Chapter 9
C
21) A company receives its domain name from ________. A) IETF B) its ISP C) a domain registrar D) its parents
B
22) In SNMP, the manager communicates directly with a(n) ________. A) managed device B) agent C) object D) access point
A
23) Which of the following would be an SNMP object? A) number of rows in routing table B) a managed switch C) both A and B D) neither A nor B
C
24) Which of the following would be an SNMP object? A) number of rows in routing table B) system uptime (since last reboot) C) both A and B D) neither A nor B
B
25) In SNMP, companies are often reluctant to use ________ commands because of security dangers. A) Get B) Set C) trap D) request
D
54) IP is reliable because of ________. A) echo and echo reply messages B) error advisement messages C) both A and B D) neither A nor B
A
55) To see if a target host can be reached, you normally would send it an ICMP ________ message. A) echo request B) error advisement C) either A or B D) neither A nor B
A
56) Pinging is to send ICMP ________ messages to the target host. A) echo request B) error advisement C) ping D) echo
C
6) You have a 20-bit network part and a 4-bit subnet part. How many hosts can you have per subnet? A) 14 B) 16 C) 254 D) none of the above
B
7) ________ is the process of presenting external IP addresses that are different from internal IP addresses used within the firm. A) DNS B) NAT C) DHCP D) none of the above
B
8) In NAT, the ________ creates new external source IP addresses and port numbers. A) router B) firewall C) source host D) destination host
A
9) NAT enhances security by ________. A) preventing sniffers from learning internal IP addresses B) encryption C) both A and B D) neither A nor B
D
1) If your subnet part is 8 bits long, you can have ________ subnets. A) 64 B) 128 C) 256 D) 254
C
10) Which of the following can be used within a firm? A) private IP addresses B) public IP addresses C) both A and B D) neither A nor B
A
11) Which of the following is a private IP address range? A) 10.x.x.x B) 128.171.x.x C) both A and B D) neither A nor B
C
12) Which of the following is true about NAT? A) It can enhance security. B) It presents problems for some protocols. C) both A and B D) neither A nor B
C
13) The domain name system ________. A) is a way to find a host's IP addresses if your computer only knows the host's host name B) is a general naming system for the Internet C) both A and B D) neither A nor B
B
14) ________ is a general naming system for the Internet. A) NAT B) DNS C) DHCP D) Dotted decimal notation
D
15) In DNS, a group of resources under the control of an organization is called a ________. A) network B) subnet C) scope D) domain
B
16) ".com" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
B
17) ".edu" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
B
18) Most corporations wish to have ________ domain names. A) top-level B) second-level C) third-level D) none of the above
A
19) The highest-level DNS servers are called ________. A) root servers B) top-level servers C) both A and B D) neither A nor B
C
2) In IP subnet planning, you need to have at least 130 subnets. How large should your subnet part be? A) 6 B) 7 C) 8 D) none of the above
D
20) How many DNS root servers are there? A) 1 B) 2 C) 10 D) 13
A
26) SNMPv1 uses ________ for authentication. A) community names B) digital certificates and digital signatures C) a different password for each manager-agent pair D) all of the above
C
27) SNMPv3 uses ________ for authentication. A) community names B) digital certificates and digital signatures C) a different password for each manager-agent pair D) all of the above
B
28) IPsec protects ________ layer messages. A) data link B) application C) both A and B D) neither A nor B
B
29) In tunnel mode, IPsec provides protection ________. A) all the way between the two hosts B) only between the IPsec servers C) both A and B D) neither A nor B
A
3) If you have a subnet part of 7 bits, how many subnets can you have? A) 126 B) 254 C) 510 D) none of the above
A
30) IPsec provides protection in two modes of operation; one of these two modes is ________. A) transport mode B) data link mode C) network mode D) 802.1X mode
A
31) The main limit of IPsec tunnel mode protection compared to transport mode protection in IPsec is ________. A) protection over only part of the route B) higher cost C) both A and B D) neither A nor B
A
32) Which mode of IPsec may be more expensive if a company has a large number of computers? A) transport mode B) tunnel mode C) Both A and B are equally expensive.
B
33) The main disadvantage of transport mode protection compared to tunnel mode protection in IP is ________. A) that it provides protection over only part of the route B) higher cost C) both A and B D) neither A nor B
A
34) Client PCs must have digital certificates in ________. A) transport mode B) tunnel mode C) both A and B D) neither A nor B
C
35) IPsec is used for ________ VPNs. A) remote-access B) site-to-site C) both A and B D) neither A nor B
D
36) In IPsec, agreements about how security will be done are called ________. A) tranches B) security contracts C) service-level agreements D) security associations
A
37) Which of the following standards permits central management? A) IPsec B) SSL/TLS C) both A and B D) neither A nor B
A
38) Which is less expensive to implement? A) SSL/TLS B) IPsec C) Both cost about the same to implement.
B
39) Which has stronger security? A) SSL/TLS B) IPsec C) Both have about equal security.
D
4) Your firm has an 8-bit network part. If you need at least 250 subnets, what must your subnet part size be? A) 5 B) 6 C) 7 D) 8
B
40) If a host is to be able to communicate via IPv4 and IPv6, it is said to ________. A) be bilingual B) have a dual-stack C) be IPv6-ready D) be IP-agile
B
41) Today, it can be problematic to have only a single IPv6 stack because ________. A) a single IPv4 stack is out of date B) a single IPv6 stack could not communicate with a single IPv4 stack C) a dual stack has become a common solution D) all of the above
C
42) Which is NOT one of the three parts of a public IPv6 unicast address? A) subnet ID B) routing prefix C) host part D) All of the above are parts in a public IPv6 unicast address.
A
43) The routing prefix in IPv6 is like the ________ part in an IPv4 address. A) network B) subnet C) host D) both A and B
B
44) If the subnet ID in an IPv6 address is 32 bits, how long is the routing prefix? A) 16 bits B) 32 bits C) 64 bits D) none of the above
B
45) The part of an IPv6 global unicast address that designates the host is called the ________. A) host part B) interface ID C) routing prefix D) none of the above
B
46) In an IPv6 global unicast address, the interface ID is ________ bits long. A) 32 B) 64 C) 128 D) It varies.
A
47) The IEEE calls 64-bit interface addresses ________. A) Extended Unique Identifiers B) Interface IDs C) MAC addresses D) half-IP
C
48) A step in creating an EUI-64 is dividing a 48-bit MAC address in half and inserting ________ in the center. A) the interface ID B) the subnet ID C) fffe D) 0000
A
49) Dynamic ________ protocols allow routers to transmit routing table information to one another. A) routing B) transport C) synchronization D) none of the above
D
5) Your firm has an 8-bit network part and an 8-bit subnet part. How many hosts can you have per subnet? A) 126 B) 254 C) 534 D) 65,534
A
50) A company is free to select whatever ________ dynamic routing protocol it wishes. A) interior B) exterior C) both A and B D) neither A nor B
B
51) Which of the following can route non-IP packets? A) OSPF B) EIGRP C) both A and B D) neither A nor B
A
52) ________ is an interior dynamic routing protocol. A) OSPF B) BGP C) both A and B D) neither A nor B
D
53) ________ is used for supervisory messages at the internet layer. A) TCP B) DNS C) DHCP D) ICMP