ITC 330 Final
What four functions do all routers perform?
1. Connect dissimilar networks. 2. Interpret Layers 3 and 4 addressing and other information. 3. Determine the best path for data to follow. 4. Reroute traffic if a primary path is down but another path is available.
List two advantages to using virtualization on a network.
1. Efficient use of resources 2.) cost and savings 3.) fault and threat isolation 4.) simple backups, recovery, and replication
What is the network ID with CIDR notation for the IP address 172.16.32.108 whose subnet mask is 255.255.255.0?
172.16.32.0 /24
What size bonded channels do 802.11ac and 802.11ax support?
20, 40, 80, and 160 MHz
How many bits of a class A IP address are used for host information?
24
Suppose your company has leased one class C license, 120.10.10.0, and wants to sublease the first half of these IP addresses to another company. What is the CIDR notation for the subnet to be subleased? What is the subnet mask for this network?
255.255.255.128 /25
Which formulas can be used to calculate the magic number? Choose two.
256 - the interesting octet, 2^h - 2
What is the formula for determining the number of possible hosts on a network?
2^h - 2 = Z
Subnetting operates at the _____ layer while VLANs function at the _____ layer.
3, 2
What is the greatest number of bits you could borrow from the host portion of a class B subnet mask and still have at least 130 hosts per subnet?
8 bits
Which 802.11 standard functions in both the 2.4-GHz and 5-GHz bands?
802.11ax
Which IEEE standard determines how VLANs work on a network?
802.1Q
How can you create a private and secure connection with your cloud network over the Internet?
A VPN travels over an Internet connection to give direct and secure access to cloudresources.
A routing protocol's reliability and priority are rated by what measurement?
AD (Administrative distance)
Which of the following is not one of the AAA services provided by RADIUS and TACACS+?
Administration
Which of the following criteria can a packet-filtering firewall not use to determine whether to accept or deny traffic?
Application data
What is the primary difference between how WPA2-Personal and WPA2-Enterprise are implemented on a network?
Authentication with RADIUS on Enterprise
Which routing protocol does an edge router use to collect data to build its routing tables for paths across the Internet?
BGP
Which protocol replaced TKIP for WPA2?
CCMP
What type of adapters are required on servers in an FCoE storage network?
CNAs (Converged Network Adapters)
Which Carrier Sense technology is used on wireless networks to reduce collisions?
CSMA/CD
What are the two primary features that give proxy servers an advantage over NAT?
Content filtering and file caching
Which device would allow an attacker to make network clients use an illegitimate default gateway?
DHCP server
What area of a network can provide less stringent security so a web server is more accessible from the open Internet?
DMZ (demilitarized zone)
What specifications define the standards for cable broadband?
DOCSIS
Any traffic that is not explicitly permitted in the ACL is __________, which is called the _________.
Dropped, implicit deny
Which assignment technique requires a RADIUS server?
Dynamic VLAN assignment
Which 802.11X authentication protocol is often used by WLANs?
EAPoL
Why do wireless networks generally experience a greater reduction in throughput compared with wired networks?
Electromagnetic interference
Which function of WPA/WPA2 security ensures data cannot be read in transit?
Encryption
You just settled in for some study time at the local coffee shop, and you pause long enough to connect your smartphone to the Wi-Fi so you can listen to some music while you study. As you're about to sign in, you realize that you clicked on an SSID called "Free Coffee and Internet." What kind of security trap did you almost fall for?
Evil twin
When a router can't determine a path to a message's destination, where does it send the message?
Gateway of last resort
Give three examples of routing metrics used by routers to determine the best of various available routing paths.
Hop count, theoretical bandwidth, actual throughput
When shopping for a new router, what does the MTBF tell you?
How long devices like this one will last on average until the next failure
What software allows you to define VMs and manage resource allocation and sharing among VMs on a host computer?
Hypervisor
What's the essential difference between an IPS and an IDS?
IDS (intrusion detection system) creates alerts when suspicious activity happens.IPS (intrusion Prevention system) prevents traffic from reaching the network.
Which one of the following wireless transmission types requires a clear LOS to function?
IR
Which policy ensures messages are discarded when they don't match a specific firewall rule?
Implicit deny
What causes most firewall failures?
Incorrect configuration
What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack?
It doesn't perform any authentication
What is the purpose of an ACL when configuring CoPP?
It identifies relevent traffic for the CoPP policies
What protocol is most often used to bond ports between a switch and a busy server?
LACP (Link Aggregation Control Protocol)
Active Directory and 389 Directory Server are both compatible with which directory access protocol?
LDAP
Which of these cellular technologies offers the fastest speeds?
LTE-A
What is the lowest layer of the OSI model at which LANs and WANs support the same protocols?
Layer 3 (Network)
At what layer of the OSI model do proxy servers operate?
Layer 7
Which device can manage traffic to multiple servers in a cluster so all servers equally share the traffic?
Load balancer
What information does the switchport port-security command use to restrict access to a switch's interface?
MAC address
Where is an MPLS label inserted into a message's headers?
MPLS labels together are sometimes called a shim because of their placement between layer 2 and layer 3 information. For this reason, MPLS is sometimes said to belong to "layer 2.5."
On which networking device do you configure VLANs?
Managed switches
Which VLAN type would be the best fit for a company's web servers that need to be accessible from the Internet but should not be able to communicate with each other?
Management VLAN
With which network connection type does the VM obtain IP addressing information from its host?
NAT mode
What do well-chosen subnets accomplish?
Network documentation is easier to manage.
Which OSI layer is responsible for directing data from one LAN to another?
Network layer
Which cloud management technique executes a series of tasks in a workflow?
Orchestration
Which cloud service model gives software developers access to multiple platforms for testing code?
PaaS
List three IGPs (interior gateway protocols).
RIP, RIPv2, OSPF, IS-IS, EIGRP
When a wireless signal encounters a large obstacle with wide, smooth surfaces, what happens to the signal?
Reflection
You've just completed a survey of the wireless signals traversing the airspace in your company's vicinity, and you've found an unauthorized AP with a very strong signal near the middle of the 100-acre campus. Its SSID is broadcasting the name of a smartphone model. What kind of threat do you need to report to your boss?
Rogue AP
What kind of device can be used to configure and manage physical and virtual networking devices across the network?
SDN or Network controller
What information in a transmitted message might an IDS use to identify network threats?
Signature
What kind of device can monitor a connection at the demarc but cannot interpret data?
Smartjack
Which of the following features of a network connection between a switch and server is not improved by link aggregation?
Speed
What device must be installed on a DSL network to protect the sound quality of phone calls?
Splitter
What kind of route is created when a network administrator configures a router to use a specific path between nodes?
Static route
What method does a GSM network use to separate data on a channel?
TDMA
What kind of ticket is held by Kerberos's TGS?
TGT (Ticket-Granting Ticket)
Who is responsible for the security of hardware on which a public cloud runs?
The cloud provider
Which hexadecimal block in an IPv6 address is used for the Subnet ID?
The fourth one
Why would you need separate RA guard policies for network hosts and routers attached to a switch?
To ensure that RA messages are coming from a trusted router
Which of the following is not a good reason to segment a network?
To increase the number of networking devices on a network
Why do network administrators create domain groups to manage user security privileges?
To simplify the process of granting rights to users
Which type of switch connects all devices in a rack to the rest of the network?
ToR switch
What addresses does an 802.11 frame contain that an 802.3 frame does not?
Transmitter address and receiver address and sequence control
Which port mode on a switch enables that port to manage traffic for multiple VLANs?
Trunk
Which type of hypervisor is installed directly on top of the server's firmware?
Type 1 (bare metal) hypervisor
An attacker configures a VLAN frame with two tags instead of just one. The first tag directs the frame to the authorized VLAN. After the frame enters the first VLAN, the switch appropriately removes the tag, then discovers the next tag, and sends the frame along to a protected VLAN, which the attacker is not authorized to access. What kind of attack is this?
VLAN hopping attack
Which IP addressing technique subnets a subnet to create subnets of various sizes?
VLSM (variable-length subnet masks)
What virtual, logically defined device operates primarily at the data link layer to pass frames between nodes?
Virtual switch
List three transport methods that can be used to support an SD-WAN.
WAN connectivity methods, such as DSL, cable broadband, fiber broadband, leased line, MPLS, cellular, and satellite.
How does a vNIC get a MAC address without manual intervention?
When a vNIC is created in a VM it is automatically assigned a MAC address.
What kinds of issues might indicate a misconfigured ACL?
Wrong people being able to log in
Which of the following wireless technologies does not use the 2.4 GHz band?
Z-Wave
Which IP address expressed in CIDR notation has the subnet mask 255.255.255.0? a. 10.100.44.123/24 b. 172.16.88.222/16 c. 192.168.100.1/26 d. 172.29.111.201/18
a. 10.100.44.123/24
What information does the switchport port-security command use to restrict access to a switch's interface? a. MAC address b. Port number c. IP address d. Broadcast address
a. MAC address
As you're troubleshooting a dead zone in your office, which measurement will help you determine the edges of the dead zone? a. RSSI b. Channel c. EIRP d. Band
a. RSSI
Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address?
access-list acl_2 permit https any any
Which routing protocol does an edge router use to collect data to build its routing tables for paths across the Internet? a. RIPv2 b. BGP c. OSPF d. IP
b. BGP
What is the lowest layer of the OSI model at which wired and wireless transmissions share the same protocols? a. Layer 4 b. Layer 3 c. Layer 2 d. Layer 1
b. Layer 3
Which device can be used to increase network performance by caching websites? a. Firewall b. Proxy server c. IDS d. Security group
b. Proxy server
Which Wi-Fi encryption standard was designed to use AES encryption? a. WPA b. WPA2 c. WEP d. WEP2
b. WPA2
What command will ensure the configuration changes you made to a switch will persist after you restart the switch?
copy run start
To exchange information, two antennas must be tuned to the same ________.
frequency
You're setting up a home network for your neighbor, who is a music teacher. She has students visiting her home regularly for lessons and wants to provide Internet access for their parents while they're waiting on the children. However, she's concerned about keeping her own data private. What wireless feature can you configure on her AP to meet her requests?
guest networking
What feature of a site survey maps the Wi-Fi signals in your location?
heat map
When you list a router's routing table, one of the routes is labeled with an S. Which routing protocol was used to create this route?
it's a static route configured by a network administrator.
Only one _______ exists on a network using STP.
root bridge
What database does a router consult before determining the most efficient path for delivering a message?
routing table
Which principle ensures auditing processes are managed by someone other than the employees whose activities are being audited?
separation of duties
Which Cisco command lists configured VLANs on a switch?
show vlans
Which VLAN on a switch manages untagged frames?
the native VLAN
Signals traveling through areas in which many wireless communications systems are in use will exhibit a lower ______ due to the higher proportion of noise.
throughput
