference
question
When recovery is being performed due to a disaster, which services are to be stabilized first?
answer
Mission Critical
question
In business continuity planning, what is the primary focus of the scope?
answer
Business processes
question
What is the primary goal of business continuity planning?
answer
Maintaining business operations with reduced or restricted infrastructure capabilities or resources.
question
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its task, preventing a disruption in service?
answer
Clustering
question
You manage the website for your company. The Web1 server hosts the website. This server has the following configuration: *Dual core processor *Dual power supplies *RAID 5 volume *One RAID controller *Two 1000 Mbps network adapters Which component is a single point of failure for the website?
answer
Disk controller
question
You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a dingle power supple. Considering the availability of your website, which component represents a single point of failure?
answer
Website storage
question
Match each third party integration phase on the left with the task that need to be completed during that phase on the right. Each phase may be used once, more than once, or not at all.
answer
Communicate vulnerability assessment findings with the other party-Ongoing Operations Disable VPN config that allow partner access to your network-Off Boarding Compare your organization's security policies against the partner's policies-Onboarding Disable the domain trust relationship between networks-Off Boarding Identify how privacy will be protected-Onboarding Draft an ISA-Onboarding Conduct regular security audits-Ongoing Operations
question
Match each Interoperability Agreement document on the left with the appropriate description on the right. Each document may be used once, more than once, or not at all.
answer
Specifies exactly which service will be performed by each party-SLA Creates an agreement with a vendor to provide services on an ongoing basis-BPO Provides a summary of which party is responsible for performing specific task-MOU Documents how the networks will be connected-ISA Defines how disputes will be managed-SLA Specifies a preset discounted pricing structure-BPO
question
Your organization is in the process of negotiating an Interoperability Agreement(IA) with another organization. As part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow users in their domain to access resources in your domain and visa versa. As a security administrator, which task should you complete during this phase?(select two)
answer
Identify how data will be shared. Identify how data ownership will be determined.
question
What is the most common failure of a security policy in an environment?
answer
Lack of user awareness
question
Which business document is a contract that defines a set of terms that will govern future agreements between two parties?
answer
Master Service Agreement
question
A user named Bob Smith has been assigned a new desktop workstation to complete his day-to-day work. The computer runs Windows 7. When provisioning Bob's user account in your organization domain, you assign an account name of BSmith with an initial password of bw2Fs3d. On first logon, Bob is prompted to change his password, so he changes it to Fido, the name of his dog. What should you do to increase the security of Bob's account?(select two)
answer
Train users not to use passwords that are easy to guess. Require users to set a stronger password upon initial logon.
question
You have installed anti-virus software at your business. Within a few days, however, you notice that one computer has a virus. When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits she did not scan the file before running it. What should you add to your security measure to help prevent this from happening again?
answer
User awareness training
question
What is the main difference between vulnerability scanning and penetration testing?
answer
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
question
What is the primary purpose of penetration testing?
answer
Test the effectiveness of your security perimeter
question
A security administrator logs on to a Windows server on her organization's network. She then runs a vulnerability scan on that server. What type of scan was conducted in the scenario?
answer
Credential scan
question
A network utilizes a Network Access Control(NAC) solution against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?
answer
Posture assessment
question
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
answer
Change management
question
Which component of a change and configuration Management policy identifies technical and budgetary considerations associated with a purposed change and also identifies any potential impacts to the network?
answer
Feasibility analysis
question
Arrange the steps int eh change and Configuration management process on the left in the correct order in which they should be completed on the right.
answer
Step1-Identify the need for a change Step2-Conduct a feasibility analysis Step3-Define the procedure for implementing the change Step4-Notify affected parties of the pending change Step5-Implement the change Step6-Test the implementation Step7-Document the change
question
Which of the following is an example of privilege escalation?
answer
Creeping privileges
