Test 4
c. SSH supports port forwarding.
What statement regarding the SSH (Secure Shell) collection of protocols is accurate? a. SSH does not protect against IP spoofing. b. SSH provides a graphical view of the remote computer. c. SSH supports port forwarding. d. SSH does not protect against DNS spoofing.
a. Trivial FTP (TFTP)
Which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use? a. Trivial FTP (TFTP) b. FTP Secure (FTPS) c. File Transfer Protocol (FTP) d. Secure FTP (SFTP)
a. ip helper-address
On certain Cisco products, what command can be used to create and send helper messages that support several types of UDP traffic, including DHCP, TFTP a. ip helper-address b. set ip helper address c. ip new helper d. ip create helper server
c. FCS
The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field? a. FEC b. encryption c. FCS d. priority
d. OpenVPN
What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked? a. Layer 2 Tunneling Protocol (L2TP) b. Point-to-Point Tunneling Protocol (PPTP) c. Generic Routing Encapsulation (GRE) d. OpenVPN
a. Dynamic Multipoint VPN
What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels? a. Dynamic Multipoint VPN b. Dynamic SmartVPN c. Auto Switched VPN Service d. Symmetric VPN Autodial
c. 192.168.18.64
An IP address of 192.168.18.73/28 has what network ID? a. 192.168.16.0 b. 192.168.18.0 c. 192.168.18.64 d. 192.168.18.32
d. NAT mode
By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM? a. host-only mode b. lockdown mode c. bridged mode d. NAT mode
b. 172.16.0.0
Given a host IP address of 172.16.1.154 and a subnet mask of 255.255.254.0, what is the network ID for this host? a. 172.16.1.0 b. 172.16.0.0 c. 172.16.2.0 d. 172.0.0.0
c. 4 bytes
How large is the 802.1Q tag that is added to an Ethernet frame when using VLANs? a. 20 bytes b. 12 bytes c. 4 bytes d. 8 bytes
a. 65,536 subnets
How many subnets can a /48 site prefix support? a. 65,536 subnets b. 131,072 subnets c. 256 subnets d. 16384 subnets
c. SDN controller
In a software defined network, what is responsible for controlling the flow of data? a. SDN switch b. flow director c. SDN controller d. vRouter
d. The site prefix or global routing prefix.
In an IPv6 address, what do the first four blocks or 64 bits of the address represent? a. The usable host portion of the network. b. The MAC address of the router assigning the host ID. c. The broadcast domain for the configured host ID. d. The site prefix or global routing prefix.
d. key pair
The combination of a public key and a private key are known by what term below? a. key set b. key tie c. key team d. key pair
d. 802.1Q
What IEEE standard specifies how VLAN information appears in frames and how switches interpret that information? a. 802.1c b. 802.1d c. 802.1V d. 802.1Q
c. SaaS
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? a. XaaS b. IaaS c. SaaS d. PaaS
b. set native-vlan-id
What command will set the native VLAN on a Juniper switch port? a. switchport set native vlan b. set native-vlan-id c. config native vlan d. switchport trunk native vlan
d. Virtualization software increases the complexity of backups, making creation of usable backups difficult.
What is NOT a potential disadvantage of utilizing virtualization? a. Licensing costs can be high due to every instance of commercial software requiring a separate license. b. Multiple virtual machines contending for finite resources can compromise performance. c. Increased complexity and administrative burden can result from the use of virtual machines. d. Virtualization software increases the complexity of backups, making creation of usable backups difficult.
b. by device manufacturer
What is NOT one of the ways in which networks are commonly segmented? a. by device types b. by device manufacturer c. by geographic location d. by departmental boundaries
d. A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.
What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model? a. An organization wishes to gain access to applications through an online user interface, while maintaining compatibility across operating systems. b. A small organization needs to have high availability for their web server. c. An organization needs to have a hosted virtual network infrastructure for their services, which are run on virtual machines. d. A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.
a. VLAN 1001
When dealing with a Cisco switch, what is NOT one of the pre-established VLANs? a. VLAN 1001 b. VLAN 1003 c. VLAN 1 d. VLAN 1005
c. A smaller organization or business.
When using IPv6, what would a /64 network likely be assigned to? a. A very large organization. b. A regional Internet registry. c. A smaller organization or business. d. A large Internet service provider.
b. A VPN concentrator shuts down established connections with malicious traffic occurs.
Which of the following is NOT a task that a VPN concentrator is responsible for? a. A VPN concentrator authenticates VPN clients. b. A VPN concentrator shuts down established connections with malicious traffic occurs. c. A VPN concentrator establishes tunnels for VPN connections. d. A VPN concentrator manages encryption for VPN transmissions.
d. PPP can support strong encryption, such as AH or ESP.
Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate? a. PPP can negotiate and establish a connection between two endpoints. b. PPP can utilize an authentication protocol, such as MS-CHAPv2 or EAP to authenticate a client. c. PPP can support several Network layer protocols, such as IP, that might use the connection. d. PPP can support strong encryption, such as AH or ESP.
d. Install an additional switch to isolate traffic.
Which of the following suggestions can help prevent VLAN hopping attacks on a network? a. Install a router to process the untagged traffic on the VLAN. b. Disable auto trunking and move native VLANs to unused VLANs. c. Use MAC address filtering. d. Install an additional switch to isolate traffic.
b. router-on-a-stick
Which of the following terms is commonly used to describe a VLAN configuration in which one router connects to a switch that supports multiple VLANs? a. router overloading b. router-on-a-stick c. branched router d. router-on-a-branch
b. IaaS
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers? a. SaaS b. IaaS c. PaaS d. XaaS
a. It provides poor authentication and no encryption.
Why is the telnet utility a poor choice for remote access to a device? a. It provides poor authentication and no encryption. b. It does not allow for control of a computer remotely. c. It provides no mechanism for authentication. d. It cannot be used over a public WAN connection.
d. show vlan
You are working on a Cisco switch and need to learn what VLANs exist on the switch. Which command will list the current VLANs recognized by the switch? a. get vlans b. show vlandb c. list switch-vlans d. show vlan
b. 10.3.0.0/19
You have been tasked with the creation and design of a network that must support a minimum of 5000 hosts. Which network accomplishes this goal? a. 172.20.50.0/23 b. 10.3.0.0/19 c. 10.90.0.0/22 d. 192.168.0.0/20