ITS284 Chapter 9
10) Which of the following can be used within a firm? A) private IP addresses B) public IP addresses C) both A and B D) neither A nor B
C
12) Which of the following is true about NAT? A) It can enhance security. B) It presents problems for some protocols. C) both A and B D) neither A nor B
C
13) The domain name system ________. A) is a way to find a host's IP addresses if your computer only knows the host's host name B) is a general naming system for the Internet C) both A and B D) neither A nor B
C
2) In IP subnet planning, you need to have at least 130 subnets. How large should your subnet part be? A) 6 B) 7 C) 8 D) none of the above
C
21) A company receives its domain name from ________. A) IETF B) its ISP C) a domain registrar D) its parents
C
24) Which of the following would be an SNMP object? A) number of rows in routing table B) system uptime (since last reboot) C) both A and B D) neither A nor B
C
27) SNMPv3 uses ________ for authentication. A) community names B) digital certificates and digital signatures C) a different password for each manager-agent pair D) all of the above
C
42) Which is NOT one of the three parts of a public IPv6 unicast address? A) subnet ID B) routing prefix C) host part D) All of the above are parts in a public IPv6 unicast address.
C
48) A step in creating an EUI-64 is dividing a 48-bit MAC address in half and inserting ________ in the center. A) the interface ID B) the subnet ID C) fffe D) 0000
C
6) You have a 20-bit network part and a 4-bit subnet part. How many hosts can you have per subnet? A) 14 B) 16 C) 254 D) none of the above
C
11) Which of the following is a private IP address range? A) 10.x.x.x B) 128.171.x.x C) both A and B D) neither A nor B
A
19) The highest-level DNS servers are called ________. A) root servers B) top-level servers C) both A and B D) neither A nor B
A
23) Which of the following would be an SNMP object? A) number of rows in routing table B) a managed switch C) both A and B D) neither A nor B
A
26) SNMPv1 uses ________ for authentication. A) community names B) digital certificates and digital signatures C) a different password for each manager-agent pair D) all of the above
A
3) If you have a subnet part of 7 bits, how many subnets can you have? A) 126 B) 254 C) 510 D) none of the above
A
30) IPsec provides protection in two modes of operation one of these two modes is ________. A) transport mode B) data link mode C) network mode D) 802.1X mode
A
31) The main limit of IPsec tunnel mode protection compared to transport mode protection in IPsec is ________. A) protection over only part of the route B) higher cost C) both A and B D) neither A nor B
A
32) Which mode of IPsec may be more expensive if a company has a large number of computers? A) transport mode B) tunnel mode C) Both A and B are equally expensive.
A
34) Client PCs must have digital certificates in ________. A) transport mode B) tunnel mode C) both A and B D) neither A nor B
A
37) Which of the following standards permits central management? A) IPsec B) SSL/TLS C) both A and B D) neither A nor B
A
38) Which is less expensive to implement? A) SSL/TLS B) IPsec C) Both cost about the same to implement.
A
43) The routing prefix in IPv6 is like the ________ part in an IPv4 address. A) network B) subnet C) host D) both A and B
A
47) The IEEE calls 64-bit interface addresses ________. A) Extended Unique Identifiers B) Interface IDs C) MAC addresses D) half-IP
A
49) Dynamic ________ protocols allow routers to transmit routing table information to one another. A) routing B) transport C) synchronization D) none of the above
A
50) A company is free to select whatever ________ dynamic routing protocol it wishes. A) interior B) exterior C) both A and B D) neither A nor B
A
52) ________ is an interior dynamic routing protocol. A) OSPF B) BGP C) both A and B D) neither A nor B
A
55) To see if a target host can be reached, you normally would send it an ICMP ________ message. A) echo request B) error advisement C) either A or B D) neither A nor B
A
56) Pinging is to send ICMP ________ messages to the target host. A) echo request B) error advisement C) ping D) echo
A
9) NAT enhances security by ________. A) preventing sniffers from learning internal IP addresses B) encryption C) both A and B D) neither A nor B
A
14) ________ is a general naming system for the Internet. A) NAT B) DNS C) DHCP D) Dotted decimal notation
B
16) ".com" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
B
17) ".edu" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
B
18) Most corporations wish to have ________ domain names. A) top-level B) second-level C) third-level D) none of the above
B
22) In SNMP, the manager communicates directly with a(n) ________. A) managed device B) agent C) object D) access point
B
25) In SNMP, companies are often reluctant to use ________ commands because of security dangers. A) Get B) Set C) trap D) request
B
28) IPsec protects ________ layer messages. A) data link B) application C) both A and B D) neither A nor B
B
29) In tunnel mode, IPsec provides protection ________. A) all the way between the two hosts B) only between the IPsec servers C) both A and B D) neither A nor B
B
33) The main disadvantage of transport mode protection compared to tunnel mode protection in IP is ________. A) that it provides protection over only part of the route B) higher cost C) both A and B D) neither A nor B
B
39) Which has stronger security? A) SSL/TLS B) IPsec C) Both have about equal security.
B
40) If a host is to be able to communicate via IPv4 and IPv6, it is said to ________. A) be bilingual B) have a dual-stack C) be IPv6-ready D) be IP-agile
B
41) Today, it can be problematic to have only a single IPv6 stack because ________. A) a single IPv4 stack is out of date B) a single IPv6 stack could not communicate with a single IPv4 stack C) a dual stack has become a common solution D) all of the above
B
44) If the subnet ID in an IPv6 address is 32 bits, how long is the routing prefix? A) 16 bits B) 32 bits C) 64 bits D) none of the above
B
45) The part of an IPv6 global unicast address that designates the host is called the ________. A) host part B) interface ID C) routing prefix D) none of the above
B
46) In an IPv6 global unicast address, the interface ID is ________ bits long. A) 32 B) 64 C) 128 D) It varies.
B
51) Which of the following can route non-IP packets? A) OSPF B) EIGRP C) both A and B D) neither A nor B
B
7) ________ is the process of presenting external IP addresses that are different from internal IP addresses used within the firm. A) DNS B) NAT C) DHCP D) none of the above
B
8) In NAT, the ________ creates new external source IP addresses and port numbers. A) router B) firewall C) source host D) destination host
B
35) IPsec is used for ________ VPNs. A) remote-access B) site-to-site C) both A and B D) neither A nor B
C
1) If your subnet part is 8 bits long, you can have ________ subnets. A) 64 B) 128 C) 256 D) 254
D
15) In DNS, a group of resources under the control of an organization is called a ________. A) network B) subnet C) scope D) domain
D
20) How many DNS root servers are there? A) 1 B) 2 C) 10 D) 13
D
36) In IPsec, agreements about how security will be done are called ________. A) tranches B) security contracts C) service-level agreements D) security associations
D
4) Your firm has an 8-bit network part. If you need at least 250 subnets, what must your subnet part size be? A) 5 B) 6 C) 7 D) 8
D
5) Your firm has an 8-bit network part and an 8-bit subnet part. How many hosts can you have per subnet? A) 126 B) 254 C) 534 D) 65,534
D
53) ________ is used for supervisory messages at the internet layer. A) TCP B) DNS C) DHCP D) ICMP
D
54) IP is reliable because of ________. A) echo and echo reply messages B) error advisement messages C) both A and B D) neither A nor B
D