Exam 10-12
When using DOCSIS 3.0, what is the minimum number of channels that can be used? a. 4 b. 1 c. 16 d. 2
a. 4
If you wish to maintain a "4 nines" availability rating, what is the maximum amount of down time you can have per day? a. 8 seconds b. 1 minute, 26 seconds c. 14 minutes, 23 seconds d. .4 seconds
a. 8 seconds
In metro settings, end-to-end, carrier-grade Ethernet networks can be established via what protocol? a. Carrier Ethernet Transport b. Ethernet SONET c. Intra-city Ethernet d. Metro Carrier Transport
a. Carrier Ethernet Transport
A RAID 5 configuration requires a minimum of two hard disks to operate a. False b. True
a. False
A stateless firewall inspects each incoming packet to determine whether it belongs to a currently active connection a. False b. True
a. False
An 802.11ac signal can travel for approximately 2 miles from the source. a. False b. True
a. False
DSL services require many subscribers to share the same local line, causing potential security concerns a. False b. True
a. False
DSL signals travel over telephone lines using the 300 to 3300 Hz frequency range. a. False b. True
a. False
Of the three methods of access control (RBAC, DAC, MAC) RBAC is the least secure of the options a. False b. True
a. False
Setting a NIC to run in promiscuous mode will allow it to see all network traffic passing through a network switch. a. False b. True
a. False
When utilizing Kerberos, an access granting ticket is the same as a key a. False b. True
a. False
The Link Aggregation Control Protocol was initially defined by what IEEE standard? a. IEEE 802.3ad b. IEEE 802.1cd c. IEEE 802.3af d. IEEE 802.3bd
a. IEEE 802.3ad
Which legacy authentication protocol requires mutual authentication? a. Microsoft Challenge Handshake Authentication Protocol, version 2 (MS-CHAPv2) b. Challenge Handshake Authentication Protocol (CHAP) c. Password Authentication Protocol (PAP) d. Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
a. Microsoft Challenge Handshake Authentication Protocol, version 2 (MS-CHAPv2)
Which SONET OC level is a popular choice for large businesses, and is equivalent to 100 T1s? a. OC-3 b. OC-12 c. OC-24 d. OC-1
a. OC-3
Which adaptation of EAP utilizes EAP-MSCHAPv2 inside of an encrypted TLS tunnel? a. Protected EAP (PEAP) b. EAP-FAST c. EAP-TLS d. LEAP
a. Protected EAP (PEAP)
What statement regarding role-based access control is accurate? a. RBAC allows a network administrator to base privileges and permissions around a detailed description of a user's roles or jobs b. RBAC is the most restrictive method of access control c. RBAC allows users to decide for themselves who has access to the user's resources d. RBAC organizes resources into hierarchical classifications, such as "confidential" or "top secret"
a. RBAC allows a network administrator to base privileges and permissions around a detailed description of a user's roles or jobs
Which encryption standard was originally utilized with WPA's TKIP? a. Rivest Cipher 4 (RC4) b. Data Encryption Standard (DES) c. Advanced Encryption Standard (AES) d. Blowfish
a. Rivest Cipher 4 (RC4)
When using Spanning Tree Protocol, what is the first step in selecting paths through a network? a. STP must first select the root bridge, or master bridge b. STP examines the possible paths between all other bridges c. STP disables links that are not part of a shortest path d. STP begins to block BPDUs on non-designated ports
a. STP must first select the root bridge, or master bridge
When viewing a syslog message, what does a level of 0 indicate? a. The message is an emergency situation on the system b. The message is a warning condition on the system c. The message is an error condition on the system d. The message represents debug information
a. The message is an emergency situation on the system
What is NOT a variable that an network access control list can filter traffic with? a. The operating system used by the source or destination device b. The Network layer protocol used for the packet c. The Transport layer protocol used for the packet d. The source or destination TCP/UDP port number in the packet
a. The operating system used by the source or destination device
In a frame relay WAN, the ISP typically has the data circuit terminating equipment (DCE) a. True b. False
a. True
In a public switched telephone network, liens are terminated at the central office a. True b. False
a. True
The supplicant is an EAP entity responsible for requesting authentication, such as a smartphone or laptop. a. True b. False
a. True
You can find out where various logs are kept on some UNIX and Linux systems by viewing the /etc/syslog.conf or /etc/rsyslog.conf files. a. True b. False
a. True
What kind of firewall can block designated types of traffic based on application data contained within packets? a. content-filtering firewall b. stateless firewall c. packet-filtering firewall d. stateful firewall
a. content-filtering firewall
A snapshot is most similar to which type of backup scheme? a. incremental backup b. differential backup c. full backup d. versioned backup
a. incremental backup
Which type of backup scheme only covers data that has changed since the last backup? a. incremental backup b. differential backup c. full backup d. snapshot backup
a. incremental backup
When a device handles electrical signals improperly, usually resulting from a bad NIC, it is referred to by what term below? a. jabber b. blabber c. talker d. ghost
a. jabber
What term is used to describe the average amount of time that will pass for a device before a failure is expected to occur? a. mean time between failures (MTBF) b. product cycle lifetime (PCL) c. estimated time to failure (ETTF) d. maximum time available (MTA)
a. mean time between failures (MTBF)
Which of the following terms is used to describe the configuration of a port to copy all traffic passing through the switch to the device at the other end of the port? a. port mirroring b. port shadowing c. port supertrunking d. port lurking
a. port mirroring
What type of virtual circuit allows connections to be established when parties need to transmit, then terminated after the transmission is complete? a. switched virtual circuit (SVC) b. looping virtual circuit (LVC) c. dynamic virtual circuit (DVC) d. permanent virtual circuit (PVC)
a. switched virtual circuit (SVC)
In ACL statements, using the "any" keyword is equivalent to using a wildcard mask of what value? a. 255.255.0.0 b. 255.255.255.255 c. 0.0.255.255 d. 0.0.0.0
b. 255.255.255.255
What is the maximum throughput of a DS3 connection? a. 274.176 Mbps b. 44.736 Mbps c. 1.544 Mbps d. 3.152 Mpbs
b. 44.736 Mbps
In an ISDN connection, what amount of throughput did a single B channel provide? a. 32 Kbps b. 64 Kbps c. 96 Kbps d. 48 Kbps
b. 64 Kbps
Which statement regarding the use of cable modems is NOT accurate? a. DOCSIS 3.1 allows for full duplex speeds up to 10 Gbps b. Cable modems only operate at the Physical layer of the OSI model c. Cable broadband provides a dedicated and continuous connection d. Modems that utilize the DOCSIS 3.0 or 3.1 standard are backward compatible with older DOCSIS networks
b. Cable modems only operate at the Physical layer of the OSI model
A hot site consists of computers, devices, and connectivity necessary to rebuild a network exist, but without appropriate configuration a. True b. False
b. False
The Spanning Tree Protocol operates at the Network layer of the OSI model a. True b. False
b. False
WANs connect nodes, such as workstations, servers, printers, and other devices, in a small geographical area on a single network a. True b. False
b. False
Which of the following statements describes a RAID 0 configuration? a. In a RAID 0, four or more disks are used to mirror data within each pair of disks, and then striped to multiple pairs of disks b. In a RAID 0, data is striped across multiple disks to improve performance c. In a RAID 0, data is mirrored on multiple disks to provide fault tolerance d. In a RAID 0, data is striped across three or more drives, with parity information added to the data
b. In a RAID 0, data is striped across multiple disks to improve performance
What Storage Area Network (SAN) protocol runs on top of TCP, and can be used on an existing twisted-pair Ethernet network, while maintaining low cost? a. InfiniBand (IB) b. Internet SCSI (iSCSI) c. Fibre Channel over Ethernet (FCoE) d. Fibre Channel (FC)
b. Internet SCSI (iSCSI)
How does a line conditioning UPS protect network equipment? a. It shields equipment from lightning damage b. It filters line noise from incoming power c. It reduces fluctuations in incoming voltage d. It protects against electrical surges
b. It filters line noise from incoming power
The Wired Equivalent Privacy standard had what significant disadvantage? a. It used a shared encryption key for all clients, and the key might never change b. It only encrypted the initial connection authentication, but did not encrypt subsequent traffic c. It provided no encryption for traffic sent over the air d. It did not allow the use of a password for access to the network
b. It only encrypted the initial connection authentication, but did not encrypt subsequent traffic
Which protocol designed to replace STP operates at Layer 3 of the OSI model? a. Rapid Spanning Tree Protocol (RSTP) b. Shortest Path Bridging (SPB) c. Multiple Spanning Tree Protocol (MSTP) d. Transparent Interconnection of Lots of Links (TRILL)
b. Shortest Path Bridging (SPB)
Which of the following is an example of proxy server software? a. Snort b. Squid c. BIND d. Apache
b. Squid
What happened when an NMS uses the SNMP walk command? a. The NMS requests a list of all active SNMP traps on the system b. The NMS uses to get requests to move through sequential rows in the MIB database c. The NMS walks through a list of given SNMP hosts d. The NMS sends a request for data to the agent on a managed device
b. The NMS uses to get requests to move through sequential rows in the MIB database
Considering that multiple users occupy the same channel when using CDMA, how are various calls using this technology kept separate? a. The sending and receiving of data is performed on different frequencies, Users hop between these frequencies to avoid interference b. The packets are coded such that individual calls can be distinguished c. The transmissions are encrypted, such that only the appropriate device can decrypt its own call d. The packets include the end user's SIM IMEI in each packet
b. The packets are coded such that individual calls can be distinguished
Although MPLS can operate over Ethernet frames, it is more often used with other Layer 2 protocols, like those designed for WANs a. False b. True
b. True
By default, Active Directory is configured to use the Kerberos protocol, but can be configured to use LDAP or a combination of LDAP and Kerberos. a. False b. True
b. True
Most satellites circle the Earth 22,300 miles above the equator in a geosynchronous orbit a. False b. True
b. True
Proxy servers and ACLs on network devices are examples of non-security devices with security features, while firewalls and IDS/IPS systems are the network's specialized security devices. a. False b. True
b. True
The PEAP standard creates an encrypted TLS tunnel between the supplicant and the server before proceeding with the usual EAP process a. False b. True
b. True
User access to network resources falls into one of these two categories: 1) the privilege or right to execute, install, and uninstall software, and 2) permission to read, modify, create, or delete data files and folders. a. False b. True
b. True
Wireshark or any other monitoring software running on a single computer connected to a switch doesn't see all the traffic on a network, but only the traffic the switch sends to it, which includes broadcast traffic and traffic specifically addressed to the computer. a. False b. True
b. True
What scenario might be ideal for the use of root guard in configuring a switch? a. You wish to block BPDUs on an access port serving network hosts b. You wish to prevent switches beyond a certain port from becoming the root bridge, but still wish to use STP c. You wish to disable STP on a port connected to a partnered company's switch d. You wish to prevent a rogue switch or computer from hijacking the network's STP paths
b. You wish to prevent switches beyond a certain port from becoming the root bridge, but still wish to use STP
What is the size of an ATM cell, including the header? a. 64 bytes b. 84 bytes c. 53 bytes d. 48 bytes
c. 53 bytes
A fractional T1's bandwidth can be leased multiples of what data rate? a. 28 Kbps b. 32 Kbps c. 64 Kbps d. 48 Kbps
c. 64 Kbps
What IEEE standard includes an encryption key generation and management scheme known as TKIP? a. 802.11h b. 802.11j c. 802.11i d. 802.1X
c. 802.11i
In North America, what ISDN connection type used two B channels and one D channel? a. Dedicated Rate Interface (DRI) b. Primary Rate Interface (PRI) c. Basic Rate Interface (BRI) d. Bearer Rate Interface (BRI)
c. Basic Rate Interface (BRI)
The DTE or endpoint for a leased line is known as which device below? a. ISDN modem b. DSL modem c. CSU/DSU d. cable modem
c. CSU/DSU
What is the data-link connection identifier (DLCI) utilized for? a. It is used by ATM switches to determine how to create a switched virtual circuit b. It is a locally significant ID used to send connectionless information c. It is used by routers to determine which circuit to forward to in a frame relay network d. It is used by routers to establish a packet-switched path to the destination
c. Is is used by routers to determine which circuit to forward a frame in a frame relay network
What descendant of the Spanning Tree Protocol is defined by the IEEE 802.1W standard, and can detect as well as correct for link failures in milliseconds? a. Multiple Spanning Tree Protocol (MSTP) b. Shortest Path Bridging (SPB) c. Rapid Spanning Tree Protocol (RSTP) d. Transparent Interconnection of Lots of Links (TRILL)
c. Rapid Spanning Tree Protocol (RSTP)
You have been asked by your superior all Cisco network switches to allow only acceptable MAC addresses through switch access ports. How is this accomplished? a. Use the allowed-mac command to filter by MAC address b. Use the mac-limit command to prevent more than one MAC from being accepted c. Use the switchport port-security command to enable MAC filtering d. Use the secure port mac-address command to limit the port to learned addresses only
c. Use the switchport port-security command to enable MAC filtering
Which of the following is an advantage of leasing a frame relay circuit over leasing a dedicated circuit? a. Frame relay is a newly established network technology with more features than other technology b. You are guaranteed to receive the maximum amount of bandwidth specified in the circuit contract c. You pay only for the bandwidth you require d. The paths that you data will take are always known
c. You pay only for the bandwidth you require
What aspect of AAA is responsible for determining what a user can and cannot do with network resources? a. accessibility b. accounting c. authorization d. authentication
c. authorization
When using a host-based intrusion detection system, what additional feature might be available to alert the system of any changed made to files that shouldn't change? a. file access auditing (FAA) b. file checksum watching (FCW) c. file integrity monitoring (FIM) d. file change management (FCM)
c. file integrity monitoring (FIM)
The Group Policy utility can be opened by typing what name into a Run box? a. grouppol.msc b. grppol.msc c. gpedit.msc d. secpol.msc
c. gpedit.msc
On a Linux system, which command allows you to modify settings used by the built-in packet filtering firewall? a. ipf b. netwall c. iptables d. modfire
c. iptables
Which type of uninterruptible power supply uses AC power to continuously charge its battery, while also providing power to devices through the battery? a. standby UPS b. line conditioning UPS c. online UPS d. surge UPS
c. online UPS
You are attempting to determine how available your Linux systems are, and need to find the current system uptime. What command should you use? a. show runtime b. lastboot c. uptime d. display stats
c. uptime
Multiplexing enables a single T1 circuit to carry how many channels? a. 64 b. 1 c. 12 d. 24
d. 24
How many transponders are contained within a typical satellite? a. 16 to 24 b. 8 to 16 c. 32 to 48 d. 24 to 32
d. 24 to 32
The C-Band utilized by satellites consists of what frequency range? a. 2.7 - 3.5 GHz b. 1.5 - 2.7 GHz c. 12 - 18 GHz d. 3.4 - 6.7 GHz
d. 3.4 - 6.7 GHz
What statement correctly describes a stateless firewall? a. A stateless firewall filters packets based on source and destination IP addresses b. A stateless firewall blocks designated types of traffic based on application data contained within packets c. A stateless firewall inspects incoming packet to determine whether it belongs to a currently active connection d. A stateless firewall manages each incoming packet as a stand-alone entity, without regard to currently active connections
d. A stateless firewall manages each incoming packet as a stand-alone entity, without regard to currently active connections
Of all the DSL standards, which standard is the most commonly in use today? a. G.Lite b. SDSL c. VDSL d. ADSL
d. ADSL
In order to prevent ports that are serving network hosts from being considered as best paths, what should be enabled to block BPDUs? a. BPDU drop b. root guard c. BPDU filter d. BPDU guard
d. BPDU guard
A differential backup covers what data on a system? a. It includes only data that has changed since the last backup b. It includes data that has changed since the last incremental backup c. It includes all data every time it is performed d. It includes data that has changed since the last full backup
d. It includes data that has changed since the last full backup
What is a SIEM (Security Information and Event Management) system utilized for? a. It is an intellectual property protection software that prevents data links, and generates alerts b. It is a system that monitors security device hardware availability c. It is an advanced intrusion protection system with a GUI-frontend d. It is a system used to evaluate data from security devices and generate alerts
d. It is a system used to evaluate data from security devices and generate alerts
When using Kerberos, what is the purpose of a ticket? a. It is the name for a Kerberos client or user b. It is the event that is generated when auditing a resource and unauthorized access is attempted c. It is a key used by the client to gain access to services that are protected by the key on the network d. It is a temporary set of credentials that a client uses to prove to other servers that its identity has been validated
d. It is a temporary set of credentials that a client uses to prove to other servers that its identity has been validated
In a public switched telephone network, what portion of the network is known as the local loop? a. It is the inside wire within the residence or business that connects to the NIU b. It is the portion of the network between the NIU and the remote switching facility c. It is the portion of the network from the remote switches facility to the central office d. It is the portion that connects any residence or business to the nearest central office
d. It is the portion that connects any residence or business to the nearest central office
In regards to the use of local authentication, what statement is accurate? a. Local authentication provides the most security b. Local authentication is scalable for large networks c. Local authentication does not allow for strong enough passwords d. Local authentication is network and server failure tolerant
d. Local authentication is network and server failure tolerant
By far the most popular AAA service, what open-source service runs in the Application layer and can use UDP or TCP in the Transport layer? a. TACACS+ b. Google Authenticator c. Kerberos d. RADIUS
d. RADIUS
Which type of DSL technology has equal download and upload speeds maxing out at around 2 Mbps? a. HDSL b. VDSL c. ADSL2+ d. SDSL
d. SDSL
Which of the following Layer 1 WAN technologies is not normally used as last mile service, but rather traverses multiple ISP network, connecting these networks to the Internet backbone? a. digital subscriber line (DSL) b. T-carrier (T1s, fractional T1s, and T3s) c. Carrier-Ethernet Transport (CET) d. SONET (Synchronous Optical Network)
d. SONET (Synchronous Optical Network)
On an ATM network, how is the path that data will take determined? a. When data is ready to be transmitted, an ATM participating router will contact the destination ATM router, establish a tunnel, then pass the data b. Data is transmitted, and then the path taken will vary depending on the load encountered at each ATM participant node c. A frame relay route table establishes each hop that will be taken to a single destination d. Switches determine the optimal path between sender and receiver, and then establish the path before transmission
d. Switches determine the optimal path between sender and receiver, and then establish the path before transmission
With a SIP trunk, what is the only limitation on the number of calls that can run at any one time? a. The maximum number of channels available on the transmission medium b. The total number of time division slots allocated to the SIP client organization c. The total number of SIP bearer channels provisioned on the SIP switch d. The amount of available bandwidth
d. The amount of available bandwidth
In Open System Authentication, how does authentication occur? a. The client sends a pre-shared key along with the access point's SSID b. The access point forces the client to authenticate via a captive portal, after which all communication is encrypted c. The client requests an encrypted tunnel, after which, the client's MAC servers as the authentication d. The client "authenticates" using only the SSID name. In other words, no real authentication occurs
d. The client "authenticates" using only the SSID name. In other words, no real authentication occurs
The grouping of multiple servers so that they appear as a single device to the rest of the network is known as which term? a. link aggregating b. server overloading c. load balancing d. clustering
d. clustering
You have been tasked with the configuration of a Juniper switch, and have been told to restrict the number of MAC addresses allowed in the MAC address table. What command should you use? a. mac-address limit b. set total-macs c. set max-mac d. mac-limit
d. mac-limit
The Global System for Mobile Communications (GSM) utilizes what technology to create timeslots on a channel? a. frequency division multiplexing (FDM) b. wavelength division multiplexing (WDM) c. dense wavelength division multiplexing (DWDM) d. time division multiple access (TDMA)
d. time division multiple access (TDMA)