week 9

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Arrange the Fibre Channel (FC) SAN implementation tasks in the order they should be performed to build a redundant FC SAN. Step 1 Step 2 Step 3 Step 4 Step 5

1) Install two Fiber Channel host bus adapters in each server that will access the shared storage on the SAN. 2) Deploy two FC switches. 3) Using fiber optic cables, connect each server to each FC switch by connecting one FC HBA to one FC switch and the other FC HBA to the other FC switch. 4) Deploy the shared storage devices, such as an external RAID device containing multiple hard disk drives and two FC HBAs. 5) Using fiber optic cables, connect each storage device to each FC switch by connecting one FC HBA to one FC switch and the other FC HBA to the other FC switch.

Drag each description on the left to the appropriate switch attack type on the right. 1. ARP spoofing/poisoning 2. Dynamic Trunking Protocol 3. MAC flooding 4. MAC spoofing

1. The source device sends frames to the attacker's MAC address instead of to the correct device. 2. Should be disabled on the switch's end user (access) ports before implementing the switch configuration in to the network. 3. Causes packets to fill up the forwarding table and consumes so much of the switch's memory that it enters a state called fail open mode. 4. Can be used to hide the identity of the attacker's computer or impersonate another device on the network.

Within an SDN, what is commonly referred to as the brains? A) Controllers B) Hosts C) Fabric D) Initiators

A) Controllers

What BEST describes the designed purpose of InfiniBand? A) High-performance supercomputers B) Cloud platforms C) Unlimited 10 Gigabit internet D) Jumbo frames

A) High-performance supercomputers

Under which of the following circumstances might you implement BGP on your company network and share routes with internet routers? A) If the network is connected to the internet using multiple ISPs. B) If the network has over 15 hops. C) If the network is connected to the internet using public addressing. D) If the network has over 15 areas and uses IPv6.

A) If the network is connected to the internet using multiple ISPs.

Which of the following is a method that allows you to connect a private network to the internet without obtaining registered addresses for every host? A) NAT B) EIGRP C) BGP D) OSPF

A) NAT

What are the main differences between the OSPF and IS-IS routing protocols? A) OSPF requires an area 0, while IS-IS does not. B) OSPF is a classful protocol, while IS-IS is a classless protocol. C) OSPF is an IGP routing protocol, while IS-IS is a BGP routing protocol. D) OSPF is a link state protocol, while IS-IS is not.

A) OSPF requires an area 0, while IS-IS does not.

Which of the following has the least default administrative distance? A) Static route to an IP address B) External BGP C) OSPF D) RIP

A) Static route to an IP address

Which of the following can cause broadcast storms? A) Switching loops B) Duplicate IP addresses C) Duplicate MAC addresses D) Routing loops

A) Switching loops

You are in the process of configuring an iSCSI storage area network (SAN) for your network. You want to configure a Windows Server system to connect to an iSCSI target defined on a different server system. You also need to define iSCSI security settings, including CHAP and IPsec. Which tool should you use? A) iSCSI Initiator B) Internet Storage Name Service C) iSCSI option under File and Storage Services in Server Manager D) Multipath I/O

A) iSCSI Initiator

Which of the following do hosts on a private network share if the network utilizes a NAT router? A) A virtual IP address B) A physical IP address C) A virtual MAC address D) A physical MAC address

B) A physical IP address

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that's connected to the library network through an access port on a switch. You want to restrict access to the network so that only library computers are permitted connectivity to the internet. What can you do? A) Create static MAC addresses for each computer and associate each address with a VLAN. B) Configure port security on the switch. C) Remove the hub and place each library computer on its own access port. D) Create a VLAN for each group of four computers.

B) Configure port security on the switch.

Which of the following allows incoming traffic addressed to a specific port to move through the firewall and be transparently forwarded to a specific host on the private network? A) Dynamic NAT B) DNAT C) IP masquerade D) OSPF

B) DNAT

Which of the following is a method of VLAN hopping? A) ARP spoofing B) Double tagging C) MAC spoofing D) MAC flooding

B) Double tagging

You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of these broadcast storms? A) Configure each switch with a single trunk port. B) Enable Spanning Tree on the switches. C) Manually set the speed for each switch port. D) Disable auto-duplex detection.

B) Enable Spanning Tree on the switches.

Brett has been tasked with creating a new SAN. The company currently has Gigabit internet, and his CTO wants to use Fibre Channel over Ethernet (FCoE) in the SAN. Brett tells the CTO that this will not work. Which of the following BEST describes the problem? A) Fibre Channel over Ethernet is still only conceptual. B) Fibre Channel over Ethernet requires 10 Gigabit internet. C) Fibre Channel over Ethernet is slower than iSCSI. D) Fibre Channel over Ethernet requires all new, specialized equipment.

B) Fibre Channel over Ethernet requires 10 Gigabit internet.

Which of the following is true about Network Address Translation? A) It provides end-device to end-device traceability. B) It supports up to 5,000 concurrent connections. C) It allows external hosts to initiate communication with internal hosts. D) It cannot forward DNS requests to the internet.

B) It supports up to 5,000 concurrent connections.

You manage a network with three dedicated storage devices, as shown in the diagram. Users on the network see only a single file server. Which network-based storage technology is being used? A) iSCSI SAN with clustering B) NAS with clustering C) NAS D) Fibre Channel SAN

B) NAS with clustering

You are the network administrator for a small company that implements NAT to access the internet. However, you recently acquired five servers that must be accessible from outside your network. Your ISP has provided you with five additional registered IP addresses to support these new servers, but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these servers? A) Restricted B) Static C) Dynamic D) Overloading

B) Static

Which of the following switch attacks bypasses the normal functions of a router to communicate between VLANs and gain unauthorized access to traffic on another VLAN? A) MAC spoofing B) Switch spoofing C) ARP spoofing D) Dynamic Trunking Protocol attack

B) Switch spoofing

Kate, a network administrator, has been tasked with staying within the company budget. She has a large network and doesn't want to spend more than she needs to on purchasing and registering multiple public IP addresses for each of the hosts on her network. Which of the following methods could help her provide internet access but also keep costs low and limit the number of registered IP addresses her organization needs to purchase? A) Use PoE devices. B) Use Network Address Translation. C) Use Layer 2 switches. D) Use Layer 3 switches.

B) Use Network Address Translation.

Which of the following scenarios would cause a problem in asymmetric routing? A) Using two switches in the traffic flow. B) Using two stateful firewalls in the traffic flow. C) Using two routers in the traffic flow. D) Using a hub in the traffic flow.

B) Using two stateful firewalls in the traffic flow.

A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned both networks. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do? A) Stop and restart the RIP protocol on the router. B) Wait for convergence to take place. C) Manually reconfigure the default route to point to the new next hop router. D) Force RIP to perform an immediate update.

B) Wait for convergence to take place.

Which of the following utilities would you use to view the routing table? A) dig B) route C) traceroute D) mtr E) tracert

B) route

Which of the following is NOT one of the IP address ranges defined in RFC 1918 that are commonly used behind a NAT server? A) 172.16.0.1 to 172.31.255.254 B) 192.168.0.1 to 192.168.255.254 C) 169.254.0.1 to 169.254.255.254 D) 10.0.0.1 to 10.255.255.254

C) 169.254.0.1 to 169.254.255.254

Which of the following best describes DHCP scope exhaustion? A) When a DHCP snooping technique is used to drop packets from untrusted DHCP servers. B) When IP address lease times on a DHCP server are shortened. C) A denial of service from a lack of IP addresses in a DHCP server's pool. D) When an attacker adds a second DHCP server to a network and offers IP addresses to clients wanting to join the network.

C) A denial of service from a lack of IP addresses in a DHCP server's pool.

Which of the following BEST describes an ARP spoofing attack? A) An attack where a frame is manipulated to contain two tags. B) An attack that changes the source MAC address on frames. C) An attack that associates an attacker's MAC address with the IP address of a victim's device. D) An attack in which a switch is flooded with packets, each containing a different source MAC address.

C) An attack that associates an attacker's MAC address with the IP address of a victim's device.

C) Application, Control, and Infrastructure

C) Application, Control, and Infrastructure

Which of the following scenarios would typically utilize 802.1x authentication? A) Authenticating VPN users through the internet. B) Authenticating remote access clients. C) Controlling access through a switch. D) Controlling access through a router.

C) Controlling access through a switch.

You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having issues. Which of the following configuration values would you MOST likely need to change? A) DNS server B) IP address C) Default gateway D) Subnet mask

C) Default gateway

Which device is NAT typically implemented on? A) AD server B) RADIUS server C) Default gateway router D) ISP router

C) Default gateway router

Which of the following are true of the IS-IS routing protocol? (Select two.) A) It is a classful protocol. B) It uses bandwidth and delay for the metric. C) It supports IPv6 routing. D) It is best suited for small networks. E) A router is the boundary between one area and another. F) It divides large networks into areas.

C) It supports IPv6 routing. F) It divides large networks into areas.

An attacker hides his computer's identity by impersonating another device on a network. Which of the following attacks did the attacker MOST likely perform? A) VLAN hopping attack B) DTP attack C) MAC spoofing attack D) ARP spoofing attack

C) MAC spoofing attack

What is the main difference between RIP and RIPv2? A) RIP use hop count for the metric, while RIPv2 uses a relative link cost. B) RIP has a limit of 15 hops, while RIPv2 increases the hop count limit. C) RIP is a classful protocol, while RIPv2 is a classless protocol. D) RIP is a distance vector protocol, while RIPv2 is a link state protocol.

C) RIP is a classful protocol, while RIPv2 is a classless protocol.

Which of the following BEST describes dynamic routing? A) Routing is done between autonomous systems. B) Routing is done within an autonomous system. C) Routers learn about networks by sharing routing information with each other. D) Routing entries are manually added to routing tables.

C) Routers learn about networks by sharing routing information with each other.

You are unsure if the gateway address is correct for one of your subnetworks because traffic is not leaving the network. Which of the following tables could you look at to check if the gateway address is correct? A) MAC address table B) State table C) Routing table D) ARP table

C) Routing table

Which of the following NAT implementations maps a single private IP address to a single public IP address on the NAT router? A) Dynamic NAT B) Many-to-one NAT C) Static NAT D) IP masquerade

C) Static NAT

In which of the following tables does a NAT router store port numbers and their associated private IP addresses? A) Routing table B) MAC address table C) Translation table D) ARP table

C) Translation table

You have two switches connected together as shown in the following diagram. How many broadcast domains are in the network? A) Zero B) One C) Two D) Four E) Five

C) Two

Which of the following attacks manipulates a switch's auto-negotiation setting to access a virtual local area network that's connected to the same switch as the attacker's virtual local area network? A) MAC spoofing B) Dynamic Trunking Protocol attack C) VLAN spoofing D) ARP spoofing

C) VLAN spoofing

Which of the following BEST defines a SAN? A) A mid-tier speed switch B) A top-of-rack switch C) A Core layer switch D) A block-level storage network

D) A block-level storage network

Which of the following routing protocols is a hybrid that uses a composite number for its metric based on bandwidth and delay? A) OSPF B) RIP C) BGP D) EIGRP

D) EIGRP

Jake is a network administrator for a hospital. There is medical equipment that relies on having uninterrupted internet connectivity. Which of the following types of routing protocols should Jake focus on to ensure that the hospital's network connectivity remains reliable? A) Interior dynamic routing protocols B) Distance vector routing protocols C) Link state routing protocols D) Exterior dynamic routing protocols

D) Exterior dynamic routing protocols

Which of the following are the components of a SAN? A) Distribution switches, targets, and SAN fabric B) Access switches, SAN fabric, and hosts C) SAN fabric, core switches, and the initiator D) Hosts, storage, and SAN fabric

D) Hosts, storage, and SAN fabric

Which option BEST describes the third layer in the SDN architecture? A) Application B) Contol C) Management D) Infrastructure

D) Infrastructure

You have only one physical interface but want to connect two IP networks. Which of the following would allow you to do so? A) The sticky feature B) A loopback address C) Virtual IPs D) Subinterfaces

D) Subinterfaces

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation? A) Spanning Tree B) VPN C) Port security D) VLAN

D) VLAN

A workstation's network board is currently configured as follows: Network Speed = Auto Duplexing = Auto The workstation is experiencing poor network performance, and you suspect that the network board is incorrectly detecting the network speed and duplex settings. Upon investigation, you find that it's running at 10 Mbps half-duplex. You know that your network switch is capable of much faster throughput. To fix this issue, you decide to manually configure these settings on the workstation. Before you do so, you need to verify the switch port configuration for the connected workstation. Given that it's a Cisco switch, which commands can you use on the switch to show a list of all switch ports and their current settings? (Select two.) A) show interface ethernet counters B) show interface capabilities C) show interface switchport D) show interface E) show running-config interface

D) show interface E) show running-config interface

You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, how can you force switch C to become the root bridge? A) Remove link cables 1 and 6 from the configuration. B) Configure a priority number of 61440 for switch C. C) Remove link cable 1 from the configuration. D) Remove link cable 6 from the configuration. E) Configure a priority number of 4096 for switch C.

E) Configure a priority number of 4096 for switch C.


Ensembles d'études connexes

general science: what is science? test

View Set

Abdominal and Genitourinary Trauma

View Set

Chapter 9: Health Insurance Policy Provisions EXAM

View Set

spanish Madrid culture and pictures

View Set

Test 3 Substance-Related and Addictive Disorders DSM-5 Self-Exam Questions

View Set