Chapter 14

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What type of security control uses an attestation report?

A Network Access Control (NAC) server configured to allow connections only to clients that meet a health policy, such as running an appropriate OS/OS version and being up-to-date with patches and security scanning definitions.

What type of security configuration uses edge and choke firewalls?

A screened subnet. The edge or screening firewall is the public interface while the choke firewall is the LAN interface. The screened subnet is therefore configured as a perimeter network preventing hosts on the Internet being directly connected to hosts on the LAN.

You send a junior technician to the equipment room to fix the problem. Sometime later, another user from subnet 20 calls complaining that he cannot connect to the Internet. What questions should you ask to begin troubleshooting?

Again, do not assume that Internet connectivity is the only issue. The user might not have any sort of network link but has only complained about accessing the Internet because that's the particular application he was trying to use. Ask if the user can connect to one of the LoB server applications. If this fails, check whether other users are experiencing the problem and establish the scope—just the one user? All users on subnet 20? All users on both subnets?

You are troubleshooting a connectivity problem with a network application server. Certain clients cannot connect to the service port. How could you rule out a network or remote client host firewall as the cause of the problem?

Connect to or scan the service port from the same segment with no host firewall running.

You are planning to reconfigure static and DHCP-assigned IP addresses across the network during scheduled downtime. What preliminary step should you take to minimize connectivity issues when the network is reopened?

Ensure that clients obtain a new DHCP lease, either by shortening the lease period in advance or by using a script to force clients to renew the lease at startup.

What parameters in packet headers can a layer 3 firewall ruleset use?

IP source and destination address, protocol type, and port number.

Following maintenance on network switches, users in one department cannot access the company's internal web and email servers. You can demonstrate basic connectivity between the hosts and the servers by IP address. What might the problem be?

It is likely that there is a problem with name resolution. Perhaps the network maintenance left the hosts unable to access a DNS server, possibly due to some VLAN assignment issue.

How does placement of an IDS sensor assist with a defense in depth policy?

Placement behind a perimeter firewall can identify suspicious traffic that has been allowed through the firewall.

If a network adapter is using the address 169.254.1.10 on a host connected to the LAN, what would you suspect?

That a DHCP server is offline or not contactable. The system is configured to obtain an address automatically but cannot contact a DHCP server and is using Automatic Private IP Addressing (APIPA).

You asked a junior technician to step in because your manager had asked you to deploy a wireless access point on the network to support a sales event due to start the next day. There will be lots of guests, and your manager wants them all to have Internet access. You did not have much time, so you simply added the access point to the switch supporting subnet 10. The next day arrives, and sometime after the sales event starts, multiple employees in subnet 10 report that when they attempt to connect to the network, they get a message that the Windows network has limited connectivity. What might be the cause and what test should you use to confirm the issue?

The most likely cause is that guest devices have exhausted the DHCP address pool for that scope. You can confirm by identifying that the hosts have autoconfigured APIPA addresses, perhaps by using ipconfig.

Why would you deploy a reverse proxy?

To publish a web application without directly exposing the servers on the internal network to the Internet.

You receive a call from the user of host A who has always been able to connect to the LoB application servers, but today she is unable to connect. You verbally check with other users and discover that none of the hosts on subnet 20 can connect, but that users in subnet 10 report no problems. What tests should you perform to narrow down the cause of the problem?

You should not assume from the information gathered so far that the user can connect to the servers in subnet 10. There are two likely causes—either the link to the router from subnet 20 has failed, perhaps because of a faulty switch, or hosts in subnet 20 are no longer receiving a correct IP configuration from the network servers. To test methodically, from any host in subnet 20, ping the loopback address and then ping that host's IP address. If either of these tests fail or if the host is using APIPA, investigate communications with the network servers. If the local IP configuration on each host is good, ping the router. If this fails, suspect a problem with the switch or cabling.


Ensembles d'études connexes

Prokaryotic and Eukaryotic Cells

View Set

Engine Performance 2: Chapter 1: Fuel-Injection System Diagnosis and Service

View Set

Principles of Finance - C708 module 12 quiz

View Set

Chapter 7: Investment Management

View Set

ATI Maternal newborn assessment A

View Set

Topic 4 - Recording and Stimulating Neural Activity

View Set