Fundamentals Networking Tech Chapter 7
Which of the following is NOT a task that a VPN concentrator is responsible for? a.A VPN concentrator establishes tunnels for VPN connections. b.A VPN concentrator authenticates VPN clients. c.A VPN concentrator shuts down established connections when malicious traffic occurs. d.A VPN concentrator manages encryption for VPN transmissions.
A VPN concentrator shuts down established connections when malicious traffic occurs.
Amazon and Rackspace both utilize what virtualization software below to create their cloud environments? a.VMware vSphere b.Oracle VirtualBox c.Parallels d.Citrix Xen
Citrix Xen
A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor. True False
False
After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel. True False
False
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers? a.IaaS b.SaaS c.PaaS d.XaaS
IaaS
Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate? a. VNC uses the Remote Desktop Protocol (RDP). b. VNC is open source, allowing companies to develop their own software based on VNC. c. VNC is a standard developed by Microsoft and used by Windows Remote Desktop. d. VNC is faster than Remote Desktop, and requires less network bandwidth.
VNC is open source, allowing companies to develop their own software based on VNC.
What statement regarding the SSH (Secure Shell) collection of protocols is accurate? a.SSH does not protect against DNS spoofing. b.SSH supports port forwarding. c.SSH does not protect against IP spoofing. d.SSH provides a graphical view of the remote computer.
SSH supports port forwarding.
What statement regarding the SSH (Secure Shell) collection of protocols is accurate? a.SSH provides a graphical view of the remote computer. b.SSH supports port forwarding. c.SSH does not protect against DNS spoofing. d.SSH does not protect against IP spoofing.
SSH supports port forwarding.
At what layer of the OSI model does the IPsec encryption protocol operate? a.Physical layer b.Network layer c.Application layer d.Transport layer
Network layer
What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked? a.Generic Routing Encapsulation (GRE) b.Layer 2 Tunneling Protocol (L2TP) c.OpenVPN d.Point-to-Point Tunneling Protocol (PPTP)
OpenVPN
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? a. SaaS b. IaaS c. XaaS d. PaaS
SaaS
A community cloud is a service shared between multiple organizations, but not available publicly. True False
True
An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models. True False
True
Digital certificates are issued, maintained, and validated by an organization called a certificate authority (CA). True False
True
Office 365 is an example of an SaaS implementation with a subscription model. True False
True
PPP can support several types of Network layer protocols that might use the connection. True False
True
The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol. True False
True
VMware Player and Linux KVM are both examples of what type of hypervisor? a.bare-metal hypervisor b.Type 2 hypervisor c.Type 1 hypervisor d.barebones hypervisor
Type 2 hypervisor
Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate? a.VNC is a standard developed by Microsoft and used by Windows Remote Desktop. b.VNC is faster than Remote Desktop, and requires less network bandwidth. c.VNC uses the Remote Desktop Protocol (RDP). d.VNC is open source, allowing companies to develop their own software based on VNC.
VNC is open source, allowing companies to develop their own software based on VNC.
Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate? a.VNC is open source, allowing companies to develop their own software based on VNC. b.VNC uses the Remote Desktop Protocol (RDP). c.VNC is faster than Remote Desktop, and requires less network bandwidth. d.VNC is a standard developed by Microsoft and used by Windows Remote Desktop.
VNC is open source, allowing companies to develop their own software based on VNC.
The combination of a public key and a private key are known by what term below? a.key set b.key pair c.key team d.key tie
key pair
What term is used to describe a space that is rented at a data center facility by a service provider? a.point of presence (PoP) b.locally exchanged data point (ledp) c.central service point (CSP) d.service location (SL)
point of presence (PoP)
The use of certificate authorities to associate public keys with certain users is known by what term? a.symmetric identification b.certified infrastructure c.public-key organization d.public-key infrastructure
public-key infrastructure
In order to generate a public and private key for use with SSH, what command line utility should you use? a.ssh-newkey b.key-generate c.gpg --ssh d.ssh-keygen
ssh-keygen
What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels? a.Auto Switched VPN Service b.Symmetric VPN Autodial c.Dynamic SmartVPN d.Dynamic Multipoint VPN
Dynamic Multipoint VPN
The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field? a.FEC b.FCS c.encryption d.priority
FCS
FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the same protocol. True False
False
The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80. True False
False
When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect? a.In an authorization file on the host where the SSH server is. b.In the /etc/ssh/keys folder. c.In the /var/run/ssh/public folder. d.In an authorization file under your home directory on your computer.
In an authorization file on the host where the SSH server is.
When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect? a.In the /etc/ssh/keys folder. b.In an authorization file on the host where the SSH server is. c.In an authorization file under your home directory on your computer. d.In the /var/run/ssh/public folder.
In an authorization file on the host where the SSH server is.
Why is the telnet utility a poor choice for remote access to a device? a.It cannot be used over a public WAN connection. b.It does not allow for control of a computer remotely. c.It provides no mechanism for authentication. d.It provides poor authentication and no encryption.
It provides poor authentication and no encryption.
A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model? a. Layer 4 b. Layer 2 c. Layer 7 d. Layer 1
Layer 2
By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM? a.NAT mode b.bridged mode c.lockdown mode d.host-only mode
NAT mode
What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model? a.A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides. b.A small organization needs to have high availability for their web server. c.An organization wishes to gain access to applications through an online user interface, while maintaining compatibility across operating systems. d.An organization needs to have a hosted virtual network infrastructure for their services, which are run on virtual machines.
A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.
Which of the following virtualization products is an example of a bare-metal hypervisor? a.VirtualBox b.Linux KVM c.VMware Player d.Citrix XenServer
Citrix XenServer
Which statement regarding the IKEv2 tunneling protocol is accurate? a.IKEv2 is based on technology developed by Cisco and standardized by the IETF. b.IKEv2 offers fast throughput and good stability when moving between wireless hotspots. c.IKEv2 is an open-source VPN protocol that utilizes OpenSSL for encryption. d.IKEv2 is an older, Layer 2 protocol developed by Microsoft that encapsulates VPN data frames.
IKEv2 offers fast throughput and good stability when moving between wireless hotspots.
What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission? a. IPsec b. TLS c. SSL d. L2TP
IPsec
Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate? a.PPP can utilize an authentication protocol, such as MS-CHAPv2 or EAP to authenticate a client. b.PPP can negotiate and establish a connection between two endpoints. c.PPP can support strong encryption, such as AH or ESP. d.PPP can support several Network layer protocols, such as IP, that might use the connection.
PPP can support strong encryption, such as AH or ESP.
In a software defined network, what is responsible for controlling the flow of data? a. vRouter b. SDN controller c. SDN switch d. flow director
SDN controller
Which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use? a.Secure FTP (SFTP) b.FTP Secure (FTPS) c.Trivial FTP (TFTP) d.File Transfer Protocol (FTP)
Trivial FTP (TFTP
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites? a.VPN proxy b.VPN server c.VPN transport d.VPN gateway
VPN gateway
What is NOT a potential disadvantage of utilizing virtualization? a.Multiple virtual machines contending for finite resources can compromise performance. b.Virtualization software increases the complexity of backups, making creation of usable backups difficult. c.Increased complexity and administrative burden can result from the use of virtual machines. d.Licensing costs can be high due to every instance of commercial software requiring a separate license.
Virtualization software increases the complexity of backups, making creation of usable backups difficult.
When is it appropriate to utilize the NAT network connection type? a.Only when the VM requires an IP address on the physical LAN. b.Only if the VM does not need to communicate with the host PC. c.Only if the VM is intended for VM-to-host communications. d.Whenever the VM does not need to be access at a known address by other network nodes.
Whenever the VM does not need to be access at a known address by other network nodes.