Testout Network Pro Exam 5
You are configuring the Local Security Policy on a Windows system. You want to require users to create passwords that are at least 10 characters in length. You also want to prevent login after three unsuccessful login attempts. Which policies should you configure? (Select two.)
-Minimum password length -Account lockout threshold
Which of the following statements about DSCP are true? (Select two.)
-It uses the DiffServ field to add precedence values. - Classification occurs at Layer 3.
What is WindowsUpdate.log?
A log or record of all notable changes made to a Windows system.
Which of the following actions typically involve the use of 802.1x authentication? (Select two.)
-Controlling access through a wireless access point. -Controlling access through a switch.
Which of the following are best practices for hardening a server? (Select three.)
-Ensure that a host-based firewall is running. -Apply the latest patches and service packs. -Disable or uninstall unnecessary software.
What is the purpose of using Ethernet bonding? (Select two.)
-Increases network performance. -Provides a failover solution for network adapters.
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access except to a special server that holds the patches the computers need to download. Which of the following components should be part of your solution? (Select two.)
-Remediation servers -802.1x authentication
A new assistant network administrator was recently hired by your organization to relieve some of your workload. You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown below. What should you do? (Choose two. Each response is a complete solution.)
-Remove the patch cable connecting the first switch to the third switch. -Enable STP on each switch.
A security analyst is using tcpdump to capture suspicious traffic detected on port 443 of a server. The analyst wants to capture the entire packet with hexadecimal and ASCII output only. Which of the following tcpdump options will achieve this output?
-SX port 443
Upon running a security audit in your organization, you discover that several sales employees are using the same domain user account to log in and update the company's customer database. Which action should you take? (Select two. Each response is part of a complete solution.)
-Train sales employees to use their own user accounts to update the customer database. -Delete the account that the sales employees are currently using.
Which of the following tools can you use to troubleshoot and validate Windows updates? (Select three.)
-Windows Server Update Service (WSUS) -Windows Update Troubleshooter -PowerShell
Which of the following are true about Windows Update for Business? (Select three.)
-Windows Update for Business can be configured with Group Policy, Mobile Device Management, or Systems Center Configuration Manager. -Windows Update for Business provides the latest features for your Windows 10 devices, including security upgrades. -Windows Update for Business works with all versions of Windows 10 except Windows 10 Home.
Which of the following utilities could you use to lock a user account? (Select two.)
-passwd -usermod
An employee named Bob Smith, whose username is bsmith, has left the company. You have been instructed to delete his user account and home directory. Which of the following commands would produce the desired outcome? (Select two.)
-userdel -r bsmith -userdel bsmith;rm -rf /home/bsmith
Match the Class of Service (CoS) priority on the left with its corresponding value on the right.
0 -Background 1 -Best effort 2 -Excellent effort 3 -Critical applications 4 -Video (< 100ms latency) 5 -Voice (< 10ms latency) 6 -Internetwork control 7 -Network control
Which Class of Service (CoS) priority value should be assigned to a video conference call?
4
You have a Windows 10 system. You have used the Settings app to access Windows Update. From this location, how long can you pause updates?
7 days
Match the port security MAC address type on the left with its description on the right.
A MAC address that is manually identified as an allowed address. -SecureConfigured A MAC address that has been learned and allowed by the switch. -SecureDynamic A MAC address that is manually configured or dynamically learned and is saved in the config file. -SecureSticky
Which of the following is the strongest form of multi-factor authentication?
A password, a biometric scan, and a token device
Which of the following is an example of two-factor authentication?
A token device and a PIN
You have been asked to perform a penetration test for a company to see if any sensitive information can be captured by a potential hacker. You used Wireshark to capture a series of packets. Using the tcp contains Invoice filter, you found one packet. Using the captured information shown, which of the following is the name of the company requesting payment?
ACME, Inc
Which of the following components do switches use to optimize network performance by performing switching operations in hardware rather than using the CPU and software?
An application-specific integrated circuit
Your organization uses a time-keeping application that only runs on Windows 2000 and does not run on newer OS versions. Because of this, there are several Windows 2000 workstations on your network. Last week, you noticed unusual activity on your network coming from the workstations. After further examination, you discover that they were victims of a malicious attack and were being used to infiltrate the network. You find out that the attackers were able to gain access to the workstations because of the legacy operating system being used. Your organization still needs to use the Windows 2000 workstations (which need to be connected to the internet) but you want to make sure that the network is protected from future attacks. Which solution should you implement to protect the network while also allowing operations to continue as normal?
Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN.
For users on your network, you want to automatically lock user accounts if four incorrect passwords are used within 10 minutes. What should you do?
Configure account lockout policies in Group Policy
You want to make sure that all users have passwords over eight characters in length and that passwords must be changed every 30 days. What should you do?
Configure account policies in Group Policy.
You have hired 10 new temporary employees to be with the company for three months. How can you make sure that these users can only log on during regular business hours?
Configure day/time restrictions in user accounts.
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your web content. The device should be able to distribute requests between the various web servers using specialized hardware, not just software configurations. In addition, SSL sessions should use the hardware components in the device to create the sessions. Which type of device should you use to accomplish this?
Content switch
A user reports that she can't connect to the internet. After some investigation, you find that the wireless router has been misconfigured. You're responsible for managing and maintaining the wireless access point. What should you do next?
Create an action plan.
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?
DHCP snooping
What does the Windows Update Delivery Optimization function do?
Delivery Optimization provides you with Windows and Store app updates and other Microsoft products.
Users report that the network is down. As a help desk technician, you investigate and determine that a specific router is configured so that a routing loop exists. What should you do next?
Determine if escalation is needed.
A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?
Determine what has changed.
Which of the following is a best practice for router security?
Disable unused protocols, services, and ports.
A network switch is configured to perform the following validation checks on its ports: All ARP requests and responses are intercepted. Each intercepted request is verified to ensure that it has a valid IP-to-MAC address binding. If the packet has a valid binding, the switch forwards the packet to the appropriate destination. If the packet has an invalid binding, the switch drops the ARP packet. Which security feature was enabled on the switch to accomplish this task?
Dynamic ARP inspection
You are a contractor that has agreed to implement a new remote access solution based on a Windows Server 2016 system for a client. The customer wants to purchase and install a smart card system to provide a high level of security to the implementation. Which of the following authentication protocols are you MOST likely to recommend to the client?
EAP
Which EAP implementation is MOST secure?
EAP-TLS
You are a network administrator for your company. A frantic user calls you one morning exclaiming that nothing is working. What should you do next in your troubleshooting strategy?
Establish the symptoms.
A web server on your network hosts your company's public website. You want to make sure that an NIC failure doesn't prevent the website from being accessible on the internet. Which solution should you implement?
Ethernet bonding
Match the Network Access Protection (NAP) component on the left with its description on the right.
Generates a Statement of Health (SoH) that reports the client configuration for health requirements. -NAP client Runs the System Health Validator (SHV) program. -NAP server Is clients' connection point to the network. -Enforcement server (ES) Contains resources accessible to non-compliant computers on a limited-access network. -Remediation server
Your Windows system is a member of a domain. Windows Update settings are being controlled through Group Policy. How can you determine whether a specific security update from Windows Update is installed on the computer?
Go to Programs and Features in Control Panel.
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online.
Identify possible side effects of the solution.
A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next?
Identify the affected areas of the network.
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?
Identify the results and side effects of the solution.
With Wireshark, you've used a filter to capture only the desired packet types. Using the information shown in the image, which of the following BEST describes the effects of using the host 192.168.0.34 filter?
Only packets with 192.168.0.34 in either the source or destination address are captured.
Dan wants to implement reconnaissance countermeasures to help protect his DNS service. Which of the following actions should he take?
Install patches against known vulnerabilities and clean up out-of-date zones, files, users, and groups.
Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?
Multilayer switch
Which of the following is a feature of MS-CHAPv2 that is not included in CHAP?
Mutual authentication
You are in the process of implementing a Network Access Protection (NAP) infrastructure to increase your network's security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. The remediation network needs to be isolated from the secure network. Which technology should you implement to accomplish this task?
Network segmentation
You are in the process of implementing a network access protection (NAP) infrastructure to increase your network's security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. You need to isolate the remediation network from the secure network. Which technology should you implement to accomplish this task?
Network segmentation
Match the authentication factor types on the left with the appropriate authentication factor on the right. (You can use each authentication factor type more than once.)
PIN -Something you know Smart card -Something you have Password -Something you know Retina scan -Something you are Fingerprint scan -Something you are Hardware token -Something you have Voice recognition -Something you are Wi-Fi triangulation -Somewhere you are Typing behaviors -Something you do
Which of the following is a mechanism for granting and validating certificates?
PKI
You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug their computers in to the free network jacks and connect to the network, but you want employees who plug in to those same jacks to be able to connect to the network. Which feature should you configure?
Port authentication
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
Port scanner
Which type of security uses MAC addresses to identify devices that are allowed or denied a connection to a switch?
Port security
Which of the following is a platform-independent authentication system that maintains a database of user accounts and passwords to centralize the maintenance of those accounts?
RADIUS
When troubleshooting network issues, it's important to carry out tasks in a specific order. Drag each trouble shooting task on the left to the correct step on the right.
Step 1 -Identify the problem. Step 2 -Establish a theory of probable cause. Step 3 -Test the theory to determine the cause. Step 4 -Establish a plan of action. Step 5 -Implement the solution or escalate. Step 6 -Verify full system functionality. Step 7 -Document findings, actions, and outcomes.
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, she can no longer access the network. You go to the office and see that some of the wires in the Cat 5 network cable are now exposed. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?
Test the solution.
With Kerberos authentication, which of the following terms describes the token that verifies the user's identity to the target system?
Ticket
You have just configured the password policy and set the minimum password age to 10. What is the effect of this configuration?
Users cannot change the password for 10 days.
While deploying Windows updates, when would you use the critical update ring?
When deploying updates to important systems (only after the update has been vetted).
When deploying Windows updates, when would you use the preview update ring?
When deploying updates to users that want to stay on top of changes.
Windows Update for Business (WUfB) lets you keep your devices current with the latest security upgrades and features. Which operating system releases does WUfB support?
Windows 10
Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently?
arp
You are troubleshooting a connectivity problem on a Linux server. You're able to connect to another system on the local network but not to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
ifconfig
Which TCP/IP utility gives you the following output?
ipconfig
Examine the following output: Active Connections Proto Local Address Foreign Address State TCP SERVER1:1036 localhost:4832 TIME_WAIT TCP SERVER1:4798 localhost:1032 TIME_WAIT TCP SERVER1:1258 pool-141-150-16-231.mad.east.ttr:24076 CLOSE_WAIT TCP SERVER1:2150 cpe-66-67-225-118.roc.res.rr.com:14100 ESTABLISHED TCP SERVER1:268 C872c-032.cpe.net.cale.rers.com:46360 ESTABLISHED TCP SERVER1:2995 ip68-97-96-186.ok.ok.cox.net:23135 ESTABLISHED Which of the following utilities produced this output?
netstat
You suspect that the gshant user account is locked. Enter the command you would use in Command Prompt to display the account's status.
passwd -S gshant
Which TCP/IP utility gives the following output?
ping
While working on a Linux server, you're unable to connect to the Windows Server system on the internet. You are able to ping the default gateway on your own network, so you suspect that the problem lies outside the local network. Which utility would you use to track the route a packet takes as it crosses the network?
traceroute
You have performed an audit and found an active account for an employee with the username joer. This user no longer works for the company. Which command can you use to disable this account?
usermod -L joer