Chapter 5 Questions
What is the maximum value for any octet in an Internet Protocol version 4 (IPv4) address? 65 513 129 255
255
What network port number is used for unencrypted web-based communication by default? 443 3389 143 80
80
What protocol is responsible for assigning Internet Protocol (IP) addresses to hosts on many networks? IP Simple Mail Transfer Protocol (SMTP) Transport Layer Security (TLS) Dynamic Host Configuration Protocol (DHCP)
Dynamic Host Configuration Protocol (DHCP)
T/F: DHCP provides systems with their MAC addresses.
False
T/F: IP addresses are assigned to computers by the manufacturers.
False - MAC addresses are assigned to computers by the manufacturers
What type of firewall security feature limits the volume of traffic from individual hosts? Flood guard Stateful inspection Loop protection Network segmentation
Flood guard
Carrie is a network technician developing the Internet Protocol (IP) addressing roadmap for her company. While IP version 4 (IPv4) has been the standard for decades, IP version 6 (IPv6) can provide a much greater number of unique IP addresses. Which addressing system should she designate for primary use on her roadmap and why? a) IPv6 is only slowly being adopted. She should make IPv4 the primary addressing scheme in her roadmap until IPv6 is more widely adopted. b) IPv6 is rapidly replacing IPv4 worldwide. She should make IPv6 the primary addressing scheme in her roadmap. c) Few commercial businesses still use IPv4. She should feature IPv6 strongly in her roadmap rather than have her company fall behind technologically. d) There will be adequate IPv4 addresses available well into the future. She should make IPv4 the primary addressing scheme.
IPv6 is only slowly being adopted. She should make IPv4 the primary addressing scheme in her roadmap until IPv6 is more widely adopted.
Maria is a freelance network consultant. She is setting up security for a small business client's wireless network. She is configuring a feature in the wireless access point (WAP) that will allow only computers with certain wireless network cards to connect to the network. This feature filters out the network cards of any wireless computer not on the list. What is this called? Subnetting Uniform Resource Locator (URL) filtering Service set identifier (SSID) broadcasting Media Access Control (MAC) address filtering
Media Access Control (MAC) address filtering
Isabella is a network engineer. She would like to strengthen the security of her organization's networks by adding more requirements before allowing a device to connect to a network. She plans to add authentication to the wireless network and posture checking to the wired network. What technology should Isabella use? Network access control (NAC) Virtual LAN (VLAN) Virtual private network (VPN) A demilitarized zone (DMZ)
Network access control (NAC)
Susan is troubleshooting a problem with a computer's network cabling. At which layer of the Open Systems Interconnection (OSI) Reference Model is she working? Physical Presentation Application Session
Physical
What firewall approach is shown in the figure, assuming the firewall has three network cards? Unified threat management Bastion host Border firewall Screened subnet
Screened subnet
There are a large number of protocols and programs that use port numbers to make computer connections. Of the following, which ones do not use port numbers? Simple Mail Transfer Protocol (SMTP) or Post Office Protocol v3 (POP3) Secure Sockets Layer (SSL) or Transport Layer Security (TLS) File Transfer Protocol (FTP) data transfer or FTP control Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS)
Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
T/F: A router is a device that interconnect two or more networks and selectively interchanges packets of data between them.
True
T/F: A secure virtual private network (VPN) creates an authenticated and encrypted channel across some form of public network.
True
T/F: The three basic types of firewalls are packet filtering, application proxy, and stateful inspection.
True
Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use? Unified threat management (UTM) Router VPN concentrator Firewall
VPN concentrator
Wen is a network engineer. He would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology is best to use? Transport Layer Security (TLS) Virtual LAN (VLAN) Network access control (NAC) Virtual private network (VPN)
Virtual LAN (VLAN)
Which VPN technology allows users to initiate connections over the web? a) SSL/TLS b) PPTP c) IPSec d) ICMP
a) SSL/TLS
The basic job of a(n)__________ is to enforce an access control policy of a network. a) firewall b) router c) switch d) access point
a) firewall
Which layer of the OSI Reference Model is most commonly responsible for encryption? a) Application b) Presentation c) Session d) Transport
b) Presentation
Which simple device helps to increase network performance by using the MAC address to send network traffic only to its intended destination? a) Hub b) Switch c) Router d) Gateway
b) switch
A _________ is a critical element in every corporate network today, allowing access to an organization's resources from almost anywhere in the world. a) local area network (LAN) b) wide area network (WAN) c) Dynamic Host Configuration Protocol (DHCP) d) none of these is correct
b) wide area network (WAN) - keywords: anywhere in the world
The basic model for how you can build and use a network and its resources is known as the: a) Dynamic Host Configuration Protocol (DHCP) model b) International Organization for Standardization (ISO) model c) Open Systems Interconnection (OSI) Reference Model d) None of these is correct
c) Open Systems Interconnection (OSI) Reference Model
What technology is the most secure way to encrypt wireless communications? a) TCP b) WEP c) WPA d) UDP
c) WPA
Miriam is a network administrator. She would like to use a wireless authentication technology similar to that found in hotels where users are redirected to a webpage when they connect to the network. What technology should she deploy? Captive portal Protected Extensible Authentication Protocol (PEAP) Remote Authentication Dial-In User Service (RADIUS) Lightweight Extensible Authentication Protocol (LEAP)
captive portal
What technology allows you to hide the private IPv4 address of a system from the Internet? a) SSL b) RADIUS c) PPTP d) NAT
d) NAT
What firewall topology supports the implementation of a DMZ? a) Bastion host b) Multilayered firewall c) Border firewall d) Screened subnet
d) Screened subnet
__________ is a suite of protocols that was developed by the Department of Defense to provide a highly reliable and fault-tolerant network infrastructure. a) DHCP b) VPN c) IPSec d) TCP/IP
d) TCP/IP
A ________ is used to identify the part of an Ethernet network where all hosts share the same host address. access point switch router subnet mask
subnet mask The dividing line between the network and host addresses is a network configuration parameter known as the subnet mask, which can change based on the way an administrator configures the network. All hosts that share the same network address are part of a subnet, which is a partition of a network based on Internet Protocol (IP) addresses.
On early Ethernet networks, all computers were connected to a single wire, forcing them to take turns on a local area network (LAN). Today, this situation is alleviated on larger networks because each computer has a dedicated wire connected to a ___________ that controls a portion of the LAN. server router firewall switch
switch