Networking II – CNT3504 – Flashcards
Unlock all answers in this set
Unlock answersquestion
The media access control method of all Ethernet networks is __________
answer
CSMA/CD Carrier sense multiple access with collision detection (CSMA/CD) is the media access control method of all Ethernet networks.
question
A network is connected following the IEEE 802.3 specifications. Which of the following best describes when a device can transmit messages?
answer
The device listens to determine if the transmission media is free.
question
Which of the following use the CSMA/CD access method? Select all that apply. • 1000BaseT • Token Ring • FDDI • 10BaseT
answer
- 1000BaseT - 10BaseT CSMA/CD stands for Carrier Sense Multiple Access / Collision Detection. It defines the steps network devices take when two devices attempt to use a data channel simultaneously. Ethernet networks use CSMA/CD, including 10BaseT, 10Base2 and 1000BaseT.
question
Which of the following physical topologies are used with Ethernet networks? (Select two.) • Ring • Bus • Mesh • Star
answer
- Bus - Star Ethernet networks use either a physical bus or physical star topology. Hubs can also be cascaded to form a tree topology.
question
Ethernet 100BaseFX networks use what type of cabling? • Shielded twisted pair • Fiber optic • Unshielded twisted pair • Coaxial
answer
Fiber optic
question
Which of the following Ethernet standards uses fiber optic cabling? (Select two.) • 1000BaseCX • 100BaseT4 • 100BaseFX • 100BaseTX • 1000BaseLX
answer
- 100BaseFX - 1000BaseLX
question
Your network follows the 100BaseTx specifications for Fast Ethernet. What is the maximum cable segment length allowed?
answer
- 100 meters Tip: All Ethernet networks that use twisted pair cable (Ethernet, Fast Ethernet, Gigabit Ethernet) have a distance limitation of 100 meters
question
With an Ethernet 10BaseT network, the maximum cable length between a computer and the hub is:
answer
- 100 meters Tip: All Ethernet networks that use twisted pair cable (Ethernet, Fast Ethernet, Gigabit Ethernet) have a distance limitation of 100 meters
question
You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings; some of which are around 300 m apart. Multimode fiber-optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling. Which Ethernet standard meets these guidelines? (Choose two.) • 10GBaseER • 1000BaseCX • 1000BaseT • 1000BaseSX • 10GBaseSR • 10BaseFL
answer
1000BaseSX 10GBaseSR
question
What type of cabling is used with 100BaseTX Fast Ethernet networks?
answer
Type 1A STP or Category 5 UTP
question
What topology is used with 100BaseTX Fast Ethernet networks? (Select two.)
answer
Physical star/logical bus Physical star/logical star
question
Which of the following are requirements of the 1000BaseT Ethernet standards? (Select three.)
answer
CAT 5 cabling RJ-45 connectors The cable length must be less than or equal to 100m
question
You are planning a network for an educational campus. Due to the size of the buildings and the distance between them, you have elected to use 10BaseFL hubs, cabling, and network interface cards. What is the maximum length for the network cable between a workstation and a hub?
answer
2000 meters
question
Which Gigabit Ethernet standard uses multimode fiber-optic cabling and supports network segments up to a maximum of 550 meters long? • 1000BaseZX • 1000BaseT • 1000BaseCX • 1000BaseSX
answer
1000BaseSX
question
You have been tasked with designing a high-speed Ethernet network. Your client's building already has 150-ohm shielded twisted pair (STP) wiring installed. Due to budget constraints, they have asked you to reuse the existing wiring instead of installing new fiber-optic cabling. Which Ethernet standard could you implement in this situation? • 1000BaseZX • 1000BaseCX • 1000BaseT • 1000BaseLX • 1000BaseSX • 10BaseFL
answer
1000BaseCX The 1000BaseCX standard specifies 150-ohm STP cabling. The maximum cable length is 25 meters. The 10BaseFL, 1000BaseSX, 1000BaseLX, and 1000BaseZX standards employ fiber-optic cabling. 1000BaseT uses Category 5 UTP instead of STP cabling.
question
You would like to implement 10 Gbps Ethernet over a distance of 1 kilometer or greater. Which of the following would be the minimum requirement for the implementation? (Select two.) • 10GBaseLR standards • 10GBaseER standards • Multimode fiber • Single mode fiber • 10GBaseSR standards
answer
10GBaseLR standards Single mode fiber
question
Which of the following standards is used by SONET? • 10GBaseER • 10GBaseLW • 1000BaseLX • 1000BaseCX • 1000BaseSX
answer
10GBaseLW 10GBase standards ending in W are used for SONET implementations. These include 10GBaseSW (short), 10GBaseLW (long), and 10GBaseEW (extended). 10GBaseER is for extended fiber optic but not used with SONET. 1000Base standards are not used for SONET. 1000BaseCX is a copper cable specification.
question
You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose? (Select two.) • 1000BaseCX • Single mode fiber • Mutimode fiber • 1000BaseSX • 1000BaseLX
answer
Single mode fiber 1000BaseLX Of the standards listed in this question, 1000BaseLX provides the greatest cable length (think of the "L" in 1000BaseLX as "long"). When using long distances for fiber optic, use single mode fiber. Multimode fiber is cheaper but has a shorter maximum distance than single mode fiber.
question
You need to transfer data from one laptop to another and would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use? • Loopback • Straight-through • Rollover • Crossover
answer
Crossover Use a crossover cable to connect two devices together in a back-to-back configuration. Use a straight-through cable to connect a workstation to a hub or switch port. Use a rollover cable to connect a workstation to the console port of a router or a switch. Use a loopback plug to allow a device to communicate with itself through its own network adapter.
question
You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use? • Straight-through • Crossover • Loopback • Rollover
answer
Crossover Use a crossover cable to connect a workstation or a router to the uplink port on a switch. Use a straight-through cable to connect the router to a regular switch port. Use a rollover cable to connect a workstation to the console port of a router. Use a loopback plug to allow a device to communicate with itself through its own network adapter.
question
You have two switches that you need to connect using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use? • Crossover • Rollover • Loopback • Straight-through
answer
Crossover Use a crossover cable to connect two switches through their uplink ports, or to connect the two switches through regular ports. Use a straight-through cable to connect the uplink port on one switch to a regular port on another switch. Use a rollover cable to connect a workstation to the console port of the switch. Use a loopback plug connected to a single port for troubleshooting.
question
You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not support auto-MDI. Which type of cable should you use? • Crossover • Straight-through • Loopback • Rollover
answer
Straight-through Use a straight-through cable to connect a workstation or router to a regular switch port. Use a crossover cable to connect the workstation to the uplink port. Use a rollover cable to connect the workstation to the console port of the switch. Use a loopback plug to allow a workstation to communicate with itself through its own network adapter.
question
You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration tasks. Which type of cable would you most likely use? • Straight-through • Crossover • RG-6 • Rollover
answer
Rollover Use a rollover cable to connect a workstation to the console port of a router or a switch. The rollover cable has an RJ-45 connector on one end to connect to the console port, and a serial connector on the other end to connect to the serial port of the workstation. You then run a terminal emulation program on the workstation to connect to the console of the router or switch to perform configuration and management tasks.
question
Which of the following connectors is typically used on one end of a rollover cable? • F-type • SC • ST • Serial • BNC • LC
answer
Serial A rollover cable has a serial connector on one end and an RJ-45 connector on the other end. Alternatively, it might have an RJ-45 connector on both ends, and a serial converter is used to convert from the RJ-45 connector to a serial connector.
question
Which of the following standards is typically used in a rollover cable? • RS-232 • RJ-11 • RG-58 • RG-6
answer
RS-232 A rollover cable has a serial connector on one end and an RJ-45 connector on the other end. RS-232 is the standard for serial communications.
question
Use the exhibit to match the connector type on the left with the corresponding letter on the right.
answer
A: DB-25 B: DB-9 C: RJ45 D: RJ11 E: LC F: BNC G: F-Type
question
You want to create a rollover cable that has an RJ-45 connector on both ends. How should you connect the wires within the connectors?
answer
Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5. When terminated with an RJ-45 connector on both ends, the wires within the connectors are rolled over to the opposite connector as follows: • Pin 1 is connected to pin 8 • Pin 2 is connected to pin 7 • Pin 3 is connected to pin 6 • Pin 4 is connected to pin 5 A crossover cable uses the T568A standard on one end and the T568B standard on the other end. The crossover cable connects pin 1 with pin 3 and pin 2 to pin 6. Connecting each pin to the same pin on the other end creates a straight-through cable.
question
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the Internet. The ISP's cable modem has only one RJ45 port. You need to set up the network with the following in mind: • Spend as little money as possible. • Do not purchase unnecessary equipment. • Computers need to have a gigabit connection to the network. • New devices should not require management or configuration. You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs. What should you purchase?
answer
An unmanaged switch and CAT5e cabling. Switches offer guaranteed bandwidth to each switch port and full-duplex communication. Unmanaged switches are autonomous in their function, requiring no port management or configuration. CAT5e cabling supports transfer speeds up to 1000 Gbps.
question
You manage the two-location network shown in the exhibit. Workstations and servers at each location connect to a patch panel using behind-the-wall wiring. The patch panel then connects network hosts to one of three 1000BASE-T switches. Routers are implemented at each location to connect the two networks together using a private WAN. The switch ports have auto-MDIX disabled. Drag the cable type on the left to the most appropriate network location on the right. Each cable type can be used more than once. Drag • Cat 3 straight-through UTP • Cat 3 crossover UTP • Cat 6 straight-through UTP • Cat 6 crossover UTP • Multimode fiber optic • Single-mode fiber optic Drop A. Drop cables B. Patch cables C. Uplink cables D. WAN cable
answer
A. Drop cables: Cat 6 straight-through UTP B. Patch cables: Cat 6 straight-through UTP C. Uplink cables: Cat 6 crossover UTP D. WAN cable: Single-mode fiber optic
question
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix?
answer
Test the hotfix, then apply it to all servers. In this scenario, you should test the hotfix, and following a successful test, apply the hotfix to all other servers. Applying it only to the server that was compromised will not protect other servers with the same vulnerability. A common testing strategy is to: 1. Apply and test patches in a lab environment. 2. Deploy patches to a set of systems, such as a single department. 3. Deploy patches system-wide.
question
Which of the following is the best recommendation for applying hotfixes to your servers?
answer
Apply only the hotfixes that apply to software running on your systems Be sure to test patches before applying patches within your organization. A common strategy is to: 1. Apply and test patches in a lab environment. 2. Deploy patches to a set of systems, such as a single department. 3. Deploy patches system-wide. You do not necessarily need to install every hotfix, patch, or service pack that is released. For example, if a hotfix applies to a service that you have disabled on your servers, applying that hotfix is not required. Service packs typically include all hotfixes and patches that have been released up to that point in time.
question
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a short-term, periodic basis (typically monthly)? • Kernel fix kit • Targeted software patch • Hotfix • Service pack
answer
Hotfix A hotfix is an operating system patch that corrects a specific known problem. Microsoft typically releases hotfixes monthly. Service packs include a collection of hotfixes and other system updates. Service packs are not released as often, but contain all hotfixes released to that time.
question
You provide IT support under contract for a dentist's office. The office has a limited number of wireless clients, so a simple wireless router is used to provide WiFi access. On your latest visit, you check the manufacturer's website and discover that an update has been released by the wireless router manufacturer. You decide to download and install the update. Click the option you should use in the wireless router's configuration interface to prepare the device for the update.
answer
Backup Configurations Prior to applying the update, you should back up the wireless router's existing configuration. That way, you can restore the device to a working state in the event the update causes more problems than it solves.
question
Why should backup media be stored offsite? • To reduce the possibility of theft • To prevent the same disaster from affecting both the network and the backup media • It improves the efficiency of the restoration process • It is a government regulation
answer
To prevent the same disaster from affecting both the network and the backup media
question
Even if you perform regular backups, what must be done to ensure that you are protected against data loss? • Write-protect all backup media • Restrict restoration privileges to system administrators • Store the backup media in an onsite fireproof vault • Regularly test restoration procedures
answer
Regularly test restoration procedures
question
Which of the following is true for a system image backup? • Is saved as a .vhd file. • Does not include user profile settings. • Is the only type of backup supported by the backup and restore console. • Can be saved to a Bitlocker-enabled volume.
answer
Is saved as a .vhd file. A system image backup consists of an entire volume backed up to a .vhd file. It contains everything on the system, including the operating system, installed programs, drivers, and user data files.
question
Which media types can backup files be saved to? (Select two.) • Network Attached Storage (NAS) • External hard drives • Tape drives • The system disk
answer
Network Attached Storage (NAS) External hard drives Backups can be saved to: • Secondary internal hard drives • External hard drives • Optical drives • USB flash drives • Network shares • .vhd files • Network Attached Storage (NAS) or Storage Area Network (SAN). Backup files cannot be saved to: • The same disk being backed up • A system disk • A Bitlocker-enabled volume • A tape drive
question
You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)
answer
Use an SSH client to access the router configuration. Change the default administrative username and password. In this scenario, two key security issues need to be addressed: • You should use an SSH client to access the router configuration. Telnet transfers data in clear text over the network connection, exposing sensitive data to sniffing. • You should change the default administrative username and password. Default usernames and passwords are readily available from websites on the Internet.
question
Which of the following protocols or services would you associate with Window's Remote Desktop Services network traffic? • WPA • WTSP • RDP • NNTP
answer
RDP The Remote Desktop Protocol (RDP) is used by Window's Remote Desktop Services based applications, including Remote Desktop Connection.
question
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem. Which of the following protocols would you use for remote management? (Select two.) • PPPoE • PPTP • L2TP • PPP • ICA • VNC
answer
ICA VNC There are multiple protocols that can be used for remote desktop connections. • Virtual Network Computing (VNC) was originally developed for UNIX. Applications using VNC include RealVNC, TightVNC, UltraVNC, and Vine Server. • Independent Computing Architecture (ICA) is the protocol used by Citrix products (WinFrame and MetaFrame/XenApp). • The Remote Desktop Protocol (RDP) is the protocol developed by Microsoft and used in Microsoft's Terminal Services, Remote Desktop, and Remote Assistance solutions. Aqua Connect has licensed RDP and created a version for Mac OS X as a server. PPP and PPPoE are protocols that are used to control remote access. Both provide for authentication, authorization, and accounting of remote access connections. PPTP and L2TP are VPN protocols that provide a secure connection through the Internet to a destination host or network.
question
You are an application developer and are writing a program to exchange video files through a TCP/IP network. You need to select a transport protocol that will guarantee delivery. Which TCP/IP protocol would you implement that provides this capability? • UDP • TCP • RIP • TFTP • IP • FTP
answer
TCP Write the application to use the Transmission Control Protocol (TCP). TCP guarantees delivery through error checking and acknowledgments.
question
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use? • Telnet • FTP • SSH • RDP • TFTP
answer
RDP To access the desktop of a remote computer or server, use a remote desktop protocol. RDP is Microsoft's remote desktop protocol, but other protocols include VNC and ICA.
question
Match each bring your own device (BYOD) security concern on the right with a possible remedy on the left. Each remedy may be used once, more than once, or not at all.
answer
Users take pictures of proprietary processes and procedures. => Specify where and when mobile devices can be possessed in your acceptable use policy. Devices with a data plan can e-mail stolen data. => Specify where and when mobile devices can be possessed in your acceptable use policy. Devices have no PIN or password configured. => Enroll devices in a mobile device management system. Anti-malware software is not installed. => Implement a network access control (NAC) solution. A device containing sensitive data may be lost. => Enroll devices in a mobile device management system.
question
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
answer
Enroll the devices in a mobile device management system. Configure and apply security policy settings in a mobile device management system.
question
Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is a part of a complete solution.)
answer
Configure and apply security policy settings in a mobile device management system. Enroll the devices in a mobile device management system.
question
Your organization's security policy specifies that any mobile device (regardless of ownership) that connects to your internal network must have remote wipe enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Your organization recently purchased several Windows RT tablets. Which should you do?
answer
Sign up for a Microsoft Intune account to manage the tablets.
question
Most mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate. Drag • Wi-Fi triangulation • Cell phone tower triangulation • IP address resolution • GPS Drop • Most accurate • More accurate • Less accurate • Least accurate
answer
- Most accurate => GPS - More accurate => Wi-Fi triangulation - Less accurate => Cell phone tower triangulation - Least accurate => IP address resolution
question
Your organization has recently purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (Select two. Each response is a separate solution.)
answer
Implement storage segmentation. Enable device encryption. When deploying new mobile devices, there are many things you should do to increase their overall security, including the following: • Segment personal data from organizational data on mobile devices. This storage strategy allows encryption to be applied only to sensitive organizational data on the device. It also allows only organizational data to be removed during a remote wipe, preserving personal data. • Enable device encryption. Data encryption ensures data confidentiality on the device.
question
Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity? • TPM • GPS • Screen lock • Remote wipe
answer
Screen lock
question
Which of the following are not reasons to remote wipe a mobile device?
answer
When the device is inactive for a period of time.
question
A smart phone was lost at the airport. There is no way to recover the device. Which if the following will ensure data confidentiality on the device? • GPS • Screen lock • TPM • Remote wipe
answer
Remote wipe
question
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloud-based Microsoft Intune account. One of your sales representatives left her tablet at an airport. The device contains sensitive information and you need to remove it in case the device is compromised. Which Intune portal should you use to perform a remote wipe? • Security Portal • Admin Portal • Company Portal • Account Portal
answer
Admin Portal The Admin Portal in Windows Intune is used to manage enrolled devices, including sending remote wipe commands. The Account Portal in Windows Intune is used to manage subscriptions, users, groups, and domains. End users can also use the Account Portal to manage their passwords. The Company Portal in Windows Intune is used by end users to manage their own account and enroll devices. Windows Intune does not provide a Security Portal.
question
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users' mobile devices. What should you do? (Select two. Each response is a part of the complete solution.)
answer
Enroll the devices with the Intune service. Create a user account for each user who has a managed mobile device.
question
You are considering using WiFi triangulation to track the location of wireless devices within your organization. However, you have read on the Internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system? • Signal strength • Wireless encryption in use • WAP placement • Wireless standard in use
answer
Signal strength
question
The outside sales reps from your company use notebook computers, tablets, and phones to connect to the internal company network. While traveling, they connect their devices to the Internet using airport and hotel networks. You are concerned that these devices will pick up viruses that could spread to your private network. You would like to implement a solution that prevents devices from connecting to your network unless antivirus software and the latest operating system patches have been installed. When a host tries to connect to the network, the host should be scanned to verify its health. If the host is not healthy, then it should be placed on a quarantine network where it can be remediated. Once healthy, the host can then connect to the production network. Which solution should you use?
answer
NAC Network Access Control (NAC) prevents devices from accessing network resources unless they meet certain predefined security requirements. Conditions that can be part of the connection requirements include requiring that computers have: • Antivirus software with up-to-date definition files. • An active personal firewall. • Specific operating system critical updates and patches.
question
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do?
answer
Implement a guest network. A guest network that is isolated from the hotel's network would be the best choice in this scenario. The guest network could be configured to require wireless network users to abide by certain conditions before they are allowed access to the wireless network using a captive portal. For example, it could require them to: • Agree to an acceptable use policy. • Provide a PIN or password. • Pay for access to the wireless network. • View information or advertisements about the organization providing the wireless network (such as an airport or hotel). When a wireless device initially connects to the wireless network, all traffic to or from that device is blocked until the user opens a browser and accesses the captive portal Web page. After providing the appropriate code, traffic is unblocked and the host can access the guest network.
question
Which of the following enterprise wireless configuration strategies best keeps public wireless access separate from private wireless access?
answer
Configure a guest access WLAN that uses open authentication and that isolates guest WLAN traffic from other clients on the same access point.
question
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems? • Add a separate A/C unit in the server room • Add a de-humidifier to the server room • Add a humidifier to the server room • Add line conditioners in the server room
answer
Add a separate A/C unit in the server room Keep temperature between 70 and 74 degrees to prevent components from overheating. In many cases, the server room will be the hottest location in your building because of the heat generated by the computer components. In most cases, you will need a separate A/C unit installed to the server room so that you can maintain the temperature in the server room without adversely affecting the rest of the building. Keep humidity between 40 and 60 percent to prevent electrostatic discharge (ESD).
question
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement?
answer
Positive pressure system Positive pressure systems protect the air quality in the facility by causing air to be forced out through doors, windows, and other openings. Negative pressure systems draw air in, potentially bringing in airborne particles such as dust, smoke from a fire, or contamination from a chemical leak. Positive pressure systems are more energy effective.
question
You are adding a new rack to your data center, which will house five new blade servers. The new servers will be installed in a cluster that will host a customer tracking database. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to connect each new server to the switch in the existing rack using straight-through UTP cables that will be run along the floor around the perimeter of the data center. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
answer
No, you should run the cable around the perimeter of the room in a cable tray.
question
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
answer
No, you should consider relocating the new rack next to the existing rack.
question
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for file storage and for a database server. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over UTP plenum cable that will be run through the suspended tile ceiling of the data center. To provide power for the new devices, you had an electrician install several new 20-amp wall outlets near the new rack. Each device in the rack will be plugged directly into one of these new wall outlets. What is wrong with this configuration? (Select two.)
answer
You should implement redundant power supplies for the network devices. You should implement a UPS between the wall outlet and the network devices. In this scenario, all devices in the new rack will go down if the power from the wall outlet fails for some reason (such as a power outage). To prevent this from happening, a UPS should be implemented between the wall outlets and the network devices. In addition, the power supplies used by computing equipment have finite life spans and fail frequently. Because these are mission-critical devices, you should consider implementing redundant power supplies.
question
You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. The solar panel array captures sunlight, converts it into direct current (DC), and stores it in large batteries. However, the power supplies in the servers, switches, and routers in your data center require alternating current (AC) to operate. Which electrical device should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center? • Transformer • Inverter • Capacitor • Transistor
answer
Inverter A power inverter changes direct current (DC) to alternating current (AC). In this scenario, a power inverter can be used to convert the DC power stored in the batteries to AC power that your servers, switches, and routers can use in an emergency.
question
Which electrical device is used to convert the voltage of the alternating current (AC) from the utility company's transmission lines to 110 volts that can be used by devices in a data center? • Capacitor • Inverter • Transformer • Transistor
answer
Transformer A transformer is typically used to increase or decrease the voltage of AC power. For example, your electrical utility's transmission lines carry very high voltage electricity. To use this electricity within a home or business, a transformer is first used to step the voltage down to 110 volts.
question
You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configuration? (Select two.)
answer
The rear of your servers should face the hot aisle. The front of your servers should face the cold aisle. The use of hot and cold aisles within the server room is an effective method for reducing the temperature. The front of your servers should face the cold aisle. This allows them to draw in cooler air to reduce the temperature of system components. The rear of your servers should face the hot aisle. This ensures the hot air is directed away from other server systems. The hot aisle should face the air conditioner's return duct. This allows the heated air to be cooled by the AC system. The cold aisle should face the air conditioner's output ducts. This ensures cool air is drawn into servers to cool their components.
question
Which of the following equipment will also fit in this rack along with the above equipment? • 2U UPS • 4U firewall • 4U UPS • 3U server
answer
2U UPS The height of a rack is measured in rack units (U's). A rack unit (1U) is 1.75 inches tall and represents one slot in the rack. When purchasing rack-mounted network devices, you'll notice that their height is specified in rack units. For example, a 2U server is 3.5" tall and fills 2 slots in a server rack. In this scenario, the 16U rack already has 14U of equipment installed. Therefore, only a device 2U (or less) in height can be installed.
question
Consider the network diagram shown below. Click on the item in the diagram that does not follow a standardized labeling scheme.
answer
By reviewing this diagram, you can see that the following labeling convention is used: • Workstations = WSxx • Notebooks = NBxx • Servers = FSxx • Switches = SWxx • Routers = RTRxx The workstation labeled PC2 does not conform to this labeling standard.
question
Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environment monitoring device within the rack. Currently, the device shows the temperature within the rack to be 70 degrees Fahrenheit (21 degrees Celsius). What should you do?
answer
Nothing, the temperature within the rack is within acceptable limits. The ideal temperature for computing equipment is around 68 degrees Fahrenheit (20 degrees Celsius). Therefore, a reading of 70 degrees Fahrenheit (21 degrees Celsius) within a server rack is not an issue of concern.
question
You have been hired by a startup company to install a new data center. The company is small, so they have elected to use an unused employee break room as the data center. You are concerned about the physical security of the servers that will be installed in the data center. What should you do? (Select two.)
answer
Install racks with locking doors. Install a biometric lock on the data center door.
question
Which of the following is the least effective power loss protection for computer systems? • Surge protector • Backup power generator • Uninterruptible power supply • Secondary power source
answer
Surge protector
question
Besides protecting a computer from under voltages, a typical UPS also performs which two actions: • Prevents ESD • Conditions the power signal • Prevents electric shock • Protects from over voltages
answer
Conditions the power signal Protects from over voltages
question
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
answer
Connect one server through a different ISP to the Internet. In this scenario, the ISP is the single point of failure. If the ISP connection goes down, then the website is unavailable. Connecting one server to a different ISP, or both servers to two ISPs, will provide redundancy for the connection.
question
An access point that conforms to the IEEE 802.11b standard acts most closely to what other networking device? • Gateway • Patch bay • Hub • Router • Terminal
answer
Hub
question
All of the 802.11 standards for wireless networking support which type of communication path sharing technology? • Polling • Token passing • CSMA/CD • CSMA/CA
answer
CSMA/CA 802.11x standards for wireless networking all support the CSMA/CA (carrier sense multiple access with collision avoidance) type of communication path sharing technology. This CSMA/CA allows for multiple baseband clients to share the same communication medium. CSMA/CA works as follows: 1. The system asks for permission to transmit. 2. A designated authority (such as a hub, router, or access point), grants access when the communication medium is free. 3. The system transmits data and waits for an ACK (acknowledgment). 4. If no ACK is received, the data is retransmitted.
question
Match the wireless signaling method on the left with its definition on the right. (Not all of the signaling methods match a definition.)
answer
Frequency Hopping Spread Spectrum (FHSS): Uses a narrow frequency band and hops data signals in a predictable sequence Direct-Sequence Spread Spectrum (DSSS): Breaks data into pieces and sends the pieces across multiple frequencies in a defined range. Orthogonal Frequency-Division Multiplexing (OFDM): Breaks data into very small data streams in order to send the information across long distances.
question
Which of the following is true of a wireless network SSID? • Is a 48-bit value that identifies an AP. • Allows devices to find a specific AP within an ESS. • Groups wireless devices together into the same logical network. • Used by STAs when roaming between APs.
answer
Groups wireless devices together into the same logical network. The SSID, also called the network name, groups wireless devices together into the same logical network. • All devices on the same network (within the BSS and ESS) must have the same SSID. • The SSID is a 32-bit value that is inserted into each frame. The SSID is case sensitive. • The SSID is sometimes called the ESSID (Extended Service Set ID) or the BSSID (Basic Service Set ID). In practice, each term means the same thing; however, they are technically different.
question
Which wireless networking component is used to connect multiple APs together? • IBSS • STA • DS • BSS
answer
DS The Distribution System (DS) is the backbone or LAN that connects multiple APs (and BSSs) together. The DS allows wireless clients to communicate with the wired network and with wireless clients in other cells.
question
Which IEEE standard describes wireless communication? • 802.3 • 802.5 • 802.11b • 802.2 • 802.7b
answer
802.11b
question
Which data transmission rate is defined by the IEEE 802.11b wireless standard? • 2 Mbps • 10 Mbps • 11 Mbps • 56 Mbps
answer
11 Mbps The IEEE 802.11b standard defines wireless transmission rates up to 11 Mbps. Wireless network interface cards and wireless access points (also called wireless hubs or wireless routers) will automatically negotiate the best transmission speed up to 11 Mbps based on current network traffic load and the quality of the wireless connection between the client and access point. The wireless communications are affected by distance, dense physical obstructions, and other electromagnetic interference producing devices. The IEEE 802.11a standard defines wireless transmission rates up to 2 Mbps. The IEEE 802.11g standard defines wireless transmission rates up to 56 Mbps. The IEEE 802.3 standard defines Ethernet 10baseT cable based transmissions of 10 Mbps.
question
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation? (Select two.)
answer
802.11a 802.11n
question
You are designing an update to your client's wireless network. The existing wireless network uses 802.11b equipment; which your client complains runs too slowly. She wants to upgrade the network to run at 54 Mbps. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless network boards in her users' workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation? • 802.11g • 802.11b • 802.11c • 802.11a • 802.11d
answer
802.11g 802.11g is the best choice for this client. While both 802.11a and 802.11g can each operate at 54 Mbps, 802.11a isn't compatible with 802.11b network boards. 802.11g access points, on the other hand, are backwards-compatible with 802.11b equipment. Using this type of access point will allow the wireless network to continue to function during the transition.
question
Which IEEE wireless standards specify transmission speeds up to 54 Mbps? (Select two.) • Bluetooth • 802.11b • 802.1x • 802.11g • 802.11a
answer
802.11g 802.11a Both the 802.11a and the 802.11g wireless standards specify maximum transmission speeds up to 54Mbps. The 802.11b wireless standard provides transmission speeds of 11 Mbps. 802.1x is a wireless security standard that provides an authentication framework for 802-based networks.
question
You have been contacted by OsCorp to recommend a wireless Internet solution. The wireless strategy must support a transmission range of 150 feet, use a frequency range of 2.4 GHz, and provide the highest possible transmission speeds. Which of the following wireless solutions would you recommend?
answer
802.11g The 802.11a wireless standard offers speeds of 54 Mbps but uses the 5 GHz frequency range. 802.11b uses the 2.4 GHz frequency range but supports only 11 Mbps transfer speeds. Bluetooth does operate at the 2.4GHz radio frequency range but is limited to theoretical speeds of 1 to 3 Mbps and transmission distances of 33 feet.
question
Which of the following are frequencies defined by 802.11 committees for wireless networking? (Select two.) • 900 MHz • 1.9 GHz • 2.4 GHz • 5.75 GHz • 10 GHz
answer
2.4 GHz 5.75 GHz
question
Which technologies are used by the 802.11ac standard to increase network bandwidth? (Select two.) • Four MIMO radio streams • Data compression • Eight MIMO radio streams • 40 MHz bonded channels • 80 MHz bonded channels
answer
Eight MIMO radio streams 80 MHz bonded channels
question
Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: • A wireless television distribution system running at 2.4 GHz • A wireless phone system running at 5.8 GHz • A wireless phone system running at 900 MHz • An 802.11a wireless network running in the 5.725 - 5.850 GHz frequency range • An 802.11j wireless network running in the 4.9 - 5.0 GHz frequency range Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
answer
The wireless TV system Because the 802.11b standard operates within the 2.4 GHz to 2.4835 GHz radio frequency range, the most likely culprit is the wireless TV distribution system.
question
What is the frequency of 802.11a networking? • 900 MHz • 1.2 GHz • 2.4 GHz • 5.75 GHz
answer
5.75 GHz 802.11a wireless operates in the 5.75 GHz range. 802.11b and 802.11g operate in the 2.4 GHz range.
question
How many total channels are available for 802.11a wireless networks?
answer
23 802.11a wireless uses the 5.75 GHz range which has a total of 23 channels. 802.11b and 802.11g use the 2.4 GHz range which has a total of 11 channels in the US.
question
How many total channels are available for 802.11g wireless networks?
answer
11 802.11b and 802.11g use the 2.4 GHz range which has a total of 11 channels in the US. 802.11a wireless uses the 5.75 GHz range which has a total of 23 channels.
question
Which wireless technology is used to enable 802.11a-ht and 802.11g-ht networks to emulate 802.11n network speeds? • Data encapsulation • Data compression • Channel bonding • "Borrowing" radio frequency bands below 1 GHz
answer
Channel bonding
question
You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point, and to be able to roam between the two access points. How should you configure the access points? • Different SSID, different channel • Same SSID, different channel • Same SSID, same channel • Different SSID, same channel
answer
Same SSID, different channel When configuring multiple access points as part of the same extended service set (ESS), configure both access points with the same Service Set Identifier (SSID). The SSID is like a network name, and groups wireless devices together into the same logical network. All devices, including wireless clients, use the same SSID. Wireless access points that are in the same area should use different channels. If the channels are the same or overlap, devices connected to one access point might interfere with devices connected to the other access point in locations where the signal overlaps.
question
You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do? • Create a wireless profile on the client. • Change the channel on the access point to a lower number. • Enable SSID broadcast. • Decrease the beacon interval.
answer
Decrease the beacon interval. A beacon is a frame that is sent out periodically by the access point. The beacon announces the access point and the characteristics of the network (such as the SSID, supported speeds, and the signaling method used). To improve access times, decrease the beacon interval.
question
You have configured a wireless access point to create a small network. For security, you have disabled SSID broadcast. From a client computer, you try to browse to find the access point. You see some other wireless networks in the area, but cannot see your network to connect to it. What should you do?
answer
Configure a profile on the wireless client. When the SSID broadcast is turned off, you must manually configure a profile on the client computer to identify the SSID of the access point. By disabling the SSID broadcast, wireless devices must be statically configured with the SSID before they can connect because they will be unable to dynamically detect the SSID.
question
You have a small wireless network that uses multiple access points. The network uses WPA and broadcasts the SSID. WPA2 is not supported by the wireless access points. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop? (Select two.) • AES encryption • TKIP encryption • BSSID • Channel • Preshared key
answer
TKIP encryption Preshared key To connect to the wireless network using WPA, you will need to use a preshared key and TKIP encryption. When using a preshared key with WPA, it is known as WPA-PSK or WPA Personal.
question
You are building a wireless network within and between two buildings. The buildings are separated by more than 3000 feet. The wireless network should meet the following requirements: • Wireless data within Building 1 should be protected with the highest degree of security. • Wireless data within Building 2 should be accessible and permitted by any wireless client. • Wireless signals between Buildings 1 and 2 should be protected with the highest degree of security. • Wireless signals within Buildings 1 and 2 should cover the whole structure, but not extend to the outside. For each location on the image below, you need to select the following: • Antenna option • Security option Tip: Drag the items from the list on the left to the location identifier on the right. Items may be used more than once. Not all items will be used.
answer
Building 1 - Location A WPA2 with CCMP Right-facing Directional Antenna Building 1 - Location B WPA2 with CCMP Omni Directional Antenna Building 1 - Location C WPA2 with CCMP Left-facing Directional Antenna Building 1 - Location D WPA2 with CCMP Right-facing Parabolic Antenna Building 2 - Location A WEP with Open authentication Omni Directional Antenna Building 2 - Location B WPA2 with CCMP Left-facing Parabolic Antenna
question
Your wireless network consists of multiple 802.11n access points that are configured as follows: • SSID (hidden): CorpNet • Security: WPA2-PSK using AES • Frequency: 5.7 GHz • Bandwidth per channel: 20 MHz This network is required to support an ever-increasing number of devices. To ensure there is sufficient capacity, you want to maximize the available network bandwidth. What should you do? • Implement antenna diversity. • Switch to TKIP encryption. • Double the bandwidth assigned per channel to 40 MHz. • Upgrade to 802.11a access points.
answer
Double the bandwidth assigned per channel to 40 MHz. 802.11n access points provide an option to allocate double the bandwidth per channel (increasing it to 40 MHz), which results in double the data rate.
question
What purposes does a wireless site survey serve? (Choose two.)
answer
To identify existing or potential sources of interference. To identify the coverage area and preferred placement of access points.
question
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 150 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation? • 802.11g • 802.11n • 802.11a • 802.11b
answer
802.11n
question
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates at 2.4 GHz. Which 802.11 standards will work best in this situation? (Select two.) • 802.11n • 802.11b • 802.11d • 802.11a • 802.11g
answer
802.11n 802.11a
question
You are designing an update to your client's wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs too slowly. She wants to upgrade the network to run at 150 Mbps or faster. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year she will upgrade the wireless NICs in the workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation? • 802.11b • 802.11a • 802.11d • 802.11n
answer
802.11n 802.11n is the best choice for this client. 802.11a operates at a maximum speed of 54 Mbps. 802.11a isn't compatible with 802.11g network boards. 802.11b runs at only 11 Mbps. 802.11n access points are backwards-compatible with 802.11g equipment and run at speeds of up to 600 Mbps. Using this type of access point will allow the wireless network to continue to function during the transition.
question
You have been hired to design a wireless network for a SOHO environment. You are currently in the process of gathering network requirements from management. Which of the following questions should you ask? (Select three.) • Where can network hardware be mounted in the building? • Is the business expected to grow in size in the future? • Are there microwaves or cordless phones that can cause interference? • What type of data will be transmitted on the network? • How many devices will need to be supported?
answer
Is the business expected to grow in size in the future? What type of data will be transmitted on the network? How many devices will need to be supported?
question
To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria: • Non-overlapping • Low utilization • Low interference You performed a spectrum analysis to identify 2.4 GHz wireless channel utilization, as show in the exhibit. Based on the results, which channel should you configure your wireless AP to use? • Channel 1 • Channel 3 • Channel 8 • Channel 11 • Channel 6
answer
Channel 1 You should use channel 1. Based on the results, the only channel that meets all the criteria is channel 1. Channel 3 and 8 are overlapping channels. Channel 6 is heavily utilized and would cause issues. Channel 11 isn't used as much as channel 6, but the signal interference is much stronger.
question
Match each wireless term or concept on the left with its associated description on the right. Each term may be used more than once; not all descriptions have a matching term
answer
Compares the level of the WiFi signal to the level of background radio signals. => Signal to Noise Ratio Checks channel utilization and identifies sources of RF inference. => Spectrum analysis Identifies how strong a radio signal is at the receiver. => Received Signal Level Identifies the number of useful bits delivered from the sender to the receiver. => Leave blank Causes multiple copies of the same radio signal to be received by the receiving antenna. => Bounce Degrades wireless network performance. => Device saturation
question
Which of the following enterprise wireless deployment models uses access points with enough intelligence to allow for the creation of guest WLANs for keeping public wireless traffic separate from private traffic?
answer
Distributed wireless mesh infrastructure
question
Match each wireless device on the left with its corresponding characteristics on the right. Each device may be used once, more than once, or not at all. • Manages all of the APs that are connected to it. • Supports 30 to 50 wireless clients per access point. • Provides NAT routing and an Ethernet switch in one device. • Supports a maxiumum of 5-10 wireless clients. • Pushes wireless configuration settings to connected access points. Drag • Wireless controller • SOHO wireless router
answer
Manages all of the APs that are connected to it. => Wireless controller Supports 30 to 50 wireless clients per access point. => Wireless controller Pushes wireless configuration settings to connected access points. ==> Wireless controller Provides NAT routing and an Ethernet switch in one device. => SOHO wireless router Supports a maxiumum of 5-10 wireless clients. => SOHO wireless router For home or small business wireless networks, you typically use a consumer-grade SOHO wireless router that combines many functions into a single device: • Wireless access point • Ethernet switch • NAT router These devices work reasonably well in small environments. However, they have very limited capacity, typically supporting a maximum of 5-10 wireless clients at a time. If you connect more clients than this, the bandwidth of the entire wireless network is severely impacted. In a larger deployment, you must use higher end equipment designed to support a larger number of users. For example, a wireless controller is typically deployed that manages a large number of individual access points. A wireless controller: • Manages all of the APs that are connected to it. • Supports 30 to 50 wireless clients per access point. Some manufacturers' equipment can support up to 80 clients per access point. • Pushes wireless configuration settings to connected access points.
question
Match the wireless networking term or concept on the left with its appropriate description on the right. Each term may be used once, more than once, or not at all. • Moving an wireless device between access points within the same wireless network. • Used by Cisco wireless equipment to route frames back and forth between the wireless network and the wired LAN. • Specifies the number of clients that utilize the wireless network. • Automatically partitions a single broadcast domain into multiple VLANs. • Graphically displays wireless signal strength within an area. • Connects two wired networks together over a WiFi network. • Identifies how strong a radio signal is at the receiver. • The number of useful bits delivered from sender to receiver within a specified amount of time. Drag • Roaming • LWAPP • Device density • VLAN pooling • Heat map • Wireless bridge • Goodput
answer
Moving an wireless device between access points within the same wireless network. => Roaming Used by Cisco wireless equipment to route frames back and forth between the wireless network and the wired LAN. => LWAPP Specifies the number of clients that utilize the wireless network. => Device density Automatically partitions a single broadcast domain into multiple VLANs. => VLAN pooling Graphically displays wireless signal strength within an area. => Heat map Connects two wired networks together over a WiFi network. => Wireless bridge Identifies how strong a radio signal is at the receiver. => Leave blank The number of useful bits delivered from sender to receiver within a specified amount of time. => Goodput You should be familiar with the following wireless networking terms and concepts: • Roaming refers to moving an wireless device between access points within the same wireless network. • The Lightweight Access Point Protocol (LWAPP) is used by Cisco wireless equipment to route frames back and forth between the wireless network and the wired LAN. • Device density specifies the number of clients that utilize the wireless network.
question
Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right. Each type of access point may be used once, more than once, or not at all. Drag • Intelligent AP • Lightweight AP Architecture • Independent access point infrastructure • Hub-and-spoke infrastructure • Distributed wireless mesh infrastructure
answer
Independent access point infrastructure => Intelligent AP Distributed wireless mesh infrastructure ==> Intelligent AP Hub-and-spoke infrastructure ==> Lightweight AP
question
Which encryption method is used by WPA for wireless networks? • WEP • IPsec • AES • TKIP • 802.1x
answer
TKIP WPA uses TKIP for encryption. TKIP uses rotating encryption keys for added security over WEP.
question
You want to implement 802.1x authentication on your wireless network. Which of the following will be required? • TKIP • WPA • RADIUS • WPA2
answer
RADIUS 802.1x authentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients.
question
Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients? • WPA Enterprise and WPA2 Enterprise • WEP, WPA Personal, and WPA2 Personal • WPA Personal and WPA2 Personal • WEP, WPA Personal, WPA Enterprise, WPA2 Personal, and WPA2 Enterprise • WEP
answer
WEP, WPA Personal, and WPA2 Personal
question
You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client? (Select three.) • TKIP • AES • Preshared key • Channel • SSID • Username and password
answer
AES Preshared key SSID WPA2 Personal uses a shared key for authentication. Once authenticated, dynamic keys are generated to be used for encryption. With the SSID broadcast turned off, you will need to manually configure the SSID on the client. Channels are detected automatically as well. If you were using WPA2 Enterprise, you would need to configure the authentication method such as a username and password or a smart card.
question
You need to add security for your wireless network. You would like to use the most secure method. Which method should you implement? • WPA2 • WPA • WEP • Kerberos
answer
WPA2 Wi-Fi Protected Access 2 (WPA2) is currently the most secure wireless security specification. WPA2 includes specifications for both encryption and authentication.
question
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.) • Implement an intrusion prevention system (IPS). • Implement a network access control (NAC) solution. • Implement an intrusion detection system (IDS). • Conduct a site survey. • Check the MAC addresses of devices connected to your wired switch.
answer
Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.
question
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this? • Man-in-the-middle • Physical security • Phishing • Social engineering • Rogue access point
answer
Rogue access point
question
An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using AirSnort to capture packets, but found that she couldn't break the encryption. As an alternative, she used software to configure her laptop to function as an access point. She configured the fake access point with the same SSID as the wireless network she is trying to break into. When wireless clients connect to her access point, she presents them with a web page asking them to enter the WPA2 passphrase. When they do, she then uses it to connect a wireless client to the real access point. What attack techniques did the attacker use in this scenario? (Select two.) • Denial of service • Smurf • Man-in-the-middle • Evil twin • Pharming
answer
Evil twin Pharming The attacker in this scenario used the following attack techniques: • Evil twin: In this exploit, an attacker near a valid wireless access point installs an access point with the same (or similar) SSID. • Pharming: In this exploit, the access point is configured to display a bogus web page that prompts for credentials, allowing the attacker to steal those credentials.
question
What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell? • Near a window • In common or community work areas • In the center of the building • Above the 3rd floor
answer
Near a window
question
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving? • Implement WPA2 Personal • Use a form of authentication other than Open authentication • Change the default SSID • Disable SSID broadcast
answer
Disable SSID broadcast Wireless access points are transceivers which transmit and receive information on a wireless network. Each access point has a service set ID (SSID) which identifies the wireless network. By default, access points broadcast the SSID to announce their presence and make it easy for clients to find and connect to the wireless network. Turn off the SSID broadcast to keep a wireless 802.11x network from being automatically discovered. When SSID broadcasting is turned off, users must know the SSID to connect to the wireless network. This helps to prevent casual attackers from connecting to the network, but any serious hacker with the right tools can still connect to the wireless network.
question
You are the wireless network administrator for your organization. As the size of the organization has grown, you've decide to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is a part of the complete solution.) • Configure the RADIUS server with a pre-shared key. • Configure all wireless access points with client certificates. • Configure all RADIUS clients with a pre-shared key. • Configure all wireless workstations with client certificates. • Configure the RADIUS server with a server certificate.
answer
Configure all wireless access points with client certificates. Configure the RADIUS server with a server certificate.
question
You are designing a wireless network implementation for a small business. The business deals with sensitive customer information, so data emanation must be reduced as much as possible. The floor plan of the office is shown below. Match each type of access point antenna on the left with the appropriate location on the floor plan on the right. Each antenna type can be used once, more than once, or not at all. Drag • Omnidirectional • Directional • Parabolic Drop A B C D E F G
answer
A ==> Directional B ==> Directional C ==> Omnidirectional D ==> Directional E ==> Directional F ==> Directional G ==> Directional
question
You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. What type of wireless antennae should you use on each side of the link? (Select two.) • High-gain • Normal-gain • Omnidirectional • Parabolic • Directional
answer
High-gain Parabolic You should use high-gain, parabolic antennae on each side of the link. A high-gain antenna usually has a gain rating of 12 dBi or higher. A parabolic antenna uses a parabolic-shaped reflector dish. It is highly directional, concentrating the radio waves transmitted from the sender in to a very narrow beam. When the receiver uses a parabolic antenna, it can only receive a signal from one specific direction. It supports very high-gain radio signals that can be transmitted over long distances, but it requires a clear line-of-sight (LOS) between the sender and the receiver.
question
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? (Select two.) • AES encryption • Preshared keys • Open authentication • 802.1x • TKIP encryption • WEP encryption
answer
AES encryption 802.1x To configure WPA2 Enterprise, you will need a RADIUS server to support 802.1x authentication. WPA2 uses AES for encryption.
question
Match each Wi-Fi jamming attack on the left with its corresponding description on the right.
answer
Transmits radio signals at random amplitudes and frequencies ==> Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies ==> Random pulse jamming Repeatedly transmits high-intensity, short-duration RF bursts at a rapid pace ==> Spark jamming
question
You are setting up a wireless hotspot in a local coffee shop. For best results, you want to disperse the radio signals evenly throughout the coffee shop. Which of the following types of antennas would you use on the AP to provide a 360-degree dispersed wave pattern? • Omni-directional • Uni-directional • Multi-directional • Directional • Multi-point
answer
Omni-directional An omni directional antenna provides a 360-degree dispersed wave pattern. In this configuration, signals are dispersed evenly in all directions making it well suited for environments such as coffee shops where clients are accessing the network from various locations.
question
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)
answer
802.11b Bluetooth Both the 802.11b and Bluetooth wireless standards use the 2.4 GHz RF range to transmit data. Cordless phones that operate at the same frequency can cause interference on the wireless network. Other devices such as microwaves and electrical devices may also cause interference.
question
You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360-dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal. Which of the following strategies could you try to increase signal strength? • Increase the RF setting on the AP • Increase the RF setting on the client system • Replace the directional antenna with an • Omni-directional antenna • Replace the Omni-directional antenna with a directional antenna • Increase the RF power on the isotropic antenna
answer
Replace the Omni-directional antenna with a directional antenna
question
A user on your network has been moved to another office down the hall. After the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem? • The client system has moved too far away from the access point. • An SSID mismatch between the client and the WAP. • The encryption level has been erroneously set back to the default setting. • An SSID mismatch between the client and the server. • The client has incorrect WEP settings.
answer
The client system has moved too far away from the access point.
question
You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems? • The SSIDs of the two client systems match • Crosstalk between the RF signals • The SSIDs of the two server systems match • Overlapping channels • WEP overlap
answer
Overlapping channels Overlapping wireless networks should use different channels to ensure that they do not conflict with each other. In this case, each WAP is using the default channel which, by default, is the same for each WAP. The solution to the problem would be to configure different channels for each access point.
question
You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for its customers who want Internet access. You decide to check your e-mail before the meeting begins, but when you open the browser you cannot gain Internet access. Other customers are on the Internet and because you use a wireless connection at work, you are sure your laptops wireless adapter works. What is the likely cause of the problem? • PPP is not configured correctly • Mismatched SSID • Different LAN protocols used • Antenna strength on the WAP is too low • WAP is out of range
answer
Mismatched SSID A wireless client and the access point must be configured to use the same SSID. In this case, the client system was used on a different wireless network and may still be using the SSID from that network. To log onto this network, the system will need to be configured to use the same SSID as other customers in the coffee shop. Sometimes the SSID will automatically be detected by a wireless monitoring program. As a new SSID is detected, it will attempt to connect and use the new SSID and new access point. When this does not happen, the SSID will need to be changed manually.
question
After installing a new 2.4Ghz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely to be using? (Select two.) • 802.11b • 802.11g • Bluetooth • 802.11a
answer
802.11b 802.11g Both the 802.11b and 802.11g wireless networking standards use the 2.4Ghz frequency range. A cordless phone system on the same frequency range may affect the performance of the wireless network. 802.11a uses the 5Ghz frequency range, and so would not be affected by a cordless phone system that uses the 2.4Ghz frequency range. Bluetooth does use the 2.4Ghz frequency range, but is used more widely as a mechanism to connect consumer electronic devices like Personal Digital Assistants (PDAs), Cameras, and Phones, rather than as a wireless local area networking (LAN) method.
question
A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee room two floors above the floor where she normally works. What is the most likely cause of her connectivity problem? • The user has not yet logged off and back on to the network while at her new location. • The user is out of the effective range of the wireless access point on her floor. • The user needs a new IP address because she is working on a different floor. • The user has not yet rebooted her laptop computer while at her new location. • The wireless network access point on the users normal floor has failed.
answer
The user is out of the effective range of the wireless access point on her floor.
question
While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks? • Use the same channel ID, but configure a different SSID. • Use a different Channel ID. • Use 802.11b instead of 802.11g. • Use the same channel ID, but configure your wireless network to use WEP.
answer
Use a different Channel ID. Overlapping wireless networks should use different channels to ensure that they do not conflict with each other.
question
Mobile devices in your organization use the access points shown in the figure below to connect to your wireless network. Recently, a catastrophic early morning power surge occurred, followed by an outage that lasted longer than your backup equipment could supply temporary power. After you powered the equipment back on, everything initially appeared to work correctly. However, ever since this event, some mobile users report that wireless network connections sometimes get dropped or perform very poorly. What should you do? (Select two.) • Set the channel used by access point B to 7. • Set the channel used by access point C to 7. • Set access points A, C, and D to use 802.11b wireless networking. • Configure each access point to use 802.1x authentication. • Set each access point to use a different SSID. • Set the channel used by access point A to 5. • Set access point B to use 802.11n wireless networking. • Set the frequency on access points A, C, and D to 5.7 GHz. • Set the channel used by access point B to 8.
answer
Set access point B to use 802.11n wireless networking. Set the channel used by access point B to 8.
question
Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?
answer
Place access points above where most clients are.
question
You have physically added a wireless access point to your network and installed a wireless networking card in two laptops running Windows. Neither laptop can find the network and you have come to the conclusion that you must manually configure the wireless access point (AP). Which of the following values uniquely identifies the network AP? • SSID • WEP • PS • Channel
answer
SSID The SSID (service set identifier) identifies the wireless network. All PCs and access points in a LAN share the same SSID.
question
You need to place a wireless access point in your two-story building. While trying avoid interference, which of the following is the best location for the access point? • In the top floor • Near the backup generators • In the basement • In the kitchen area
answer
- In the top floor In general, place access points higher up to avoid interference problems caused by going through building foundations. Do not place the access point next to sources of interference such as other wireless transmitting devices (cordless phones or microwaves) or other sources of interference (motors or generators).
question
Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building? • Place multiple access points in the same area. • Place access points above where most clients are. • Place access points near outside walls. • Place access points in the basement.
answer
Place access points above where most clients are.
question
Your wireless network consists of multiple 802.11n access points that are configured as follows: • SSID (hidden): CorpNet • Security: WPA2-PSK using AES • Frequency: 5.7 GHz • Bandwidth per channel: 40 MHz Because of the unique construction of your organization's facility, there are many locations that do not have a clear line-of-sight between network clients and access points. As a result, radio signals are reflected along multiple paths before finally being received. The result is distorted signals that interfere with each other. What should you do? • Implement antenna diversity. • Install directional access points. • Switch to RADIUS authentication for wireless clients. • Reduce the power of the access point radio signals.
answer
Implement antenna diversity.
question
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. • The office manager informs you that the organization's servers are kept in a locked closet. An access card is required to enter the server closet. • She informs you that server backups are configured to run each night. A rotation of tapes are used as the backup media. • You notice the organization's network switch is kept in the server closet. • You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. • The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You carry the workstation out to your car and bring it back to your office to work on it. What security-related recommendations should you make to this client? • Keep the network infrastructure devices (switch and all-in-one device) in a locked room separate from network servers. • Implement a hardware checkout policy. • Upgrade the server closet lock to a biometric authentication system. • Replace the tape drive used for backups with external USB hard disks.
answer
Implement a hardware checkout policy. In this scenario, you should recommend the client implement a hardware checkout policy. A checkout policy ensures that hardware containing sensitive data does not leave the organization's premises without approval and without recording the device's serial number, make, and model number.
question
Which of the following are solutions that address physical security? (Select two.) • Require identification and name badges for all employees • Scan all floppy disks before use • Escort visitors at all times • Implement complex passwords • Disable guest accounts on computers
answer
Require identification and name badges for all employees Escort visitors at all times
question
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal? • Electronic access control doors • Egress mantraps • Locked doors with interior unlock push-bars • Turnstiles
answer
Turnstiles Turnstiles allow easy egress from a secured environment but actively prevent re-entrance through the exit portal. Turnstiles are a common exit portal used in conjunction with entrance portal mantraps. A turnstile cannot be used to enter into a secured facility as it only functions in one direction.
question
Which of the following can be used to stop piggybacking that has been occurring at a front entrance where employees should swipe their smart cards to gain entry? • Deploy a mantrap • Use key locks rather than electronic locks • Install security cameras • Use weight scales
answer
Deploy a mantrap Piggybacking is the activity where an authorized or unauthorized individual gains entry into a secured area by exploiting the credentials of a prior person. Often, the first person will authenticate, unlock the door, and then hold it open for the next person to enter without forcing them to authenticate separately. Piggybacking can be stopped by a mantrap. A mantrap is a single-person room with two doors. It often includes a scale to prevent piggybacking. It requires proper authentication before unlocking the inner door to allow authorized personal into a secured area. Those who fail to properly authenticate are held captive until authorities respond.
question
You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions? • 500 resolution, 50mm, .05 LUX • 400 resolution, 10mm, 2 LUX • 500 resolution, 50mm, 2 LUX • 400 resolution, 10mm, .05 LUX
answer
500 resolution, 50mm, .05 LUX When selecting cameras, be aware of the following characteristics: • The resolution is rated in the number of lines included in the image. In general, the higher the resolution, the sharper the image. • The focal length measures the magnification power of a lens. The focal length controls the distance that the camera can see, as well as how much detail can be seen at a specific range. A higher focal length lets you see more detail at a greater distance. • LUX is a measure of the sensitivity to light. The lower the number, the less light needed for a clear image.
question
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
answer
PTZ A Pan Tilt Zoom (PTZ) camera lets you dynamically move the camera and zoom in on specific areas to monitor (cameras without PTZ capabilities are manually set looking a specific direction). Automatic PTZ mode automatically moves the camera between several preset locations; manual PTZ lets an operator remotely control the position of the camera. PTZ cameras can be bullet, c-mount, or dome cameras.
question
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan? • Security guards • Low LUX or infrared camera • PTZ camera • Sufficient lighting
answer
Security guards When used in a preventative way, you must have a guard or other person available who monitors one or more cameras. Only a security guard will be able to interpret what the camera sees to make appropriate security decisions.
question
Which of the following CCTV types would you use in areas with little or no light? • Infrared • C-mount • PTZ • A camera with a high LUX rating
answer
Infrared
question
Which of the following CCTV camera types lets you adjust the distance that the camera can see (i.e. zoom in or out)? • Infrared • Varifocal • Fixed • C-mount
answer
Varifocal
question
Which of the following controls is an example of a physical access control method? • Smartcards • Locks on doors • Access control lists with permissions • Passwords • Hiring background checks
answer
Locks on doors
question
You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns? • Use cable locks to chain the laptops to the desks. • Implement screen saver passwords. • Require strong passwords in the local security policy. • Encrypt all company data on the hard drives.
answer
Use cable locks to chain the laptops to the desks.
question
Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all. Hardened carrier Biometric authentication Barricades Emergency escape plans Alarmed carrier Anti-passback system Emergency lighting Exterior floodlights Protected cable distribution Door locks Perimeter barrier Safety Protected cable distribution Physical access control Safety Perimeter barrier
answer
Hardened carrier => Protected cable distribution Alarmed carrier => Protected cable distribution Biometric authentication => Door locks Anti-passback system => Physical access control Emergency lighting => Safety Emergency escape plans => Safety Barricades => Perimeter barrier Exterior floodlights => Perimeter barrier
question
You are an IT consultant and are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet. • She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace. • You notice that a router/firewall/content filter UTM device has been implemented in the server closet to protect the internal network from external attacks. Which security-related recommendations should you make to this client? (Select two.) • Replace the key lock on the server closet with a card reader. • Relocate the switch to the locked server closet. • Control access to the work area with locking doors and proximity readers. • Use separate, dedicated network perimeter security devices instead of a UTM device. • Replace the USB hard disks used for server backups with a tape drive.
answer
Relocate the switch to the locked server closet. Control access to the work area with locking doors and proximity readers.
question
Which of the following is the most important thing to do to prevent console access to a network switch?
answer
Keep the switch in a room that uses a cipher lock. To control access to the switch console, you must keep it in a locked room. A console connection can only be established with a direct physical connection to the device. If the switch is in a locked room, only those with access will be able to make a console connection. In addition, even if you had set console passwords, users with physical access to the device could perform password recovery and gain access.
question
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? • Use TFTP to back up the router configuration to a remote location. • Use encrypted type 7 passwords. • Change the default administrative user name and password. • Move the router to a secure server room. • Use a Telnet client to access the router configuration.
answer
Move the router to a secure server room. In this scenario, the router is not physically secure. Anyone with access to the area could gain access to the router and manipulate its configuration by plugging in to the console port. The device should be moved to a secure location, such as a server room, that requires an ID badge for access.
question
What is the primary countermeasure to social engineering? • Traffic filters • Heavy management oversight • A written security policy • Awareness
answer
Awareness
question
Which of the following are examples of social engineering? (Select two.) • War dialing • Dumpster diving • Shoulder surfing • Port scanning
answer
Dumpster diving Shoulder surfing Social Engineering leverages human nature. Internal employees are often the target of trickery, and false trust can quickly lead to a serious breach of information security. Shoulder surfing and dumpster diving are examples of social engineering. Shoulder surfing is the act of looking over an authorized user's shoulder in hopes of obtaining an access code or credentials. Dumpster diving involves searching through trash or other discarded items to obtain credentials or information that may facilitate further attacks. These "low-tech" attack methods are often the first course of action that a hacker pursues.
question
How can an organization help prevent social engineering attacks? (Select two.) • Educate employees on the risks and countermeasures • Implement IPsec on all critical systems • Utilize 3DES encryption for all user sessions • Publish and enforce clearly written security policies
answer
Educate employees on the risks and countermeasures Publish and enforce clearly written security policies User training and policy enforcement are the keys to preventing social engineering attacks. Many users are not aware of the risks involved. Training will raise awareness, provide clear instructions for dealing with and reporting suspicious activity, and directly support all published security policies.
question
Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email. What type of attack is this? • Smurf • Phishing • Man-in-the-middle • Piggybacking
answer
Phishing Phishing uses an email and a spoofed website to obtain sensitive information. In a phishing attack: • A fraudulent message that appears to be legitimate is sent to a target. • The message requests the target to visit a website that appears to be legitimate. • The fraudulent website asks the victim to provide sensitive information such as an account number and password.
question
A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario? • MAC spoofing • Masquerading • Whaling • Passive
answer
Whaling Whaling is a form of a social engineering attack that is targeted to senior executives and high profile victims. Social engineering is an attack that exploits human nature by convincing someone to reveal information or perform an activity.
question
Which of the following is a common form of social engineering attack? • Using a sniffer to capture network traffic. • Distributing false information about your organization's financial status. • Logging on with stolen credentials. • Hoax virus information e-mails.
answer
Hoax virus information e-mails. Hoax virus information e-mails is a form of social engineering attack. This type of attack preys on e-mail recipients who are fearful and will believe most information if it is presented in a professional manner. All too often, the victims of these attacks fail to double check the information or instructions with a reputable third party antivirus software vendor before implementing the recommendations. Usually these hoax messages instruct the reader to delete key system files or download Trojan horses.
question
Which of the following is not a form of social engineering? • A virus hoax e-mail message • Impersonating a manager over the phone • Impersonating a user by logging on with stolen credentials • Impersonating a utility repair technician
answer
Impersonating a user by logging on with stolen credentials Impersonating a user by logging on with stolen credentials is not a social engineering attack. It is an intrusion attack made possible by network packet capturing or obtaining logon credentials through social engineering. Impersonating someone over the phone or in person are easily recognizable forms of social engineering.
question
You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you need enter your username and password at a new website so you can manage your email and spam using the new service. What should you do? • Click on the link in the email and look for company graphics or information before entering the login information. • Click on the link in the email and follow the directions to enter your login information. • Delete the email. • Open a web browser and type the URL included in the email and follow the directions to enter your login credentials. • Verify that the email was sent by the administrator and that this new service is legitimate
answer
Verify that the email was sent by the administrator and that this new service is legitimate.
question
Dumpster diving is a low-tech means of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving? • Create a strong password policy • Establish and enforce a document destruction policy • Secure all terminals with screensaver passwords • Mandate the use of Integrated Windows Authentication
answer
Establish and enforce a document destruction policy 'Dumpster Diving' is best addressed by a document destruction policy. All sensitive documents should be shredded or burned, and employees should be trained on the proper use of disposal equipment and the policies governing disposal of sensitive information.
question
What is the primary difference between impersonation and masquerading? • One is a real-time attack, the other is an asynchronous attack • One is used against administrator accounts, the other against end user accounts • One is easily detected, the other is subtle and stealthy • One is more active, the other is more passive
answer
One is more active, the other is more passive
question
Match the social engineering description on the left with the appropriate attack type on the right. Phishing Whaling Spear phishing Dumpster diving Piggybacking Vishing An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. An attacker gathers personal information about the target individual in an organization. An attacker gathers personal information about the target individual, who is a CEO. An attacker searches through an organization's trash for sensitive information. An attacker enters a secured building by following an authorized employee through a secure door without providing identification. An attacker uses a telephone to convince target individuals to reveal their credit card information.
answer
Phishing => An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling => An attacker gathers personal information about the target individual, who is a CEO. Spear phishing => An attacker gathers personal information about the target individual in an organization. Dumpster diving => An attacker searches through an organization's trash for sensitive information. Piggybacking => An attacker enters a secured building by following an authorized employee through a secure door without providing identification. Vishing => An attacker uses a telephone to convince target individuals to reveal their credit card information.
question
Which of the following statements about the use of anti-virus software is correct? • If you install anti-virus software, you no longer need a firewall on your network. • Anti-virus software should be configured to download updated virus definition files as soon as they become available. • Once installed, anti-virus software needs to be updated on a monthly basis. • If servers on a network have anti-virus software installed, workstations do not need anti-virus software installed.
answer
Anti-virus software should be configured to download updated virus definition files as soon as they become available.
question
You have installed anti-virus software on the computers on your network. You update the definition and engine files, and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)
answer
Educate users about malware. Schedule regular full system scans.
question
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack? • DoS • Backdoor • DDoS • Replay • Spamming
answer
DDoS A DDoS attack is when multiple PCs attack a victim simultaneously and generate excessive traffic, thereby overloading communication channels, or exploiting software flaws. A DoS attack is when a single attacker directs an attack against a single target.
question
Which of the following is the best countermeasure against man-in-the middle attacks? • UDP • MIME email • PPP • IPsec
answer
IPsec Use IPsec to encrypt data in a VPN tunnel as it passes between two communication partners. Even if someone intercepts the traffic, they will be unable to extract the contents of the messages because they are encrypted.
question
A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent? • Botnet • Logic bomb • Spyware • Trojan horse
answer
Botnet A botnet refers to a collection of zombie computers which are commanded from a central control infrastructure to propagate spam or to collect usernames and passwords to access secure information.
question
Which of the following describes a logic bomb? • A program that performs a malicious activity at a specific time or after a triggering event • A type of malicious code, similar to a virus, whose primary purpose is to duplicate itself and spread, while not necessarily intentionally damaging or destroying resources • A program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found • A program that appears to be a legitimate application, utility, game, or screensaver which performs malicious activities surreptitiously
answer
A program that performs a malicious activity at a specific time or after a triggering event A logic bomb is a program that performs a malicious activity at a specific time or after a triggering event. Logic bombs can be planted by a virus, a Trojan horse, or by an intruder. Logic bombs may perform their malicious activity at a specific time and date or when a specific event occurs on the system, such as logging in, accessing an online bank account, or encrypting a file.
question
Which of the following are characteristics of a rootkit? (Select two.) • Uses cookies saved on the hard drive to track user preferences • Hides itself from detection • Monitors user actions and opens pop-ups based on user preferences • Requires administrator-level privileges for installation
answer
Hides itself from detection Requires administrator-level privileges for installation A rootkit is a set of programs that allows attackers to maintain permanent, administrator-level, hidden access to a computer. A rootkit: • Is almost invisible software. • Resides below regular antivirus software detection. • Requires administrator privileges to install, then maintains those privileges to allow subsequent access. • Might not be malicious. • Often replaces operating system files with alternate versions that allow hidden access.
question
Which of the following best describes spyware? • It is a program that attempts to damage a computer system and replicate itself to other computer systems. • It monitors the actions you take on your machine and sends the information back to its originating source. • It monitors the actions of the user that would denote their personal preferences, then sends pop-ups and ads to the user that match their tastes. • It is a malicious program that is disguised as legitimate software.
answer
It monitors the actions you take on your machine and sends the information back to its originating source.
question
A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred? • Privilege escalation • Smurf attack • Man-in-the-middle attack • Social engineering
answer
Privilege escalation
question
What are the most common network traffic packets captured and used in a replay attack? • Authentication • Session termination • DNS query • File transfer
answer
Authentication Authentication traffic is the most commonly captured type of network traffic packets used in replay attacks. If someone is able to replay the stream of authentication packets successfully, they can gain the same access to the system or network as the original user. Fortunately, many authentication security systems include time stamps or dynamic challenge response mechanisms to prevent authentication packets from being replayed.
question
Which of the following are denial of service attacks? (Select two.)
answer
Fraggle Smurf Smurf and Fraggle are both denial of service attacks. Smurf spoofs the source address in ICMP packets and sends the ICMP packets to an amplification network (bounce site). The bounce site responds to the victim site with thousands of messages that he did not send. A Fraggle attack is similar to the Smurf but uses UDP packets directed to port 7 (echo) and port 19 (chargen - character generation).
question
An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario? (Choose two. Both responses are different names for the same exploit.) • Man-in-the-middle • Pharming • Reconnaisance • DNS poisoning • Domain name kiting
answer
Pharming Domain name kiting Domain name kiting occurs when spammers exploit domain registration by taking advantage of the five-day grace period for a newly registered domain name to acquire domains and never pay for the registration of domain names. They accomplish this by unregistering a domain name just before the grace period is up and then immediately re-registering the domain name.
question
Users in your organization receive email messages informing them that suspicious activity has been detected on their bank account. They are directed to click a link in the email to verify their online banking username and password. The URL in the link is in the .ru top-level DNS domain. What kind of attack has occurred? • Phishing • Open SMTP relay • Buffer overflow • Virus
answer
Phishing A phishing scam uses an email pretending to be from a trusted organization and asks you to verify personal information or send money. In a phishing attack: • A fraudulent message (that appears to be legitimate) is sent to a target. • The message requests that the target visit a fraudulent website (which also appears to be legitimate). Graphics, links, and web pages look almost identical to the legitimate websites they are trying to represent. • The fraudulent website requests that the victim provide sensitive information such as an account number and password.
question
A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of common attack? • Privilege escalation • Buffer overflow • Session hijacking • Backdoor
answer
Buffer overflow
question
Which of the following attacks, if successful, causes a switch to function like a hub? • MAC spoofing • Replay • ARP poisoning • MAC flooding
answer
MAC flooding The attacker floods the switch with packets, each containing different source MAC addresses. The flood of packets fills up the forwarding table and consumes so much of the memory in the switch that it causes the switch to enter a state called fail-open mode, in which all incoming packets are broadcast out all ports (as with a hub), instead of just to the correct ports as per normal operation.
question
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this? • Client-side scripts • Server-side scripts • CGI • ActiveX
answer
Client-side scripts JavaScript is an example of client-side scripting, where the client system runs the scripts that are embedded in Web pages. When pages download, the scripts are executed. ActiveX runs executable code within a browser, but ActiveX controls are not written using the JavaScript language.
question
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer by connecting it to the console port on the router. You configured the management interface with a user name of admin and a password of password. What should you do to increase the security of this device? • Move the device to a secure data center. • Use a web browser to access the router configuration using an HTTP connection. • Use an SSH client to access the router configuration. • Use a stronger administrative password.
answer
Use a stronger administrative password. In this scenario, the password assigned to the device is weak and easily guessed. It should be replaced with a strong password that is at least 8 characters long, uses upper- and lower-case letters, and uses numbers or symbols.
question
Which of the following is a text file provided by a website to a client that is stored on a user's hard drive in order to track and record information about the user? • Certificate • Cookie • Digital signature • Mobile code
answer
Cookie A cookie is text file that a website provides to a client that is stored on a user's hard drive in order to track and record information about the user.
question
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred? • Trojan horse • SQL injection • DLL injection • Drive-by download
answer
Drive-by download A drive-by download is an attack where software or malware is downloaded and installed without explicit consent from the user. Drive-by downloads can occur in a few different ways: • Through social engineering, the user is tricked into downloading the software. The user might not realize that clicking a link will install software, or the user might know that something is being installed, but not have a full understanding of what it is or what it does. • By exploiting a browser or operating system bug, a site is able to install software without the user's knowledge or consent.
question
While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario? • Watering hole • URL hijacking • Integer overflow • Buffer overflow
answer
Integer overflow An integer overflow occurs when a computational operation by a running process results in a numeric value that exceeds the maximum size of the integer type used to store it in memory. When this occurs, the value will wrap around and start again at its minimum value, in much the same way a mechanical odometer in a car rolls over to zero when the maximum number of miles it can record has been exceeded. This allows an attacker to manipulate the value of variables, leading to unintended behavior by the system. In this scenario, the attacker has manipulated the quantity while purchasing items from an online store. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order form as a return instead of a purchase and the attacker's account is refunded a large sum of money.
question
In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue? • A strong password policy • 3DES Encryption • AES Encryption • VLANs
answer
A strong password policy
question
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle? • Buffer overflow • Smurf • Time of check/time of use (TOC/TOU) • Data diddling
answer
Buffer overflow A buffer overflow occurs when software code receives too much input than it was designed to handle and when the programmer of that code failed to include input validation checks. When a buffer overflow occurs, the extra data is pushed into the execution stack and processed with security context of the system itself. In other words, a buffer overflow attack often allows the attacker to perform any operation on a system.
question
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure? • VLANs • Port authentication • Bonding • Spanning tree • Mirroring
answer
Port authentication Use port authentication to prevent unauthorized access through switch ports. Port authentication is provided by the 802.1x protocol, and allows only authenticated devices to connect to the LAN through the switch. Authentication uses usernames and passwords, smart cards, or other authentication methods. • When a device first connects, the port is set to an unauthorized state. Ports in unauthorized states can only be used for 802.1x authentication traffic. • After the server authenticates the device or the user, the switch port is placed in an authorized state, and access to other LAN devices is allowed.
question
Which of the following is a mechanism for granting and validating certificates? • AAA • RADIUS • PKI • Kerberos
answer
PKI Certificates are obtained from a Public Key Infrastructure (PKI). A PKI is a system that provides for a trusted third party to vouch for user identities. A PKI is made up of Certification Authorities (CAs), also called certificate authorities. A CA is an entity trusted to issue, store, and revoke certificates.
question
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.) • PKI • 802.1x • AAA • TACACS+ • RADIUS • EAP
answer
TACACS+ RADIUS Both RADIUS and TACACS+ are protocols used for centralized authentication, authorization, and accounting used with remote access. Remote access clients send authentication credentials to remote access servers. Remote access servers are configured as clients to the RADIUS or TACACS+ servers and forward the authentication credentials to the servers. The servers maintain a database of users and policies that control access for multiple remote access servers.
question
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use? • MS-CHAP v2 • EAP • IPsec • PKI
answer
EAP Public and private key pairs are used by certificates for authentication and encryption. Extensible Authentication Protocol (EAP) allows the client and server to negotiate the characteristics of authentication. EAP is used to allow authentication using smart cards, biometrics (user physical characteristics), and certificate-based authentication.
question
You have a web server that will be used for secure transactions for customers who access the website over the Internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server? • Run a third-party tool to generate the certificate. • Obtain a certificate from a public PKI. • Have the server generate its own certificate. • Create your own internal PKI to issue certificates.
answer
Obtain a certificate from a public PKI. Computers must trust the CA that issues a certificate. For computers that are used on the Internet and accessible to public users, obtain a certificate from a public CA such as VeriSign. By default, most computers trust well-known public CAs.
question
Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.) • Time server • PPP • RADIUS or TACACS+ server • Ticket granting server • PPPoE
answer
Time server Ticket granting server Kerberos grants tickets (also called a security token) to authenticated users and to authorized resources. A ticket granting server (TGS) grants tickets that are valid for specific resources on specific servers. Kerberos requires that all servers within the process have synchronized clocks to validate tickets, so a centralized time server or other method for time synchronization is required.
question
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration?
answer
Configure the remote access servers as RADIUS clients. When configuring a RADIUS solution, configure a single server as a RADIUS server. Then configure all remote access servers as RADIUS clients.
question
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement? • Port security • IPsec • Spanning tree • 802.1x
answer
802.1x 802.1x authentication is an authentication method used on a LAN to allow or deny access based on a port or connection to the network. 802.1x is used for port authentication on switches and authentication to wireless access points. 802.1x requires an authentication server for validating user credentials. This server is typically a RADIUS server. Authenticated users are allowed full access to the network; unauthenticated users only have access to the RADIUS server.
question
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP? • Hashed shared secret • Certificate-based authentication • Three-way handshake • Mutual authentication
answer
Mutual authentication MS-CHAP v2 allows for mutual authentication, where the server authenticates to the client. Both CHAP and MS-CHAP use a three-way handshake process for authenticating users with usernames and passwords.
question
Which of the following identification and authentication factors are often well-known or easy to discover by others on the same network or system? • Biometric reference profile • Username • Password • PGP secret key
answer
Username
question
Which of the following is the strongest form of multi-factor authentication? • A password and a biometric scan • Two-factor authentication • A password, a biometric scan, and a token device • Two passwords
answer
A password, a biometric scan, and a token device A password, a biometric scan, and a token device together are the strongest form of multi-factor authentication listed here. Multifactor authentication is any combination of two or more of the same or different authentication factors. The three common authentication factor types are Something You Know (such as a password), Something You Have (such as a smart card or a token device), or Something You Are (such as a biometric quality like a fingerprint).
question
Which of the following is an example of two-factor authentication? • A fingerprint and a retina scan • A pass phrase and a PIN • A token device and a PIN • A username and a password
answer
A token device and a PIN Two-factor authentication uses two different types of authentication: • Type I (something you know, such as a password, PIN, pass phrase, or cognitive question) • Type II (something you have, such as a smart card, token device, or photo ID) • Type III (something you are, such as fingerprints, retina scans, voice recognition, or keyboard dynamics)
question
Which of the following is an example of three-factor authentication? • Smart card, digital certificate, PIN • Photo ID, smart card, fingerprint • Token device, keystroke analysis, cognitive question • Pass phrase, palm scan, voice recognition
answer
Token device, keystroke analysis, cognitive question Three-factor authentication uses three items for authentication: • Type I (something you know, such as a password, PIN, pass phrase, or cognitive question) • Type II (something you have, such as a smart card, token device, or photo ID) • Type III (something you are, such as fingerprints, retina scans, voice recognition, or keyboard dynamics)
question
Which of the following are examples of Type 2 authentication credentials? (Select two.) • Smart card • Photo ID • Handwriting analysis • PIN • Cognitive question • Voice recognition
answer
Smart card Photo ID • Type I (something you know, such as a password, PIN, pass phrase, or cognitive question) • Type II (something you have, such as a smart card, token device, or photo ID) • Type III (something you are, such as fingerprints, retina scans, voice recognition, or keyboard dynamics)
question
Match the authentication factor types on the left with the appropriate authentication factor on the right. Each authentication factor type can be used more than once. Drag Something you know Something you have Something you are Somewhere you are Something you do Drop PIN Smart card Password Retina scan Fingerprint scan Hardware token User name Voice recognition Wi-Fi triangulation Typing behaviors
answer
PIN => Something you know Smart card => Something you have Password => Something you know Retina scan => Something you are Fingerprint scan => Something you are Hardware token => Something you have User name => Something you know Voice recognition => Something you are Wi-Fi triangulation => Somewhere you are Typing behaviors => Something you do Something you know : • Passwords, codes, or IDs • PINs • Passphrases (long, sentence-length passwords) Something you have: • Swipe cards • Photo IDs • Smart cards • Hardware tokens Something you are: • Fingerprints • Hand topology (side view) or geometry (top-down view) • Palm scans • Retina scans • Iris scans • Facial scans • Voice recognition Somewhere you are (also known as geolocation): • An account is locked unless the user has passed through the building's entrance using an ID card. • If the user is within RFID range of the workstation, authentication requests are allowed. • GPS or Wi-Fi triangulation location data is used to determine a device's location. If the user and the device are in a specified location, authentication requests are allowed. If not, the device is locked. Something you do: • Analyzing a user's handwriting sample against a baseline sample before allowing authentication. • Analyzing a user's typing behaviors against a baseline sample before allowing authentication.
question
Which of the following protocols can be used to securely manage a network device from a remote connection?
answer
SSH SSH allows for secure interactive control of remote systems. SSH is a secure and acceptable alternative to Telnet.
question
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls? • L2TP • IPsec • PPTP • SSL • PPPoE
answer
SSL Ports must be opened in firewalls to allow VPN protocols. For this reason, using SSL for the VPN often works through firewalls when other solutions do not because SSL uses port 443--a port that is often already open to allow HTTPS traffic. In addition, some NAT solutions do not work well with VPN connections.
question
Which protocol does HTTPS use to offer greater security in Web transactions? • SSL • Username and password authentication • Kerberos • IPsec
answer
- SSL HTTPS uses Secure Sockets Layer (SSL) to offer greater security in Web transactions.
question
You can use a variety of methods to manage the configuration of a network router. Match the management option on the right with its corresponding description on the left. (Each option can be used more than once.) Drag Uses public-key cryptography Transfers data in clear text Cannot be sniffed Drop SSL HTTP SSH Telnet Console port
answer
SSL => Uses public-key cryptography SSH => Uses public-key cryptography HTTP => Transfers data in clear text Telnet => Transfers data in clear text Console port => Cannot be sniffed
question
Which security protocols use RSA encryption to secure communications over an untrusted network? (Select two.) • Transport Layer Security • Internet Security Association and Key Management Protocol • Secure Sockets Layer • Point-to-Point Tunneling Protocol
answer
Transport Layer Security (TLS) Secure Sockets Layer (SSL) Transport Layer Security (TLS) and its predecessor Secure Sockets Layer (SSL) are cryptographic protocols that secure communications over untrusted IP networks, such as the Internet, using RSA encryption. They use asymmetric cryptography to first verify the identity of both communicating parties and then to exchange a symmetric encryption key. This symmetric key is then used to encrypt data being sent between both hosts.
question
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.) • TLS • SSL • SMTP • HTTPS • SNMP
answer
TLS SSL Both Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are protocols that are used with other protocols to add security. In addition, Secure Shell (SSH) can be used to add security when using unsecure protocols. HTTPS is the secure form of HTTP that uses SSL.
question
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet? • SSH • Remote Desktop • SHTTP • SLIP
answer
SSH SSH (Secure Shell) is a secure and acceptable alternative to Telnet. SSH allows for secure interactive control of remote systems. SSH uses RSA public key cryptography for both connection and authentication. SSH uses the IDEA algorithm for encryption by default, but is able to use Blowfish and DES.
question
You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement? • DMZ • IDS • IPS • RADIUS • VPN concentrator
answer
VPN concentrator With a remote access VPN, a server on the edge of a network (called a VPN concentrator) is configured to accept VPN connections from individual hosts. Hosts that are allowed to connect using the VPN connection are granted access to resources on the VPN server or the private network.
question
A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization's order database. Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.) • Configure the browser to send HTTPS requests through the VPN connection. • Configure the VPN connection to use IPsec. • Configure the VPN connection to use PPTP. • Configure the VPN connection to use MS-CHAPv2. • Configure the browser to send HTTPS requests directly to the Wi-Fi network without going through the VPN connection.
answer
Configure the browser to send HTTPS requests through the VPN connection. Configure the VPN connection to use IPsec. It is generally considered acceptable to use a VPN connection to securely transfer data over an open Wi-Fi network. As long as strong tunneling ciphers and protocols are used, the VPN provides sufficient encryption to secure the connection, even though the wireless network itself is not encrypted. It is recommended that you use IPsec or SSL to secure the VPN, as these protocols are relatively secure. You should also configure the browser's HTTPS requests go through the VPN connection. To conserve VPN bandwidth and to improve latency, many VPN solutions automatically reroute Web browsing traffic through the client's default network connection instead of through the VPN tunnel. This behavior would result in HTTP/HTTPS traffic being transmitted over the unsecure open wireless network instead of through the secure VPN tunnel.
question
A VPN is used primarily for what purpose? • Allow the use of network-attached printers • Support the distribution of public Web documents • Allow remote systems to save on long distance charges • Support secured communications over an untrusted network
answer
Support secured communications over an untrusted network A VPN (Virtual Private Network) is used primarily to support secured communications over an untrusted network. A VPN can be used over a local area network, across a WAN connection, over the Internet, and even between a client and a server over a dial-up connection through the Internet. All of the other items listed in this question are benefits or capabilities that are secondary to this primary purpose.
question
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task? • NetBEUI • PPP • PPTP • SLIP
answer
PPTP PPTP is used with VPNs, which allow you to send data securely over a public network.
question
Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the Internet? (Select two.) • ICA • PPPoE • PPTP • VNC • L2TP
answer
PPTP L2TP Either PPTP (Point-to-Point Tunneling Protocol) or L2TP (Layer Two Tunneling Protocol) are two VPN (Virtual Private Networking) protocols that let you access your company's network through a public network such as the Internet. PPPoE is used for connecting to the Internet through an Ethernet connection to include authentication and accounting. VNC and ICA are remote desktop protocols used for remote administration or remote access of devices.
question
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.) • SSL • L2TP • EPS • AH • ESP
answer
AH: IP Authentication Header ESP: IPsec Encapsulating Security Payload. IPsec AH provides authentication and non-repudiation services to verify that the sender is genuine, and that the data has not been modified in transit. IPsec ESP provides data encryption services for the data within the packet. IPsec SSL and IPsec EPS are not protocols associated with IPsec.
question
Which of the following network layer protocols provides authentication and encryption services for IP based network traffic? • SSL • L2TP • TCP • IPsec
answer
IPsec IPsec is security implementation that provides security for all other TCP/IP based protocols that operate above the network layer. IPsec provides authentication through a protocol called IPsec Authentication Header (AH) and encryption services through a protocol called IPsec Encapsulating Security Payloads (ESP)
question
Which of the following statements about SSL VPN are true? (Select two.) • Encapsulates packets by adding a GRE header. • Provides message integrity using HMAC. • Uses port 443. • Uses UDP port 500. • Encrypts the entire communication session. • Uses pre-shared keys for authentication.
answer
Uses port 443. Encrypts the entire communication session. SSL VPN uses the SSL protocol to secure communications. SSL VPN: • Authenticates the server to the client using public key cryptography and digital certificates. • Encrypts the entire communication session. • Uses port 443, which is already open on most firewalls.
question
Which of the following can route Layer 3 protocols across an IP network? • PPTP • SSL • GRE • IPsec
answer
GRE Generic Routing Encapsulation (GRE) is a tunneling protocol that creates a tunnel between two routers. It does this by adding a GRE header and a new IP header to the original packet.
question
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file? • You will be the only one able to open the downloaded file. • Your copy is the same as the copy posted on the website. • You can prove the source of the file. • No one has read the file contents as it was downloaded.
answer
Your copy is the same as the copy posted on the website. A hash is a function that takes a variable-length string (message) and compresses and transforms it into a fixed-length value. Hashes ensure the data integrity of files and messages in transit. The sender and the receiver use the same hashing algorithm on the original data. If the hashes match, then the data can be assumed to be unmodified. Hashes do not ensure confidentiality (in other words, hashes are not used to encrypt data). Non-repudiation proves the source of a file, and is accomplished using digital signatures.
question
Which of the following networking devices or services prevents the use of IPsec in most cases? • Switch • Firewall • Router • NAT
answer
NAT IPsec cannot typically be used when static IP addresses are not used by both communication partners. NAT proxy performs network address translation on all communications. For this reason, the IP address seen for a system outside of the proxied network is not the real IP address of that system. This prevents the use of IPsec.
question
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? (Select two.) • Implement separation of duties • Conduct privilege escalation • Apply all patches and updates • Remove any backdoors • Change default account passwords
answer
Apply all patches and updates Change default account passwords
question
As the victim of a Smurf attack, what protection measure is the most effective during the attack? • Turning off the connection to the ISP • Updating your anti-virus software • Blocking all attack vectors with firewall filters • Communicating with your upstream provider
answer
Communicating with your upstream provider A simple phone call to request filtering on your behalf can weaken the effectiveness of a Smurf attack.
question
Which of the following attacks tries to associate an incorrect MAC address with a known IP address? • MAC flooding • Null session • Hijacking • ARP poisoning
answer
ARP poisoning ARP spoofing/poisoning associates the attacker's MAC address with the IP address of victim devices. When computers send an ARP request to get the MAC address of a known IP address, the attacker's system responds with its MAC address.
question
Which of the following best describes the Ping of Death exploit? • Partial IP packets with overlapping sequencing numbers • Sending multiple spoofed ICMP packets to the victim • An ICMP packet larger than 65,536 bytes • Redirecting echo responses from an ICMP communication
answer
An ICMP packet larger than 65,536 bytes
question
Which exploit seeks to maliciously re-associate the IP address of a legitimate network host with the MAC address of the attacker's computer. • ARP Poisoning • MAC Spoofing • IP Spoofing • Replay attack
answer
ARP Poisoning ARP spoofing (also known as ARP poisoning) uses spoofed ARP messages to associate a different MAC address with an IP address. ARP spoofing can be used to perform a man-in-the-middle attack.
