Network+ Guide to Networks (8th Ed.) Chapters 9-12

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

In ACL statements, using the "any" keyword is equivalent to using a wildcard mask of what value?

255.255.255.255

A fractional T1's bandwidth can be leased multiples of what data rate?

64 Kbps

On an ATM network, how is the path that data will take determined?

Switches determine the optimal path between sender and receiver, and then establish the path before transmission.

Which statement regarding the use of cable modems is NOT accurate?

Cable modems only operate at the Physical layer of the OSI model.

When Comcast was found to be interfering with BitTorrent traffic, what method was being used?

Comcast was interjecting TCP segments with the RST (reset) field set.

A hot site consists of computers, devices, and connectivity necessary to rebuild a network exist, but without appropriate configuration.

False

An 802.11ac signal can travel for approximately 2 miles from the source.

False

It is ideal to use the same password for multiple different applications, provided the password is complex enough.

False

The original version of the Secure Hash Algorithm was developed by MIT.

False

The Link Aggregation Control Protocol was initially defined by what IEEE standard?

IEEE 802.3ad

Which of the following statements describes a RAID 0 configuration?

In a RAID 0, data is striped across multiple disks to improve performance.

What does the Common Address Redundancy Protocol do?

It allows a pool of computers or interfaces to share the same IP address.

At what point is a packet considered to be a giant?

It becomes a giant when it exceeds the medium's maximum packet size.

A differential backup covers what data on a system?

It includes data that has changed since the last full backup.

What is the Nmap utility used for?

It is a port scanning utility that can identify open ports on a host.

Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers?

Nessus

Which SONET OC level is a popular choice for large businesses, and is equivalent to 100 T1s?

OC-3

What is NOT a variable that an network access control list can filter traffic with?

The operating system used by the source or destination device.

Considering that multiple users occupy the same channel when using CDMA, how are various calls using this technology kept separate?

The packets are coded such that individual calls can be distinguished.

A variant of BYOD, what does CYOD allow employees or students to do?

They can choose a device from a limited number of options.

A brownout is a momentary decrease in voltage; also known as a sag.

True

A drop ceiling could be used by an intruder to gain access to a secured room.

True

Although MPLS can operate over Ethernet frames, it is more often used with other Layer 2 protocols, like those designed for WANs.

True

Current research indicates that a long, random string of words, such as correct horse battery staple is more secure than a random series of letters, numbers, and symbols that is short enough to be remembered.

True

In a frame relay WAN, the ISP typically has the data circuit terminating equipment (DCE).

True

In a public switched telephone network, lines are terminated at the central office.

True

Most satellites circle the Earth 22,300 miles above the equator in a geosynchronous orbit.

True

Over a long-distance connection, using SSH keys is more secure than using passwords.

True

Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both potential symptoms of a viral infection.

True

The SNMP version 3 protocol introduces authentication, validation, and encryption for messages exchanged between devices and the network management console.

True

The Spanning Tree Protocol operates at the Network layer of the OSI model.

True

The day after Patch Tuesday is informally dubbed Exploit Wednesday.

True

The storm-control command is a type of flood guard that is available on most major network switch vendor platforms.

True

The supplicant is an EAP entity responsible for requesting authentication, such as a smartphone or laptop.

True

The term malware is derived from a combination of the words malicious and software.

True

Wireshark or any other monitoring software running on a single computer connected to a switch doesn't see all the traffic on a network, but only the traffic the switch sends to it, which includes broadcast traffic and traffic specifically addressed to the computer.

True

You can find out where various logs are kept on some UNIX and Linux systems by viewing the /etc/syslog.conf or /etc/rsyslog.conf files.

True

An RFID label on a box is an example of what type of physical security detection method?

asset tracking tagging

What aspect of AAA is responsible for determining what a user can and cannot do with network resources?

authorization

The grouping of multiple servers so that they appear as a single device to the rest of the network is known as which term?

clustering

What kind of firewall can block designated types of traffic based on application data contained within packets?

content-filtering firewall

What type of an attack forces clients off a wireless network, creating a form of Wi-Fi DoS?

deauthentication attack

Which type of DoS attack involves an attack that is bounced off uninfected computers before being directed at the target?

distributed reflection denial-of-service attack

When using a host-based intrusion detection system, what additional feature might be available to alert the system of any changes made to files that shouldn't change?

file integrity monitoring (FIM)

Enforcing a virtual security perimeter using a client's geographic location is known by what term?

geofencing

If multiple honeypots are connected to form a larger network, what term is used to describe the network?

honeynet

A snapshot is most similar to which type of backup scheme?

incremental backup

Which type of backup scheme only covers data that has changed since the last backup?

incremental backup

On a Linux system, which command allows you to modify settings used by the built-in packet filtering firewall?

iptables

A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what type of malware?

logic-bomb

What term is used to describe the average amount of time that will pass for a device before a failure is expected to occur?

mean time between failures (MTBF)

Once a device has failed, what metric measures the average amount of time to repair?

mean time to repair (MTTR)

What penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes?

metasploit

VMware's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software?

mobile device management software

Each managed object on a managed device using SNMP is assigned which of the following?

object identifier (OID)

Which type of uninterruptible power supply uses AC power to continuously charge its battery, while also providing power to devices through the battery?

online UPS

Which of the following terms is used to describe the configuration of a port to copy all traffic passing through the switch to the device at the other end of the port?

port mirroring

The concept of giving employees and contractors only enough access and privileges to do their jobs is known by what term?

principle of least privilege

What document addresses the specific concerns related to special access given to administrators and certain support staff?

privileged user agreement

If someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking place?

quid pro quo

Packets that are smaller than a medium's minimum packet size are known by what term below?

runts

What type of virtual circuit allows connections to be established when parties need to transmit, then terminated after the transmission is complete?

switched virtual circuit (SVC)

A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this?

tailgating

A RAID 5 configuration requires a minimum of two hard disks to operate.

False

What statement regarding the use of a network attached storage device is accurate?

A NAS can be easily expanded without interrupting service.

What statement regarding denial-of-service (DoS) attacks is accurate?

A denial-of-service attack prevents legitimate users from accessing normal network resources.

Which of the following statements describes a worm?

A program that runs independently of other software and travels between computers and across networks.

What is a SIEM (Security Information and Event Management) system utilized for?

It is a system used to evaluate data from security devices and generate alerts.

When using Kerberos, what is the purpose of a ticket?

It is a temporary set of credentials that a client uses to prove to other servers that its identity has been validated.

In a public switched telephone network, what portion of the network is known as the local loop?

It is the portion that connects any residence or business to the nearest central office.

What is a data-link connection identifier (DLCI) utilized for?

It is used by routers to determine which circuit to forward a frame to in a frame relay network.

A network TAP serves what purpose on a network?

It provides a mirrored port for monitoring traffic between other ports.

Which of the following statements correctly describes the malware characteristic of polymorphism?

Polymorphic malware can change its characteristics every time it is transferred to a new system.

What statement regarding role-based access control is accurate?

RBAC allows a network administrator to base privileges and permissions around a detailed description of a user's roles or jobs.

What descendant of the Spanning Tree Protocol is defined by the IEEE 802.1W standard, and can detect as well as correct for link failures in milliseconds?

Rapid Spanning Tree Protocol (RSTP)

In the typical social engineering attack cycle, what occurs at Phase 3?

The attacker exploits an action undertaken by the victim in order to gain access.

In a red team-blue team exercise, what is the purpose of the blue team?

The blue team is charged with the defense of the network.

When viewing a syslog message, what does a level of 0 indicate?

The message is an emergency situation on the system.

Which of the following scenarios would necessitate the use of a non-disclosure agreement?

Your company needs to prevent a new contractor from sharing information with a potential competitor.

Where would restrictions regarding what users can and cannot do while accessing a network's resources be found?

acceptable use policy document


Ensembles d'études connexes

Anthro 201 Cultural Anthropology Test 1

View Set

PMP Exam Chapter 4 Integration Management

View Set

Ch. 85 Positive Crankcase Ventilation and Secondary Air-Injection Systems

View Set