chapter 7 SG

¡Supera tus tareas y exámenes ahora con Quizwiz!

A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model?

. Layer 2

Which statement regarding the use of a bridged mode vNIC is accurate?

. The vNIC will its own IP address on the physical LAN.

How is the CIA triad used to evaluate encryption methods?

?

Which of the following is NOT a task that a VPN concentrator is responsible for?

A VPN concentrator shuts down established connections when malicious traffic occurs.

At what layer of the OSI model does the IPsec encryption protocol operate?

Network layer

What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked?

OpenVPN

Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate?

PPP can support strong encryption, such as AH or ESP.

What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?

Saas

Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate

VNC is open source, allowing companies to develop their own software based on VNC

What is the PPP (Point-to-Point Protocol), and how does it work?

a data link layer communication protocol used to establish a direct connection between two nodes it connects two routers directly without any host or any other network device in between

What is the difference between a virtual firewall and a software firewall?

a virtual firewall can monitor virtual machines

By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM?

d. NAT mode

What term is used to describe a space that is rented at a data center facility by a service provider?

point of presence (PoP)

When deploying cloud services, what are some of the deployment models you might encounter?

public, private, community, hybrid

The use of certificate authorities to associate public keys with certain users is known by what term?

public-key infrastructure

All types of remote access techniques connecting to a network require at least one of what two different types of remote access server?

remote access server

In order to generate a public and private key for use with SSH, what command line utility should you use?

ssh-keygen

A community cloud is a service shared between multiple organizations, but not available publicly.

true

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.

true

Digital certificates are issued, maintained, and validated by an organization called a certificate authority (CA).

true

Office 365 is an example of an SaaS implementation with a subscription model.

true

PPP can support several types of Network layer protocols that might use the connection

true

The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol.

true

VMware Player and Linux KVM are both examples of what type of hypervisor?

type 2 hypervisor

What two different types of encryption can be utilized with IPsec?

Authentication Header and Encapsulating Security Payload

Why is the DTLS (Datagram Transport Layer Security) protocol used for streaming applications that need security?

DTLs relies on UDP instead of TCP which minimized delays however applications using DTLS must provide their own means of packets reordering flow control and reliability assurance

What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels?

Dynamic Multipoint VPN

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?

FCS

Which statement regarding the IKEv2 tunneling protocol is accurate?

IKEv2 offers fast throughput and good stability when moving between wireless hotspots.

Why is the telnet utility a poor choice for remote access to a device?

It provides poor authentication and no encryption.

The combination of a public key and a private key are known by what term below?

key pair

what type of scenario would be best served by using a Platform as a Service (PaaS) cloud model?

A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?

Citrix Xen

Which of the following virtualization products is an example of a bare-metal hypervisor

Citrix XenServer

What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?

IPsec

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?

IaaS

When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect?

In an authorization file on the host where the SSH server is.

In a software defined network, what is responsible for controlling the flow of data?

SDN controller

What statement regarding the SSH (Secure Shell) collection of protocols is accurate?

SSH supports port forwarding.

Which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use?

Trivial FTP (TFTP)

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?

VPN gateway

What is NOT a potential disadvantage of utilizing virtualization?

Virtualization software increases the complexity of backups, making creation of usable backups difficult.

When is it appropriate to utilize the NAT network connection type?

Whenever the VM does not need to be access at a known address by other network nodes.

A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor.

false

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.

false

FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the same protocol.

false

The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80.

false

What are some of the features that all cloud services usually have in common?

good for resource pooling and elasticity, self-service and on-demand services

How does public key encryption work?

if you have someone else's public key, you can send encrypted messages.

Describe the TLS/SSL handshake process as initiated by a web client accessing a secure website.

it allows the client and server to introduce themselves to each other and establishes turns for how they will securely exchange data


Conjuntos de estudio relacionados

APWH Chapter 9- The Expansion of Civilization in Southern Asia

View Set

Chapter 40: Mechanisms of Endocrine Control

View Set

Penny Q's - Musculoskeletal Imaging, Breast, and Superficial Structures

View Set

Lesson 3 Intrusion Detection Systems

View Set

Guarantee Exam Life and Health Insurance Texas

View Set