MIS 3317 FINAL REVIEW Ch 9
Your subnet part is 8 bits long. How many hosts can you have per subnet? 8 14 254 none of the above
254
If the subnet ID in an IPv6 address is 32 bits, how long is the routing prefix? 16 bits 32 bits 64 bits none of the above
32 bits
Your firm has a 22-bit network part. What subnet part would you select to give at least 10 subnets? 2 bits 3 bits 4 bits none of the above
4 bits
In an IPv6 global unicast address, the interface ID is ________ bits long. 8 16 64 Its size varies.
64
In IP subnet planning, you need to have at least 130 subnets. How large should your subnet part be? 6 7 8
8
Your firm has an 8-bit network part. If you need at least 200 subnets, what must your subnet part size be? 5 6 7 8
8
The DNS ________ record is for the host name's ________ address A; IPv4 A; IPv6 AAAA; IPv4 none of the above
A; IPv4
The DNS ________ record is for the host name's ________ address AAAA; IPv4 AAAA; IPv6 both A and B neither A nor B
AAAA; IPv6
Which of the following is a private IP address range? 10.x.x.x 128.171.x.x both A and B neither A nor B
10.x.x.x
Your firm has a 22-bit network part and a 6-bit subnet part. How many hosts can you have per subnet? 6 8 14 none of the above
14
If your subnet part is 8 bits long, you can have ________ subnets. 64 128 256 254
254
Which of the following IPv4 addresses would be used for Internet transmission? 10.x.x.x 128.171.x.x both A and B neither A nor B
128.171.x.x
You have a 20-bit network part and a 4-bit subnet part. How many hosts can you have per subnet? 15 16 254 none of the above
254
If your routing prefix is 16 bits, how long is your subnet ID? 16 bits 32 bits 48 bits not possible to calculate
48 bits
Which of the following is used in ESP? ESP header ESP trailer Integrity check value all of the above
all of the above
NAT ________. allows a firm to have more internal IP addresses reduces cost both A and B neither A nor B
allows a firm to have more internal IP addresses
IPsec protects ________ layer content. data link application both A and B neither A nor B
application
SAs in two directions ________. are always the same are always different are sometimes different
are sometimes different
A DHCP server provides a client with ________. one or more IP addresses for it to use the IP address of one or more DNS servers both A and B neither A nor B
both A and B
A company has a domain name. What else must it have before it can make a website available to the public? a DNS server to host its domain name the website itself both A and B neither A nor B
both A and B
________ is a general naming system for the Internet. NAT DNS DHCP Dotted decimal notation
DNS
Which of the following can route non-IP packets? OSPF EIGRP both A and B neither A nor B
EIGRP
Which of the following is more widely used? ESP AH Both are about equally widely used
ESP
The IEEE calls a 64-bit interface addresses that it designed a(n) ________ address. Extended Unique Identifier-64 Interface ID MAC address IP address
Extended Unique Identifier-64
T/F: For an internal client to use NAT to communicate with an external webserver, the client must be configured to do so.
False
T/F: NAT is transparent to all applications.
False
Good security is an enabler if a company wishes to use SNMP ________ commands. Get Set Trap Reset
Get
The first stage of IPsec uses the ________ protocol. SSL/TLS AES IKE SHA
IKE
The SA is negotiated in the ________. IKE phase IPsec protection phase AES phase none of the above
IKE phase
Which has stronger security? SSL/TLS IPsec Both have about equal security.
IPsec
In remote access VPNs, IPsec has an ________ at the corporate site. IPsec firewall IPsec gateway IPsec proxy server IPsec endpoint
IPsec gateway
SA protections are applied in the ________. IKE phase IPsec protection AES none of the above
IPsec protection
________ is the process of presenting external IP addresses that are different from internal IP addresses used within the firm. DNS NAT (network address translation) DHCP none of the above
NAT (network address translation)
________ is an interior dynamic routing protocol. OSPF BGP both A and B neither A nor B
OSPF
Which is less expensive to implement? SSL/TLS IPsec Both cost about the same to implement.
SSL/TLS
In SNMP, companies are often reluctant to use ________ commands because of security dangers. Get Set Trap Request
Set
NAT ________. allows a firm to have more internal IP addresses provides some security both A and B neither A nor B
both A and B
SLAs define ________. cryptographic methods cryptographic options both A and B neither A nor B
both A and B
The domain name system ________. is a way to find a host's IP addresses if your computer only knows the host's host name is a general naming system for the Internet both A and B neither A nor B
both A and B
Which of the following would be an SNMP object? number of rows in routing table system uptime (since last reboot) both A and B neither A nor B
both A and B
In transport mode, ESP fields surround an IPv4 packet's ________. entire length header data field none of the above
data field
In DNS, a group of resources under the control of an organization is called a ________. network subnet scope domain
domain
Companies get second-level domains from ________. the IETF domain registrars the Internet Society the United States Government
domain registrars
Pinging is to send ICMP ________ messages to the target host. echo request error advisement ping echo
echo request
In tunnel mode, ESP fields surround an IPv4 packet's ________. entire length header data field none of the above
entire length
ICMP is used for ________. error messages configuration messages routing messages none of the above
error messages
A step in creating an EUI-64 is dividing a 48-bit MAC address in half and inserting ________ in the center. the interface ID the subnet ID fffe 0000
fffe
In NAT, the ________ creates new external source IP addresses and port numbers. router firewall source host destination host
firewall
Which is NOT one of the three parts of a public IPv6 unicast address? subnet ID routing prefix host part All of the above are parts in a public IPv6 unicast address.
host part
The part of an IPv6 global unicast address that designates the host is called the ________. host part interface ID routing prefix none of the above
interface ID
A company is free to select whatever ________ dynamic routing protocol it wishes. interior exterior both A and B neither A nor B
interior
A company is free to select its ________. interior dynamic routing protocol exterior dynamic routing protocol both A and B neither A nor B
interior dynamic routing protocol
For a particular domain name, a DNS server will have ________. a single record multiple records two records—one for IPv4 and one for IPv6. all of the above
multiple records
The almost-universal exterior dynamic routing protocol is ________. EIGRP OSPF both A and B neither A nor B
neither A nor B
The routing prefix in IPv6 is like the ________ part in an IPv4 address. network subnet host both A and B
network
If your subnet part is 7 bits long, how many subnets can you have? 128 256 512 none of the above
none of the above
In IPv6, ESP protects the IP packet's_____. entire length payload header none of the above
none of the above
Which of the following would be an SNMP object? number of rows in routing table a managed switch both A and B neither A nor B
number of rows in routing table
If the local DNS server does not know an IP address and must contact a remote DNS server, which DNS server will return the response to the client? the local DNS server the remote DNS server either A or B No IP address will be returned to the client.
the local DNS server
".com" is a ________. root domain top-level domain second-level domain none of the above
top-level domain
".edu" is a ________. root domain top-level domain second-level domain none of the above
top-level domain
Which protects more of the original IP packet? transport mode tunnel mode Both provide the same protection to the IP packet.
tunnel mode
Which of the following would be an SNMP interface object? number of rows in routing table whether the interface is undergoing testing both A and B neither A nor B
whether the interface is undergoing testing
T/F: Options for major cryptographic methods are sometimes unacceptably weak and must be prohibited.
True
Convert the following EUI-48 address to a modified EUI-64 address: AA-00-00-FF-FF-00. aa00:ff:feff:ff0 ae00:ff:feff:ff0 aa00:00ff:feff:ff0 ae00:00ff:feff:ff0
ae00:00ff:feff:ff0
In SNMP, the manager communicates directly with a(n) ________. managed device agent object access point
agent
In a large company, you want ________. as big a routing prefix as you can have a medium-size routing prefix as small a routing prefix as you can have The size of the routing prefix is of no importance.
as small a routing prefix as you can have
What security concern do ICMP echo request messages and echo response messages bring? attackers can disable the other host attackers can learn that the other host's IP address is in use attackers can change the other host's IP address all of the above.
attackers can learn that the other host's IP address is in use
If your local DNS server does not know the host name of an IP address, it will get the address from a(n) ________. root DNS server proxy DNS server authoritative DNS server none of the above
authoritative DNS server
IPsec is used for ________ VPNs. remote-access site-to-site both A and B neither A nor B
both A and B
NAT enhances security by ________. preventing sniffers from learning internal IP addresses encryption both A and B neither A nor B
preventing sniffers from learning internal IP addresses
The highest-level DNS servers are called ________. root servers top-level domain servers both A and B neither A nor B
root servers
In the Border Gateway Protocol, "gateway" means ________. firewall switch router none of the above
router
Dynamic ________ protocols allow routers to transmit routing table information to one another. routing transport synchronization none of the above
routing
Corporations wish to have ________ domain names. top-level second-level third-level none of the above
second-level
In IPsec, agreements about how security will be done are called ________. tranches security contracts service-level agreements security associations
security associations
You need to use EIGRP if ________. you have TCP/IP traffic exclusively some of your traffic is TCP/IP traffic both A and B
some of your traffic is TCP/IP traffic
Which is a type of top-level domain? generic TLD specific TLD both A and B neither A nor B
specific TLD
What field in an IPv6 global unicast address corresponds to the subnet part of an IPv4 address? global routing prefix subnet ID interface ID none of the above
subnet ID
Ping is for ________ messages. error advisory supervisory both A and B
supervisory
An advantage of using DHCP to configure clients is that ________. the configuration information will be up-to-date the configuration will be done securely both A and B neither A nor B
the configuration information will be up-to-date