quiz/second half of network exam – Flashcards
Unlock all answers in this set
Unlock answersquestion
What is the main difference between RIP and RIPv2
answer
Rip is a classfull and RIPv2 is a classless protocol
question
Which protocol has a limit of 15 hops between any two networks?
answer
RIP
question
You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default rout has changed you need to make the change with the least amount of effort possible. What should you do?
answer
Manually reconfigure the default route to point to the new next hop router.
question
What terms are synonymous with or made possible with CIDR
answer
Classless VLSM (variable lenght subnet mask)
question
What routing protocol is classified as a balanced Hybrid routing protocol?
answer
EiGRP
question
A router is connected to network 192.168.1.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24. there is no default route configured on the router. The router receives a packet address to network 10.1.0.0/16. What will the router do with the packet?
answer
drop the packet
question
YOu have a network configured to use the OSPF routeing protocol. What describes the state when all OSPF routers have learned about all other routes in the network?
answer
convergence
question
RIP uses?
answer
hop counts as the cost metric
question
What routing protocols divides the network into areas, with all networks required to have an area 0?
answer
OSPF
question
Under which circumstance might you implement BGP on your company network and share routes with Internet router?
answer
It the network is connected to the Internet using multiple ISPs
question
What are the difference between OSPF and IS-IS
answer
OSPF requires and area 0, while IS-IS does not
question
What describes OSPF?
answer
OSPF is a classless link-state protocol.
question
YOu have a private network connected to the Internet. Your routers will not share routing information about you private network with Internet routers. Which of the following best describes the type of routing protocol you would use?
answer
IGP Interior Gateway Protocol
question
What information does the next hop entry in a routing table identify?
answer
The first router in the path to the destination network.
question
You manage a server that uses an IP address of 192,168,255.188 with a mask of 255.255.0.0. Which of the following describes the address type?
answer
classless
question
Which of the following is a characteristic of static routing when compared to dynamic routhing?
answer
all routes must be manually updated on the route.
question
a router is connected to network 192.128.1.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24. The next hop router for network 192.168.3.0/24 has changed. You nedd to make the change with the least amount of effort possible. What should you do?
answer
Wait for convergence to take place.
question
What routing rpotocols are classified as lin state routing protocols
answer
IS-IS OSPF
question
Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?
answer
BGP
question
You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com. What device would you use?
answer
DNS server
question
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. What protocol should you implement?
answer
DNS
question
What is the purpose of using subnets?
answer
Subnets divide an IP network into multiple network addresses.
question
Which of the following are frequencies defined by 802.11 committees for wireless networking?
answer
2.3GHz
question
You have been contracted by OsCorp to recommend a wireless Internet solution. The wireless strategy must support a transmission range of 150 feet, use a frequency range of 2.4GHz and provide the highest possible transmission speeds.
answer
802.11g
question
Which IEEE wireless standards specify transmission speeds up to 54Mbps
answer
802.11g 802.11a
question
You are designing a wireless network for a client. You client needs the network to support a data rate of at least 54Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz.
answer
802.11a
question
Which IEE standard describes wireless communication?
answer
802.11b
question
How many total channels are available for 802.11a?
answer
23
question
you are designing an update to your clients wireless network. The existing wireless network uses 803.11b equipment; which your client complains runs to slowly. She wants to upgrade the network to run at 54Mbps. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless network boards in her users' workstations. She has also indicated the the system must continue to function during the transition period. Which 802.11 standard will work best in the situation?
answer
802.11g
question
How many total channels are available for 802.11g wireless networks
answer
11
question
Which data transmission rate is defined by the IEEE 802.11b wireless standard
answer
11Mbps
question
What is the frequency fo 802.11a networking
answer
5.75GHz
question
All of the 802.11 standards for wireless networking support which type of communication path sharing technology?
answer
CSMA/CA carrier sense multiple access with collision avoidance system asks for permission to transmit a designated authority (hub, router, access point) grants access when the communication medium is free the system transmits data and waits for an ACK (acknowledgment) If no ACK is received the data is retransmitted
question
Polling
answer
is a mechanism where one system is labeled as the primary system. The primary system polls each secondary system in turn to inquire whether they have data transmit
question
Token passing
answer
is a mechanism that uses a digital pass card, only the system holding the token is allowed to communicate
question
CSMA/CD
answer
is the technology used by Ethernet: listens for traffice, if the line is clear it begins transmitting system listens for collisions no collision, the communication succeeds. if collision are detected, an interrupt jam signal is broadcast to stop all transmissions. Each system waits a random amount of time before re-transmission
question
In Virtualizaiton, what is the role of the hypervisor?
answer
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
question
Which component is most likely to allow physical and virtual machines to communicate with each other?
answer
Virtual switch allow multiple vitual servers to communicate on virtual network segments or the physical network
question
what protocol is used with VoIP
answer
SIP: session initiation protocol set up, maintain and teardown redirect call RTP: Real time protocol (packets contain the actual voice data:
question
What features is used with digital IP phones to supply power through a switch port?
answer
PoE Power over ethernet
question
What protocol is used by VoIP to set up, maintain, and terminate a phone call?
answer
SIP
question
you have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for you computer. What IP addresses could you assign to the computer?
answer
10.0.12.15 172.18.188.67 192.168.12.253
question
What is not one of the ranges of IP address defined in RFC 1918 that are commonly used behind a NAT server:
answer
169.254.0.1-169.254.255.254
question
what associates a port number with a host on a private network?
answer
PAT
question
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal web site. What should you use to allow access?
answer
Static NAT
question
Multicast
answer
224.0.0.0 to 239.255.255.255.
question
IGMP snooping on a switch
answer
allows the switch to control which ports get IGMP traffic for a specific group. With IGMP snooping, the switch identifies which ports include members of a specific multicast group. When a message is received for a group, the message is sent only to the ports that have a group member connected.
question
broadcasting,
answer
a single packet is sent to the broadcast address and is processed by all hosts.
question
paravirtualization
answer
hardware is not virtualized.
question
Network as a Service (NaaS)
answer
Network as a Service (NaaS) is similar to the offsite virtual network in that the servers and desktops are all virtualized and managed by a contracted third-party. Be aware of the following: NaaS virtualizes the entire network infrastructure; all physical wiring for the network is virtual and is run at the service provider's site. A basic network is implemented on the contracted site in order to get out to the service provider's site. Typically, all administration tasks of the network are handled by the service provider.
question
Signaling Method
answer
Frequency Hopping Spread Spectrum (FHSS) Direct-Sequence Spread Spectrum (DSSS)
question
Direct-Sequence Spread Spectrum (DSSS)
answer
The transmitter breaks data into pieces and sends the pieces across multiple frequencies in a defined range. DSSS is more susceptible to interference and less secure then FHSS.
question
Frequency Hopping Spread Spectrum (FHSS)
answer
FHSS uses a narrow frequency band and 'hops' data signals in a predictable sequence from frequency to frequency over a wide band of frequencies. Because FHSS shifts automatically between frequencies, it can avoid interference that may be on a single frequency. Hopping between frequencies also increases transmission security by making eavesdropping and data capture more difficult.
question
Ad hoc Topology
answer
An ad hoc network works in peer-to-peer mode. The wireless NICs in each host communicate directly with one another. An ad hoc network: Works in peer-to-peer mode without an access point (the wireless NICs in each host communicate directly with one another). Uses a physical mesh topology with a logical bus topology. Is cheap and easy to set up. Cannot handle a large number of hosts. Requires special modifications to reach wired networks. You will typically only use an ad hoc network to create a direct, temporary connection between two hosts.
question
Infrastructure Topology
answer
An infrastructure wireless network employs an access point (AP) that functions like a hub on an Ethernet network. With an infrastructure network: The network uses a physical star topology with a logical bus topology. You can easily add hosts without increasing administrative efforts (scalable). The access point can be easily connected to a wired network, allowing clients to access both wired and wireless hosts. The placement and configuration of access points require planning to implement effectively. You should implement an infrastructure network for all but the smallest of wireless networks.
question
Wireless networks use Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)
answer
to control media access and avoid (rather than detect) collisions. Collision avoidance uses the following process: The sending device listens to make sure that no other device is transmitting. If another device is transmitting, the device waits a random period of time (called a backoff period) before attempting to send again. If no other device is transmitting, the sending device broadcasts a Request-to-send (RTS) message to the receiver or access point. The RTS includes the source and destination, as well as information on the duration of the requested communication. The receiving device responds with a Clear-to-send (CTS) packet. The CTS also includes the communication duration period. Other devices use the information in the RTS and CTS packets to delay attempting to send until the communication duration period (and subsequent acknowledgement) has passed. The sending device transmits the data. The receiving device responds with an acknowledgement (ACK). If an acknowledgement is not received, the sending device assumes a collision and retransmits the affected packet. After the time interval specified in the RTS and CTS has passed, other devices can start the process again to attempt to transmit.
question
Wireless communication operates in half-duplex (shared, two-way communication)
answer
Devices can both send and receive, but not at the same time. Devices must take turns using the transmission channel. Typically, once a party begins receiving a signal, it must wait for the transmitter to stop transmitting before replying.
question
Devices on a wireless network include:
answer
A wireless NIC for sending and receiving signals. A wireless access point (AP) is the equivalent of an Ethernet hub. The wireless NICs connect to the AP, and the AP manages network communication. A wireless bridge connects two wireless APs into a single network or connects your wireless AP to a wired network. Most APs today include bridging features. Many wireless access points include ports (or hubs, switches, or routers) to connect the wireless network to the wired portion of the network.
question
Station (STA)
answer
An STA is a wireless network card (NIC) in an end device such as a laptop or wireless PDA. STA often refers to the device itself, not just the network card.
question
Access Point (AP)
answer
An access point (AP), sometimes called a wireless access point, is the device that coordinates all communications between wireless devices as well as the connection to the wired network. It acts as a hub on the wireless side and a bridge on the wired side. It also synchronizes the stations within a network to minimize collisions.
question
Basic Service Set (BSS)
answer
A BSS, also called a cell, is the smallest unit of a wireless network. All devices in the BSS can communicate with each other. The devices in the BSS depend on the operating mode: In an ad hoc implementation, each BSS contains two devices that communicate directly with each other. In an infrastructure implementation, the BSS consists of one AP and all STAs associated with the AP. All devices within the BSS use the same radio frequency channel to communicate.
question
Independent Basic Service Set (IBSS)
answer
An IBSS is a set of STAs configured in ad hoc mode.
question
Extended Service Set (ESS)
answer
An ESS consists of multiple BSSs with a distribution system (DS). The graphic above is an example of an ESS. In an ESS, BSSs that have an overlapping transmission range use different frequencies.
question
Distribution System (DS)
answer
The distribution system (DS) is the backbone or LAN that connects multiple APs (and BSSs) together. The DS allows wireless clients to communicate with the wired network and with wireless clients in other cells.
question
Service Set Identifier (SSID)
answer
he Service Set Identifier (SSID), also called the network name, groups wireless devices together into the same logical network. All devices on the same network (within the BSS and ESS) must have the same SSID. The SSID is a 32-bit value that is inserted into each frame. The SSID is case-sensitive. The SSID is sometimes called the ESS ID (Extended Service Set ID) or the BSS ID (Basic Service Set ID). In practice, each term means the same thing. Note: Using BSS ID to describe the SSID of a BSS is technically incorrect. Basic Service Set Identifier (BSSID)
question
Basic Service Set Identifier (BSSID)
answer
...
question
Basic Service Set Identifier (BSSID)
answer
The BSSID is a 48-bit value that identifies an AP in an infrastructure network or a STA in an ad hoc network. The BSSID allows devices to find a specific AP within an ESS that has multiple access points, and is used by STAs to keep track of APs when roaming between BSSs. The BSSID is the MAC address of the access point and is set automatically. Note: Do not confuse the BSSID with the SSID. They are not the same thing.
question
What type of virtualization completely simulates a real physical host
answer
Full virtualization
question
Wireless clients seem to take a long time to find the wireless access point You want to reduce the time it takes for the clients to connect
answer
Decrease the beacon interval
question
You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 personal with the strongest encryption method possible . SSID broadcast is turned on. What must you configure manually on the client
answer
preshared key AES
question
You adminster a network with windows 2000 and UNIX servers, and windows 2000 professional, windows 98 and macintosh clients. A user of Windows 98 computer calls you one day and says he is unable to access resources on the network. You type ipconfig on the user's computer and receive the following output: 0 Ethernet adapter: IP address........:169.254.1.17 Subnet Mask....:255.255.0.0 default Gateway: you also check you NIC and see the link light on. what might be the problem?
answer
Unavailable DHCP Server
question
You manage a network with two switches. The seitches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1 What should you configure to allow communication between these two devices through the switches?
answer
Trunking a trunk port is used to connect two switches together
question
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to /centralize remote access authentication and authorization. What is required part of your configuration?
answer
Configure the remote access servers as Radius clients
question
what are characterisitcs of TACACS+
answer
Allows for possible of three different servers, one each for authentication, authorizaiton, and accounting uses TCP
question
You have a small home wireless network that uses WEP. The access point is configured as the DHCP server and a NAT router that connects to the Internet. You do not have a RADIUS server. What authenticaiton method should you choose?
answer
Open
question
you have purchased a used wireless point and want to set up a small wireless network at home. The access point only supports WEP. You want to configure the most secure settings on the access point. Which of the following would you configure?
answer
Open authentication preshared Key
question
You need to configure a wireless network. You want to use WPA Enterprise. Which of the following components will be part of your design?
answer
TKIP encryption 802.1x
question
you have a small wireless network that uses multiple access points. The network currently uses WEP YOu want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop?
answer
SSID Preshared Key
question
On wireless networks, which technology is employed to provide the same type of protection that cables provide on a wired netwrork?
answer
WEP
question
On a wireless network that is employing WEP, which type of user is allowed to authenticate through the access points?
answer
users with the correct WEP key
question
What protocols or mechanisms is not used to proved security on a wireless network?
answer
RDP remote desktop protocol
question
You need to add security for your wireless network. You would like to use the most secure method
answer
WPA2
question
What specifications identify security that can be added to wireless networks?
answer
802.1x 802.11i
question
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
answer
On a RADIUS server
question
What wireless security methods uses a common shared key configured on the wireless access point and all wireless clients:
answer
WEP, WPA personal, WPA2 personal
question
you want to implement 802.1x authentication on you wireless network. What will be required?
answer
RADIUS
question
What encryption method isused by WPA for wireless networks?
answer
TKIP
question
You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want ot control access to the private network through a single server.
answer
VPN concentrator
question
What network layer protocol provides authentication and encryption services for IP based network traffic?
answer
IPsec
question
You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the internet in these locations. What protocol would be most likely to be allowed throught he wides number of firewalls?
answer
SSL
question
VPN is used primarily for what purpose
answer
Support secured communications over an untrusted network
question
You are in the middle of a big project at work. all of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer ate home. What protocol should you use?
answer
RDP, Remote desktop protocol
question
IPSec is implemented through two separate protocols. what are these protocols called?
answer
AH-provides authentication and non-repudiation services ESP provide data encryption services for the data packet
question
What protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet?
answer
PPTP L2TP VPN protocols that allow company access on a public Network
question
YOu want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. What protocol is suitable for this task?
answer
PPTP
question
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall?
answer
source address of a packet destination address of a packet Port number
question
You have recently installed a new Windows Server 2003 system. To ensure the accuracy of the system time, you have loaded an application that synchronizes the hardware clock on the server with an external time source on the Internet. Now you must configure the firewall on your network to allow time synchronization traffic through. What port are you most likely to open on the firewalls
answer
123
question
You have a router that is configured as a firewall. The router is a layer 3 device only. What does the router use for identifying allowed or denied packets?
answer
IP address
question
What network services or protocols use TCP/IP port 22
answer
SSH
question
You company uses a very fast internet connection and pays for a based on usage. You have been asked by the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance?
answer
Install a proxy server
question
You have accompany network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a web server publicly available to the Internet users.
answer
Use firewalls to create a DMZ. Place the web server inside the DMZ, and the private network behind the DMZ
question
What are characteristics of a circuit-level gateway?
answer
Filters based on sessions, and stateful makes decisions about which traffic to allow based on virtual circuits or sessions. A circuit-level proxy is considered a stateful firewall because it keeps track of the state of a session.
question
You want to install a firewall that can reject packets that are not part of an active session. What type of firewall should you use?
answer
Circuit-level
question
What functions are performed by proxies?
answer
Cache web pages block employees from accessing certain Web sites
question
after blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service what needs to be done
answer
open port 25 and allow SMTP
question
How does a proxy server differ from a packet filtering firewall?
answer
A proxy server operates at the Application layer, while the packet filters firewall operates at the network layer
question
Haley configures a web site using windows 2000 default values. what are the HTTP port and SSL port settings
answer
80- HTTP 443-SSL
question
You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers?
answer
Put the database server on the private network and the web server inside the DMZ
question
You administer a Web server on your network. The computer has multiple IP addresses: 192.168.23.2 to 192.168.23.24. The name of the computer is www.westsim.com. You configured the web site as follows: Ip add. 192.168.23.2 HTTP port: 1030 SSl POrt 443 users complain that they can't connect to the web site when they type it in . What is the likely source?
answer
The HTTP port should be changed to 80
question
You are configuring a firewall to allow access to a server hosted on the DMZ of your network. You open TCP/IP ports 80, 25, 110 and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?
answer
Web server email
question
What protocol and port number is used by TFTP?
answer
UDP 69
question
You are the administrator for a secure network that uses firewall filtering. several network users have requested to access Internet. Usenet groups fut are unable. What needs to be done to allow users to access news groups?
answer
Open port 119 to allow NNTP service
question
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from internet based attacks. What would you use?
answer
Host based firewall
question
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two server. What type of device should you use to create the DMZ
answer
Network based firewall
question
What does a router acting as a firewall use to control which packets are forwarded or dropped?
answer
ACL: access control list is configured with statements that identify traffic characteristics, such as the direction of traffic, the source or destination IP address and the port number
question
What measures are you most likely to implement in order to protect against a worm or trojan horse?
answer
Anti-viru software
question
What is a form a of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
answer
Smurf
question
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?
answer
Virus
question
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of what kind of attack
answer
denial of service
question
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transaction from occurring?
answer
Denial of service attack
question
Which of the following is the best countermeasure against man-in-the middles attacks?
answer
IPSEec
question
What statements about the use of anti-virus software is correct?
answer
Anti-virus software should be configured to download updated virus definition files as soon as they become available.
question
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
answer
Rogue access point
question
Users on your network report that they have received an e-mail stating that the company has just launched a new web site for employees, and to access the web site they need to go there and enter their username and password information. No one in your company has sent this e-mail. What type of attack is this?
answer
Phishing
question
You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You successfully restore all files from backup, but your boss is adamant the this situation does not reoccur. What do to do?
answer
Install a network virus detection software solution.
question
What are examples of social engineering?
answer
Dumpster diving should surfing
question
A smurf attack requires all but which of the following elements to be implemented?
answer
Padded cell
question
What is the primary countermeasure to social engineering?
answer
awareness
