Testout Networking Chapter 15
consider the following log message from a router: *Aug 8 11:18:12.081:%LINEPROTO-5-UPDOWN: line protocol on interface FastEthernet 0/0, changed state to down what facility generated this? -%LINEPROTO -5- -FastEthernet -UPDOWN
-%LINEPROTO
You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: A 4U redundant power supply A 4U server A 4U switch A 2U router Which of the following equipment will also fit in this rack along with the above equipment? -4U firewall -2U UPS -3U server -4U UPS
-2U UPS
mobile devices can be tracked, arrange these technologies in order of most accurate to least accurate top to bottom -wi-fi triangulation -cell phone tower triangulation -IP address resolution -GPS
-GPS -Wi-Fi triangulation -cell tower triangulation -IP address resultion
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. you think you have the problem resolved, but you would like to be able to manage the server remotely in case more issues occur Which of the following protocols would you use for remote management? select two -PPTP -PPP -L2TP -ICA -VNC -PPPoE
-ICA -VNC
You are adding a new rack to your data center, which will house five new blade servers. The new servers will be installed in a cluster that will host a customer tracking database. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to connect each new server to the switch in the existing rack using straight-through UTP cables that will be run along the floor around the perimeter of the data center. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work? -No. you should not run a cable across the floor of the data center. -Yes. this configuration complies with data center best practices. no. you must implement the UPS and power supplies to the rack externally. -no. you should not use blade servers for virtualization -no. you must use a cross-over cable to connect the two switches together
-No. you should not run a cable across the floor of the data center.
Which of the following protocols or services would you associate with windows remote desktop services network traffic? -RDP -WPA -NNTP -WTSP
-RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use? -FTP -RDP -SSH -Telnet -TFTP
-RDP
Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze data from a central network host. What protocol will the software use to detect the problem? -SNMP -SMTP -TCP/IP -IPX -The primary protocol of your network
-SNMP
Which protocol uses traps to send notifications from network devices? -SMTP -IMAP4 -SNMP -IGMP -ICMP
-SNMP
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do? -add a humidifier to the server room -add a dehumidifier to the server room -add a separate A/C unit in the server room -add line conditioners in the server room
-add a separate A/C unit in the server room
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem? -packet sniffer -throughput tester -load tester -application log
-application log
which of the following is the best recommendation for applying hot-fixes to your servers? -apply only the hotfixes that apply to software running on your systems -wait until a hotfix becomes a patch and then apply it -apply all hotfixes before applying the corresponding service pack -apply hotfixes immediately as they are released
-apply only the hotfixes that apply to software running on your systems
You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.) -change the default administrative user name and password. -use encrypted type 7 passwords. -use an SSH client to access the router configuration -use TFTP to back up the router configuration to a remote location -use a web browser to access the router configuration using an HTTP connection
-change the default administrative user name and password. -use an SSH client to access the router configuration
Beside protecting a computer from under-voltages, a typical UPS also performs what 2 actions? -conditions the power signal -protects from over-voltages -prevents from electric shock -prevents ESD
-conditions the power signal -protects from over-voltages
Which of the following enterprise wireless configuration strategies best keeps publis wireless access seperate from private wireless access? -deploy independant stand-alone access points throughout your enterprise and configure each to use the same SSID, the same chanel, and the same IP subnet -implement MAC address filtering to restrict connections to the private access point only to MAC addresses that are explicitly allowed. -configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point. -establish shared key authentication that uses one passphrase for guest users and another passphrase for private users
-configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point.
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this? -connect one server to the internet through a different ISP -on each server, add a second network connection to the internet. -reconfigure the disk array in RAID 1 +0 configuration. -on each server add a second network connection to connect the server to the shared storage device.
-connect one server to the internet through a different ISP
which of the following functions can a port scanner provide? -automatically close open ports on the network. -determining which ports are open to a network -testing virus definition designs for false positives -auditing IPsec encryption algorithm configuration
-determining which ports are open to a network
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive date on them. To precent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users mobile devices. What should you do? select two -join each device to your organizations domain -perform a clean install of the mobile operating system on each users device. -download and install the itune client software on the mobile device -configure mobile device security policies using gpedit.msc -enroll the devices with the inTune service
-download and install the itune client software on the mobile device -enroll the devices with the inTune service
Your organization has recently purchases 20 tablets devices for the Human Resources department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (select 2) -configure a group policy object (GPO) containing mobile device-specific security settings -join the devices to your organization's domain -install the devices in your organizations directory service tree -enable device encryption -implement storage segmentation
-enable device encryption -implement storage segmentation
which of the following are improvements to SNMP that are included within SNMP version 3(select 2) -hashing of the community name -encryptionof SNMP messages -use of SFTP for transferring SNMP data -authentication for agents and managers
-encryptionof SNMP messages -authentication for agents and managers
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? select two -enroll the devices in a mobile device management system. -manually configure security settings using the local group policy editor program. -configure and apply security policy settings in a mobile device management system -link the group policy object to the container where the tablets' computer objects reside. -Join the tablets to your domain -Configure security settings in a group policy object
-enroll the devices in a mobile device management system. -configure and apply security policy settings in a mobile device management system
You are concerned about attacks directed against the firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use? -system log -load tester -packet sniffer -throughput tester -event log
-packet sniffer
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use? -IDS -Throughput tester -packet sniffer -port scanner -IPS
-packet sniffer
your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them to increase the security of these devices, you want to apply a default set of security related configuration settings. What is the best approach to take to accomplish this? (select 2, each is a part of a complete solution) -enroll the devices in a mobile device management system. -join the tablets to a windows domain -configure and apply security policy settings in a mobile device management system. -configure and distribute security settings in a configuration profile. -require users to install the configuration profile -configure security settings in a group policy object
-enroll the devices in a mobile device management system. -configure and apply security policy settings in a mobile device management system.
You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use? -packet sniffer -event log -throughput tester -load tester
-event log
Which of the following are reasons to use a protocol analyzer? (select 2) -find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS -identify users that are connecting to unauthorized websites. -simulate a large number of client connections to a website. -identify when a network is slow -measure the amount of data that can be transferred through a network
-find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS -identify users that are connecting to unauthorized websites.
You have heard about a Trojan horse program where the compromised systems sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor? -system -application -firewall -security
-firewall
which of the following terms describes a windows operating system oatch that corrects a specific problem and is released on a short term, periodic basis (typically monthly)? -hotfix -service pack -kernel fix kit -targeted software patch
-hotfix
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls so that only paying patrons are allowed to use the wireless network. she wants the to be presented with a login page when they initially connect to the wireless network. after entering a code provided by the concierge at check-in, they should then be allowed full access to the internet. Under no circumstances should patrons be able to access the actual network. What should you do? -implement MAC address filtering -implement a guest network -implement 802.1x authentication using a RADIUS server -implement pre-shared key authentication
-implement a guest network
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do? -combine SNMP with SSL -implement a RADIUS solution -implement version 3 of SNMP -use SSH instead of SNMP
-implement version 3 of SNMP
You have been hired by a startup company to install a new data center. The company is small, so they will elect to use an unused employee break room as the data center. You are concerned about truth physical security of the servers that will be installed in the data center. what should you do? select two -install a biometric lock on the data center door. -install racks with locking doors -install two-post 48U racks -install two-post 24U racks -install a humidifier in the data center
-install a biometric lock on the data center door. -install racks with locking doors
you have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. the solar panel array captures sunlight and stores it in DC batteries the power supplies in the servers, switches, and routers in your data center require alternating current (AC) which electrical device should you use to convert the power? -capacitor -inverter -transistor -transformer
-inverter
Which of the following statements is true? a system image backup: -is saved as a .vhd file. -does not include user profile settings. -is the only type of backup supported by the backup and restore console. -can be saved to a bitlocker-enabled volume
-is saved as a .vhd file.
You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use? -system log -load tester -baseline -throughput tester -event log
-load tester
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. the hub is connected to the same switch that is connected to the router When you run the software, you only see frames addressed to 4 workstation and not other devices. Which feature should you configure? -promiscuous mode -mirroring -spanning tree -bonding
-mirroring
Which of the following media types can you save backup files on? (select 2) -tape drives -network attached storage (NAS) -the system disk -external hard drives
-network attached storage (NAS) -external hard drives
Your 24U rack currently houses two 4U server systems. To prevent overheating, yo've installed a rock-mounted environment monitoring device within the rack. Currently, the device shows the temp within the rack to be 79 degrees. what should you do? -nothing, the temperature within the racks is within acceptable limits. -install an additional air conditioning unit for the server room. -re-orient the cold aisle within the server room so that it is directed toward the air conditioners return duct -install a humidifier to increase humidity in the server room
-nothing, the temperature within the racks is within acceptable limits.
crazy long one... select 3 -one cyclic redundancy check error has occured -the interface is dropping incoming packets -several collisions have occurred -no input or output errors have occured
-one cyclic redundancy check error has occured -the interface is dropping incoming packets -several collisions have occurred
You suspect that your web server has been the target of a denial-of-service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine? -security -system -performance -firewall
-performance
You maintain the network for an industrial manufacturing company. you are concerned about the dust in the area getting into server components and affecting the availability of the network which of the following should you implemment? -line conditioner -negative pressure system -UPS -positive pressure system -backup generator
-positive pressure system
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure? -bonding -promiscuous mode -mirroring -spanning tree
-promiscuous mode
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use? -protocol analyzer -TDR -Multimeter -certifier -toner probe
-protocol analyzer
In addition to performing regular backups, what must you do to protect your system from data loss.? -regularly test restoration procedures -store the backup media in an on-site fireproof vault -write-protect all backup media -restrict restoration privileges to system administrators
-regularly test restoration procedures
A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device? -GPS -TPM -remote wipe -screen lock
-remote wipe
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do? -manually set the MAC address of host C to the MAC address of host A -run the packet sniffer application on host B -configure the default gateway address on hosts A and B with the IP address of host C -connect hosts A and B together on the same switch port through the hub.
-run the packet sniffer application on host B
Which of the following mobile device security consideration disables the ability to use the device after a short period of inactivity? -TPM -screen lock -GPS -remote wipe
-screen lock
You are considering using WIFI triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system? -wireless encryption in use -WAP placement -wireless standard in use -signal strength
-signal strength
Your organization's security policy specifies that, regardless of ownership, and mobile device that connects to your internal network must have remote wipe enabled. If the device is lost or stolen, then it must be wiped to remove and sensitive data from it. which of the following should you implement to ensure data can be remotely wiped, while preserving personal data? -asset tracking and inventory control -lockout or screen lock -storage segmentation -reporting system
-storage segmentation
Which of the following is the least effective power loss protection for computer systems? -uninterruptible power supply -backup generator -surge protector -secondary power source
-surge protector
each of the following are tools used to check the health of a network. which of these is typically used for managing and sendingmesage from one computer system to another? -load tester -packet sniffer -protocol analyzer -syslog
-syslog
which of the following is a standard for sending log messages to a centralized logging server? -OVAL -syslog -LC4 -Nmap
-syslog
You have recently experienced a security incident with one of your servers. After some research, you determine that hotfix #568994 that has recently been released would have protected the server. Which of the ff. recommendations should you follow when applying the hotfix? -apply the hotfix immediately to the server; apply the hotfix to the other devices only as the security threat manifests itself. -test the hotfix, the apply it to the server that had the problem -test the hotfix, then apply it to all servers -apply the hotfix immediately to all servers
-test the hotfix, then apply it to all servers
Which of the following is not a reason to wipe a mobile device? -the device is locked, and someone has entered multiple incorrerct entries of the password PIN. -the devices is being assigned to another used -The device is stolen or lost -the device is inactive for a period of time
-the device is inactive for a period of time
You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configurations? select two -the rear of your servers should face the hot aisle. -the hot aisle should face the air conditioners output ducts -the front of your servers should face the cold aisle -the front of your servers shuold face the hot aisle -the rear of you servers should face the cold aisle -the cold aisle should face the air conditioners return duct
-the rear of your servers should face the hot aisle. -the front of your servers should face the cold aisle
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use? -baseline -packet sniffer -throughput tester -load tester
-throughput tester
Why should you store backup media offsite? -to prevent the same disaster from both the network and backup media -to comply with government regulations -to make the restoration process more efficient -to reduce the possibility of theft
-to prevent the same disaster from both the network and backup media
You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do? -consolidate network resources down to one or two switches -use syslog to implement centralized logging -use a remote access utility such as SSH to access router and switch consoles remotely -hire additional resources to help monitor and manage you network infrastructure
-use syslog to implement centralized logging
Match each bring your own device (BYOD) security concern with its possible remedy. they may be used more than once Remedy: -implement a network access control (NAC) solution. -specify where and when mobile devices can be possessed in your acceptable use policy. -specify who users can call for help with mobile device apps in your acceptable use policy -enroll devices in a mobile device management system Security Concern: -users take pictures of proprietary processes and procedures -devices with a data plan can email stolen data -devices have no PIN or password configured -anti-malware software is not installed -A device containing sensitive data may be lost
-users take pictures of proprietary processes and procedures --specify where and when mobile devices can be possessed in your acceptable use policy. -devices with a data plan can email stolen data --specify where and when mobile devices can be possessed in your acceptable use policy. -devices have no PIN or password configured --enroll devices in a mobile device management system -anti-malware software is not installed --implement a network access control (NAC) solution. -A device containing sensitive data may be lost --enroll devices in a mobile device management system
You are adding a new rack to your data center, which will house five new blade servers. The new servers will be installed in a cluster that will host a customer tracking database. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to connect each new server to the switch in the existing rack using straight-through UTP cables that will be run along the floor around the perimeter of the data center. To provide power for the new devices, you will hire an electrician to install several new 20-amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work? -you should implement redundant power supplies for the network devices. -you should implement a UPS between the wall outlet and network devices. -you should no connect networking equipment to a 20-amp wall circuit -you should not run a plenum cable through a suspended tile ceiling. -you must use a straight-through cable to connect the switches together
-you should implement redundant power supplies for the network devices. -you should implement a UPS between the wall outlet and network devices.